Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
File: 49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa (raw, json)
Hash identifier: Gob0vUGDV7wFM0g75TtM8tYh6hYjjGzkh1ZXTVpz63M=
Subject key identifier: EF:64:EF:03:2C:21:75:46:61:C6:C2:63:5B:35:5F:5F:8A:23:5A:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 475DC12386949C43CFD55143ADABE51F0880E54A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
Signing time: Mon 01 Sep 2025 21:30:40 +0000
ROA not before: Mon 01 Sep 2025 21:30:40 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 14:36:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:5d:c1:23:86:94:9c:43:cf:d5:51:43:ad:ab:e5:1f:08:80:e5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:40 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=b4311f8448945aef57364bdda2086911c679d4f09ea33f2d9f381f35c22c1b36, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:de:a2:81:b3:1d:83:9a:8d:dc:5c:d8:34:
fb:dc:40:a7:42:cd:8e:ca:87:c0:fc:2c:d4:9b:e9:
ac:a6:ca:00:d9:cc:a7:5e:ea:c6:23:dd:58:a6:d4:
96:bd:55:bb:c7:af:d4:8d:1b:bc:86:53:1f:79:c9:
ea:ff:45:4a:09:7c:b7:98:80:dc:b3:03:39:0f:d9:
8e:9e:47:58:a4:82:47:a0:38:88:4e:7e:61:36:2a:
c5:85:83:6d:3a:e9:5b:15:8f:a2:92:e0:22:33:90:
42:ab:64:dc:98:55:24:8e:58:9c:e4:fe:05:46:b4:
1d:ff:d9:4b:63:b9:32:a5:96:8a:80:e9:f8:06:06:
04:40:63:1e:23:dd:eb:23:ba:1b:9d:57:15:17:80:
45:d7:41:90:47:fc:6e:7e:3b:ba:e9:6e:99:17:fe:
68:3d:b5:6d:94:78:c2:60:db:26:a6:c7:98:8a:b1:
32:da:f4:b4:ee:0f:b2:57:f4:34:43:9c:13:25:e6:
1f:0a:8c:7e:c2:f6:54:bd:73:3d:f6:8a:cc:37:8b:
0c:3c:6e:73:22:38:8e:05:a3:4f:48:01:aa:04:d8:
e2:0f:35:bc:33:b4:34:fe:96:c6:6c:70:71:db:45:
a0:fc:5a:0b:9c:28:88:69:22:b9:51:dc:b1:92:f6:
fa:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:64:EF:03:2C:21:75:46:61:C6:C2:63:5B:35:5F:5F:8A:23:5A:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/49b2b5d5-46a7-42a3-9900-bcb7e3edffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
20:9d:06:de:ba:f8:64:09:40:4a:a6:e7:86:e6:da:7a:4f:ab:
4e:d5:3e:ee:e5:75:ec:41:bd:a2:ec:4f:3d:d6:ba:08:e1:72:
06:eb:98:d6:eb:c8:26:3e:22:70:ff:36:7c:91:ca:f6:00:b0:
54:a8:f4:3e:c0:11:72:4d:73:f6:e2:cf:8a:7e:8b:4d:e8:c1:
dd:4c:b1:3c:83:c5:52:68:22:32:64:ff:b0:35:cb:33:bc:27:
65:3e:58:76:60:d4:62:74:db:0e:f0:a8:c1:5b:5a:c4:a4:48:
cc:da:91:f5:e4:51:e0:d8:81:de:a2:8a:fb:a3:ad:49:94:79:
9f:b9:f5:8d:71:d8:9f:26:82:16:9a:95:0f:3d:7d:f9:c4:75:
79:b1:98:43:cb:d7:10:83:82:33:7a:17:6a:41:95:13:b1:63:
8a:9d:29:8d:54:76:23:cb:84:f9:94:43:c5:18:05:a7:aa:de:
0d:ed:e3:84:d2:ef:34:a7:14:eb:5b:26:2a:0a:2b:18:25:b5:
62:16:64:f3:d8:47:b1:25:82:be:98:d6:98:dc:19:94:70:01:
ca:63:8b:16:eb:76:8e:7c:da:92:2a:44:86:ec:17:c1:ab:d2:
68:ce:b9:05:1a:97:e8:61:c2:a3:df:2c:21:3c:ca:cb:dc:2f:
68:aa:5a:c7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR13BI4aUnEPP1VFDravlHwiA5UowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwNDBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI0MzExZjg0NDg5NDVhZWY1NzM2NGJkZGEyMDg2OTExYzY3OWQ0ZjA5ZWEz
M2YyZDlmMzgxZjM1YzIyYzFiMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKes3qKBsx2Dmo3cXNg0+9xAp0LNjsqHwPws1JvprKbKANnMp17qxiPdWKbU
lr1Vu8ev1I0bvIZTH3nJ6v9FSgl8t5iA3LMDOQ/Zjp5HWKSCR6A4iE5+YTYqxYWD
bTrpWxWPopLgIjOQQqtk3JhVJI5YnOT+BUa0Hf/ZS2O5MqWWioDp+AYGBEBjHiPd
6yO6G51XFReARddBkEf8bn47uulumRf+aD21bZR4wmDbJqbHmIqxMtr0tO4Pslf0
NEOcEyXmHwqMfsL2VL1zPfaKzDeLDDxucyI4jgWjT0gBqgTY4g81vDO0NP6Wxmxw
cdtFoPxaC5woiGkiuVHcsZL2+iUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTvZO8D
LCF1RmHGwmNbNV9fiiNawTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDliMmI1ZDUtNDZhNy00MmEzLTk5MDAtYmNiN2UzZWRmZmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAgnQbeuvhkCUBKpueG5tp6T6tO1T7u5XXsQb2i7E89
1roI4XIG65jW68gmPiJw/zZ8kcr2ALBUqPQ+wBFyTXP24s+KfotN6MHdTLE8g8VS
aCIyZP+wNcszvCdlPlh2YNRidNsO8KjBW1rEpEjM2pH15FHg2IHeoor7o61JlHmf
ufWNcdifJoIWmpUPPX35xHV5sZhDy9cQg4IzehdqQZUTsWOKnSmNVHYjy4T5lEPF
GAWnqt4N7eOE0u80pxTrWyYqCisYJbViFmTz2EexJYK+mNaY3BmUcAHKY4sW63aO
fNqSKkSG7BfBq9JozrkFGpfoYcKj3ywhPMrL3C9oqlrH
-----END CERTIFICATE-----
Generated at Fri Sep 19 21:02:10 2025 by rpki-client