Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: nyGGCgFOu4sS7FiSQQytSSCJWje6hLSkFt2SGMKJFI4=
Subject key identifier: D2:91:07:B7:CB:02:88:26:00:0E:ED:1A:1D:A4:78:9C:9C:0F:3E:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A69564ECB3B25A4BC719D73B76D88859EB62B80
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Tue 21 Oct 2025 15:00:34 +0000
ROA not before: Tue 21 Oct 2025 15:00:34 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:69:56:4e:cb:3b:25:a4:bc:71:9d:73:b7:6d:88:85:9e:b6:2b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:34 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2176c2818eb2c18134942ddeb68acd53d5bf67204ab5b02fb25b426316c371d1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ee:5a:75:f4:58:21:5f:68:01:99:4f:4e:ae:
be:7e:62:ac:c7:95:fb:0d:77:48:13:38:68:07:5a:
12:a3:cb:7f:04:34:65:24:8c:32:24:db:c0:28:95:
85:3b:bd:a6:61:20:78:ac:1f:87:55:94:65:e6:6f:
4d:a3:2f:28:de:bc:a8:58:bc:a8:16:bc:43:47:9e:
ce:c4:c1:0e:19:4c:b4:15:09:47:5c:8f:c3:bc:0a:
49:68:d4:5d:39:c0:4b:07:a2:62:dc:f7:ad:97:fd:
6b:11:19:8d:e6:2f:37:d1:cf:4e:ed:f3:5c:66:36:
3f:ad:ef:f8:c1:9b:a4:07:f6:a8:87:cb:37:65:75:
f9:13:ea:9a:37:fc:47:b3:25:13:ae:75:6e:8e:3c:
80:88:39:0e:db:83:cd:fe:72:c8:46:ca:42:9c:ae:
cd:b1:03:e3:97:f9:30:52:75:9e:eb:6e:e4:dd:3c:
9b:4a:10:1b:9d:ac:2a:d0:23:17:be:64:04:5e:f0:
88:b1:26:f8:c2:81:c1:8b:87:7c:e0:46:ba:d0:fe:
20:3c:3d:76:57:47:f0:ac:f0:72:aa:01:f4:6e:87:
16:45:b0:fa:42:13:5c:00:b5:2b:59:77:92:07:c6:
c0:79:c9:0c:a1:89:15:2d:7d:9c:96:71:27:c5:57:
bd:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:91:07:B7:CB:02:88:26:00:0E:ED:1A:1D:A4:78:9C:9C:0F:3E:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c1:bc:59:c1:95:bd:d6:95:00:5e:f5:70:5d:6c:c6:da:f0:cc:
a5:ef:a3:21:2e:5a:cc:50:76:5e:67:6b:0c:e9:b6:65:fd:0c:
13:a3:bc:ac:5a:fd:3e:ec:d9:8c:c1:76:3e:4f:9b:91:c7:35:
9d:81:1d:c7:0f:2f:ac:37:60:fb:fc:c5:8c:5f:be:09:4b:9d:
9a:05:be:9b:cb:4a:fc:f6:1c:62:f7:a5:16:94:ce:77:b8:ae:
11:52:e9:54:34:71:99:cf:5d:99:79:6c:64:b8:d2:66:88:c0:
c2:f6:f0:2e:d0:4b:58:89:9e:b4:d1:51:c2:34:18:f6:67:b7:
f3:57:25:12:2a:fc:b5:68:c2:27:0f:98:58:23:b5:34:d8:3b:
ce:8f:c3:53:f4:f6:21:e6:a1:22:aa:cd:9a:ca:f1:e6:c6:40:
55:64:16:da:30:f9:ef:6f:ad:3f:2b:c1:59:c3:e8:91:45:4e:
95:44:2a:aa:51:37:90:df:e9:2d:c2:e7:71:16:e4:2f:3f:f3:
37:b8:ad:2d:30:33:22:68:29:9a:a1:bd:63:cb:f2:59:58:42:
01:48:e7:9b:3a:bf:23:cc:e4:86:fd:02:b0:74:57:a6:81:f9:
c5:d4:7b:b2:a1:e5:ec:77:14:b6:06:77:ff:4d:21:29:7c:2a:
a4:85:67:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUemlWTss7JaS8cZ1zt22IhZ62K4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMzRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxNzZjMjgxOGViMmMxODEzNDk0MmRkZWI2OGFjZDUzZDViZjY3MjA0YWI1
YjAyZmIyNWI0MjYzMTZjMzcxZDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnuWnX0WCFfaAGZT06uvn5irMeV+w13SBM4aAdaEqPLfwQ0ZSSMMiTbwCiV
hTu9pmEgeKwfh1WUZeZvTaMvKN68qFi8qBa8Q0eezsTBDhlMtBUJR1yPw7wKSWjU
XTnASweiYtz3rZf9axEZjeYvN9HPTu3zXGY2P63v+MGbpAf2qIfLN2V1+RPqmjf8
R7MlE651bo48gIg5DtuDzf5yyEbKQpyuzbED45f5MFJ1nutu5N08m0oQG52sKtAj
F75kBF7wiLEm+MKBwYuHfOBGutD+IDw9dldH8KzwcqoB9G6HFkWw+kITXAC1K1l3
kgfGwHnJDKGJFS19nJZxJ8VXvTUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTSkQe3
ywKIJgAO7RodpHicnA8+GDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQDBvFnBlb3WlQBe9XBdbMba8Myl76MhLlrMUHZeZ2sM
6bZl/QwTo7ysWv0+7NmMwXY+T5uRxzWdgR3HDy+sN2D7/MWMX74JS52aBb6by0r8
9hxi96UWlM53uK4RUulUNHGZz12ZeWxkuNJmiMDC9vAu0EtYiZ600VHCNBj2Z7fz
VyUSKvy1aMInD5hYI7U02DvOj8NT9PYh5qEiqs2ayvHmxkBVZBbaMPnvb60/K8FZ
w+iRRU6VRCqqUTeQ3+ktwudxFuQvP/M3uK0tMDMiaCmaob1jy/JZWEIBSOebOr8j
zOSG/QKwdFemgfnF1HuyoeXsdxS2Bnf/TSEpfCqkhWc3
-----END CERTIFICATE-----
Generated at Tue Oct 28 06:18:57 2025 by rpki-client