Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: AN3GXwcPC0WEgmRVkO0aUCzsfWq93vedDU5zbI9aaPw=
Subject key identifier: 71:42:B3:BD:EE:F0:B1:AB:F6:39:FA:11:53:25:4B:25:69:53:70:8C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BB503A601015BE4D7CA053D71A0EABCBC2AFBC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Sat 15 Nov 2025 06:50:19 +0000
ROA not before: Sat 15 Nov 2025 06:50:19 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:b5:03:a6:01:01:5b:e4:d7:ca:05:3d:71:a0:ea:bc:bc:2a:fb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:19 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=5c34c9cf9de1ff8b9a9310fb5f4ea29d26998a42aae0b2d15f2b6e2c66c5c52f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d5:81:60:ec:54:9a:37:2e:9c:13:22:15:23:
ae:8b:12:db:66:ad:76:56:12:ba:59:24:6f:93:48:
d6:af:10:85:7d:95:9c:2c:53:34:85:ba:19:2a:5f:
24:92:7c:4d:2a:00:46:2a:82:bb:72:67:ba:33:00:
5d:19:ac:b0:8d:83:08:6a:a7:4b:f0:f3:c5:df:9b:
5b:9d:68:1e:99:30:8a:8b:51:58:bb:a8:c4:2b:68:
60:4d:49:e9:e4:69:e5:a4:10:70:d6:41:5d:c6:f3:
04:9e:5f:38:db:ba:64:19:f0:b5:62:55:b0:a5:9a:
2e:7a:03:6e:a1:74:ce:ef:f8:8d:d5:08:e1:1c:a2:
24:03:70:fe:68:d8:60:46:2d:40:08:79:91:48:74:
68:68:2d:00:2a:df:7b:c3:10:a8:0d:49:8d:2b:d2:
94:1c:3a:6b:e8:30:a6:73:1d:b3:76:46:1e:4f:d4:
28:91:07:e9:c6:02:65:90:15:1a:59:bd:ca:c7:9b:
79:ab:96:34:e5:31:9b:9d:ef:ef:6e:7b:72:b5:d9:
b5:d3:c2:0d:b5:59:8f:f9:b5:2f:be:35:90:e1:bd:
05:6e:21:94:34:32:54:4a:69:3b:be:eb:d0:b9:bb:
48:80:4d:92:3f:2d:7a:5c:57:1b:18:c1:37:47:cf:
3c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:42:B3:BD:EE:F0:B1:AB:F6:39:FA:11:53:25:4B:25:69:53:70:8C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
49:95:75:45:c6:d2:d6:78:51:61:5c:ea:cb:0d:f2:85:ba:25:
e3:da:ea:3f:c5:3a:cd:ea:9c:35:ae:69:9b:0c:a5:0e:6a:0e:
8e:95:b5:e4:88:17:a4:fb:42:81:47:bd:b5:6b:6b:f5:e6:14:
fd:fe:43:92:4a:5a:df:d5:22:fc:1a:88:ec:65:a9:c2:78:e4:
99:cf:e1:8d:a1:af:b4:4e:c5:c8:38:f9:56:6f:9b:c7:d6:cc:
f2:a6:7a:84:42:64:52:ff:7c:18:a9:79:cf:10:3e:64:aa:ff:
41:4d:0b:e9:7f:63:03:6b:00:70:a5:1e:9c:a6:e4:36:03:89:
8e:aa:b3:14:04:60:0f:1a:df:08:0d:b8:78:29:68:23:1f:b4:
e8:d4:be:8b:de:15:a2:2b:01:cd:7f:62:a7:b2:33:26:67:89:
11:19:16:6f:a4:95:ad:e1:d9:b9:b6:d3:a0:c1:91:73:d7:05:
0e:f8:86:f9:c1:69:d1:bb:d9:80:01:ec:5f:4d:a2:28:de:ae:
bc:21:dd:96:5e:f8:48:24:67:01:e3:c1:15:0c:ca:18:dd:5d:
f2:a4:57:2c:49:09:e1:19:ca:f4:38:e0:2a:ef:9f:ef:fa:c1:
71:94:9a:15:da:9e:53:e6:94:4a:59:cd:78:7b:6b:2b:3d:5c:
cb:27:e1:e7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUS7UDpgEBW+TXygU9caDqvLwq+8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwMTlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjMzRjOWNmOWRlMWZmOGI5YTkzMTBmYjVmNGVhMjlkMjY5OThhNDJhYWUw
YjJkMTVmMmI2ZTJjNjZjNWM1MmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrVgWDsVJo3LpwTIhUjrosS22atdlYSulkkb5NI1q8QhX2VnCxTNIW6GSpf
JJJ8TSoARiqCu3JnujMAXRmssI2DCGqnS/Dzxd+bW51oHpkwiotRWLuoxCtoYE1J
6eRp5aQQcNZBXcbzBJ5fONu6ZBnwtWJVsKWaLnoDbqF0zu/4jdUI4RyiJANw/mjY
YEYtQAh5kUh0aGgtACrfe8MQqA1JjSvSlBw6a+gwpnMds3ZGHk/UKJEH6cYCZZAV
Glm9ysebeauWNOUxm53v7257crXZtdPCDbVZj/m1L741kOG9BW4hlDQyVEppO77r
0Lm7SIBNkj8telxXGxjBN0fPPDMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRxQrO9
7vCxq/Y5+hFTJUslaVNwjDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQBJlXVFxtLWeFFhXOrLDfKFuiXj2uo/xTrN6pw1rmmb
DKUOag6OlbXkiBek+0KBR721a2v15hT9/kOSSlrf1SL8GojsZanCeOSZz+GNoa+0
TsXIOPlWb5vH1szypnqEQmRS/3wYqXnPED5kqv9BTQvpf2MDawBwpR6cpuQ2A4mO
qrMUBGAPGt8IDbh4KWgjH7To1L6L3hWiKwHNf2KnsjMmZ4kRGRZvpJWt4dm5ttOg
wZFz1wUO+Ib5wWnRu9mAAexfTaIo3q68Id2WXvhIJGcB48EVDMoY3V3ypFcsSQnh
Gcr0OOAq75/v+sFxlJoV2p5T5pRKWc14e2srPVzLJ+Hn
-----END CERTIFICATE-----
Generated at Sat Nov 15 11:28:21 2025 by rpki-client