Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: qj36hv0XO8AE2e7YX+Pt6F5Av9OZQnUJIFWbsK/X7Ek=
Subject key identifier: 87:69:13:40:A5:38:84:E6:CD:9A:BD:2B:A3:6E:E7:7A:1E:61:6E:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B53B171E70EE03FEE985E30BDB20D34C717480D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Tue 21 Oct 2025 14:50:08 +0000
ROA not before: Tue 21 Oct 2025 14:50:08 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:53:b1:71:e7:0e:e0:3f:ee:98:5e:30:bd:b2:0d:34:c7:17:48:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:08 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cca976bfc66e32ca7670e989562e433ececb88529a25c8b1c38ce897c950fb01, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b8:65:5e:15:8a:01:53:27:87:7d:02:b4:7f:
b4:cf:da:db:75:63:64:11:1a:9a:8a:5f:00:a6:ca:
db:aa:04:59:ae:ab:7e:e5:6a:f8:d5:b6:6b:ca:e6:
85:49:7c:52:51:f0:8a:a4:9b:6e:a9:c1:04:a9:25:
a3:06:26:7d:46:2e:58:a4:b9:d5:bc:b0:d9:4d:3b:
5d:b4:c7:24:f2:02:c5:18:1b:93:74:8a:b8:24:e2:
d0:96:73:bb:c9:cf:91:f9:17:9b:20:f4:02:98:4b:
4d:cb:6f:d8:6f:2b:18:a5:ef:f9:1a:00:e7:bc:b8:
57:32:ff:a4:b2:b3:47:3d:c1:bb:cc:f1:c5:f1:24:
82:60:03:c4:d4:bb:16:b5:68:6b:e2:ef:46:2e:98:
f2:62:bd:d9:e1:a6:dd:2e:81:9a:9d:d9:ee:cf:64:
05:a0:70:a7:da:7e:bd:f1:aa:ea:a0:ff:8e:30:df:
a3:c3:75:70:4d:f9:da:b3:99:53:6f:4e:d0:07:09:
71:14:b2:ce:c4:73:6c:ce:0a:c9:95:78:cd:a1:20:
9c:85:ea:3a:1a:02:82:3c:5d:f3:ac:2c:18:0c:18:
2c:c0:3b:a5:22:8c:c2:db:56:4f:ed:b1:02:42:d4:
73:47:cf:43:d0:f8:9c:ef:c1:95:54:94:e6:f1:82:
6f:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:69:13:40:A5:38:84:E6:CD:9A:BD:2B:A3:6E:E7:7A:1E:61:6E:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
85:49:5f:c0:6e:6c:df:f1:ff:b7:2a:55:b3:27:45:75:af:5f:
38:df:ec:a0:2c:22:dc:f1:bb:b5:d1:80:07:74:57:eb:b0:18:
9c:21:81:47:f9:19:25:e5:fa:d6:d9:5b:03:55:36:02:19:b4:
35:59:12:55:41:a5:34:78:84:de:fb:98:62:28:d2:3f:99:0a:
4b:f6:d7:64:ad:83:a2:58:df:67:22:92:e8:d4:85:d2:a4:f9:
59:b4:e9:87:35:53:d5:12:3b:e8:b7:ea:ef:85:b5:df:d6:14:
ca:dc:f0:8d:dd:a7:1e:a2:06:fd:b0:f0:99:b5:e1:3b:f5:40:
bc:d1:66:5d:d3:36:00:db:13:89:e7:2e:a3:86:e7:3a:95:77:
0c:20:0d:1f:30:94:c4:68:63:69:ba:75:41:df:53:2e:1b:d7:
3b:6e:4b:61:1e:35:81:e3:af:d1:97:d2:35:96:74:0f:6d:dd:
81:c5:97:97:18:ee:5e:c0:ce:f3:1a:ed:da:85:dc:d4:3d:e5:
7f:08:f8:30:e7:ff:d6:93:92:0c:8d:30:fe:c5:72:6a:bd:99:
bb:63:f9:97:d0:8e:82:51:8d:e2:f7:c2:4c:6c:d1:47:f0:37:
b0:7f:23:05:0f:0d:f7:3f:2b:e7:63:98:57:0c:e5:06:81:41:
f1:a0:ea:96
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe1OxcecO4D/umF4wvbINNMcXSA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNjYTk3NmJmYzY2ZTMyY2E3NjcwZTk4OTU2MmU0MzNlY2VjYjg4NTI5YTI1
YzhiMWMzOGNlODk3Yzk1MGZiMDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANO4ZV4VigFTJ4d9ArR/tM/a23VjZBEamopfAKbK26oEWa6rfuVq+NW2a8rm
hUl8UlHwiqSbbqnBBKklowYmfUYuWKS51byw2U07XbTHJPICxRgbk3SKuCTi0JZz
u8nPkfkXmyD0AphLTctv2G8rGKXv+RoA57y4VzL/pLKzRz3Bu8zxxfEkgmADxNS7
FrVoa+LvRi6Y8mK92eGm3S6Bmp3Z7s9kBaBwp9p+vfGq6qD/jjDfo8N1cE352rOZ
U29O0AcJcRSyzsRzbM4KyZV4zaEgnIXqOhoCgjxd86wsGAwYLMA7pSKMwttWT+2x
AkLUc0fPQ9D4nO/BlVSU5vGCb30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSHaRNA
pTiE5s2avSujbud6HmFuRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQCFSV/Abmzf8f+3KlWzJ0V1r1843+ygLCLc8bu10YAH
dFfrsBicIYFH+Rkl5frW2VsDVTYCGbQ1WRJVQaU0eITe+5hiKNI/mQpL9tdkrYOi
WN9nIpLo1IXSpPlZtOmHNVPVEjvot+rvhbXf1hTK3PCN3aceogb9sPCZteE79UC8
0WZd0zYA2xOJ5y6jhuc6lXcMIA0fMJTEaGNpunVB31MuG9c7bkthHjWB46/Rl9I1
lnQPbd2BxZeXGO5ewM7zGu3ahdzUPeV/CPgw5//Wk5IMjTD+xXJqvZm7Y/mX0I6C
UY3i98JMbNFH8DewfyMFDw33PyvnY5hXDOUGgUHxoOqW
-----END CERTIFICATE-----
Generated at Wed Oct 22 08:29:21 2025 by rpki-client