Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: yGugG2bvx84MVbYpuDypaPegidTn6zZ2Z75qkIGiJ8M=
Subject key identifier: 59:C8:6B:48:39:E5:CA:78:8D:B5:7E:F8:EA:69:36:6D:E9:7E:EB:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 250E240D679D30349B9B202FF0205F1694F00649
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Mon 01 Sep 2025 21:40:20 +0000
ROA not before: Mon 01 Sep 2025 21:40:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:0e:24:0d:67:9d:30:34:9b:9b:20:2f:f0:20:5f:16:94:f0:06:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=d417e5e021476deefa8d32411a00be0a2e5f7f0964b37d1af2287160a1ad07fc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:11:78:47:4a:78:0a:60:b9:b5:e1:09:2b:
7e:b2:d3:d4:8d:da:99:26:ab:62:7b:72:06:b4:c9:
cc:aa:2c:1e:ec:24:a8:97:e2:52:77:9b:c3:12:ee:
5f:3c:e0:7c:ab:22:16:5f:1c:ce:63:d8:c2:f2:11:
23:55:fb:f7:2f:aa:8f:e0:7d:31:db:11:84:f4:7c:
29:a3:a2:2e:55:34:11:62:f3:c1:85:fa:ff:1f:9c:
59:06:6b:db:ae:d5:ef:9f:2f:32:bd:61:38:85:bd:
87:7a:ad:d5:2e:a9:a5:ce:71:c9:2d:a5:10:a6:fa:
7c:86:eb:88:64:0a:94:31:5e:49:1a:d3:8e:5b:de:
df:01:c7:0e:08:ad:12:fe:13:6f:52:c0:b1:59:07:
3e:8b:37:67:75:d3:12:c0:60:71:42:dd:9e:b4:1d:
96:68:e7:ec:f8:97:d5:48:0d:f9:fb:ee:aa:58:87:
cd:fb:74:9c:eb:a6:12:eb:2b:62:fe:a7:ee:1f:02:
76:13:7d:15:12:87:36:aa:48:9d:af:86:89:c2:c2:
af:71:37:b0:d0:2d:8f:a4:64:49:b8:e7:9d:98:d4:
7d:88:02:f5:4d:a3:3d:ff:4b:82:fa:b1:0f:5a:51:
93:18:7b:64:d7:56:b0:ad:f6:e1:1f:d3:f7:da:c0:
0f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:C8:6B:48:39:E5:CA:78:8D:B5:7E:F8:EA:69:36:6D:E9:7E:EB:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:be:84:b8:68:8f:bc:04:a3:9f:0c:44:10:df:37:a2:9c:6e:
56:3e:87:8d:b2:03:65:58:ff:c9:61:d1:70:29:86:21:ef:dd:
f7:dd:64:bd:f4:8c:18:c1:d4:4e:cb:57:d0:99:75:ef:de:2e:
ca:00:fa:58:1b:1d:ce:75:01:6c:a4:06:8f:fa:28:51:15:9d:
c7:58:0a:2b:db:8a:4a:e9:59:70:18:ad:de:82:64:69:cb:00:
29:2b:11:5f:cb:65:f3:cc:f8:57:1f:d7:9c:7a:b7:88:9e:c2:
d4:86:03:13:78:1d:97:04:cc:65:1f:e4:c3:bd:eb:0c:ac:7a:
2a:b1:4c:89:b7:91:41:d3:0d:c5:d6:d8:71:82:e6:d0:2d:ee:
9a:09:a9:f3:95:a6:5a:df:c7:bc:5d:7c:1c:70:75:57:c1:d8:
ae:35:ed:c6:19:1f:b7:4f:5c:8e:d4:a7:ee:4b:50:be:b2:b2:
ab:ee:85:01:8b:80:e6:a0:fc:a1:4c:42:e6:6b:cf:82:b4:eb:
09:84:d9:d5:15:32:c0:ce:13:7a:35:ce:d3:88:55:95:87:1f:
7b:2c:62:1b:83:1e:80:1c:4b:36:13:fa:86:63:54:01:27:49:
d2:55:14:ff:71:88:f0:3f:b2:f8:3f:5b:20:f5:6c:6e:45:8f:
44:1e:4f:4f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJQ4kDWedMDSbmyAv8CBfFpTwBkkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MTdlNWUwMjE0NzZkZWVmYThkMzI0MTFhMDBiZTBhMmU1ZjdmMDk2NGIz
N2QxYWYyMjg3MTYwYTFhZDA3ZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALDqEXhHSngKYLm14QkrfrLT1I3amSarYntyBrTJzKosHuwkqJfiUnebwxLu
XzzgfKsiFl8czmPYwvIRI1X79y+qj+B9MdsRhPR8KaOiLlU0EWLzwYX6/x+cWQZr
267V758vMr1hOIW9h3qt1S6ppc5xyS2lEKb6fIbriGQKlDFeSRrTjlve3wHHDgit
Ev4Tb1LAsVkHPos3Z3XTEsBgcULdnrQdlmjn7PiX1UgN+fvuqliHzft0nOumEusr
Yv6n7h8CdhN9FRKHNqpIna+GicLCr3E3sNAtj6RkSbjnnZjUfYgC9U2jPf9Lgvqx
D1pRkxh7ZNdWsK324R/T99rAD20CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZyGtI
OeXKeI21fvjqaTZt6X7rQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQB+voS4aI+8BKOfDEQQ3zeinG5WPoeNsgNlWP/JYdFw
KYYh79333WS99IwYwdROy1fQmXXv3i7KAPpYGx3OdQFspAaP+ihRFZ3HWAor24pK
6VlwGK3egmRpywApKxFfy2XzzPhXH9ecereInsLUhgMTeB2XBMxlH+TDvesMrHoq
sUyJt5FB0w3F1thxgubQLe6aCanzlaZa38e8XXwccHVXwdiuNe3GGR+3T1yO1Kfu
S1C+srKr7oUBi4DmoPyhTELma8+CtOsJhNnVFTLAzhN6Nc7TiFWVhx97LGIbgx6A
HEs2E/qGY1QBJ0nSVRT/cYjwP7L4P1sg9WxuRY9EHk9P
-----END CERTIFICATE-----
Generated at Wed Sep 17 06:08:26 2025 by rpki-client