Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
File: a02f9994-3943-4a2f-8467-87935bf3bf9e.roa (raw, json)
Hash identifier: 4votfo88kjPSw+qSSzPIe62RTUpmV9AMo4CavCTp35c=
Subject key identifier: FA:07:EB:8B:89:57:9A:D3:38:AE:0D:BA:C1:FF:42:80:37:CA:81:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 720931E07615CF9657CCA063FF9C48F08567A574
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
Signing time: Fri 26 Sep 2025 20:39:53 +0000
ROA not before: Fri 26 Sep 2025 20:39:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:09:31:e0:76:15:cf:96:57:cc:a0:63:ff:9c:48:f0:85:67:a5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=481c5e23f7cd8d752e7020efc44738684fbf0f7e56878e3466d6fec122ca16cd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:1e:4d:9f:40:cd:12:32:23:58:1d:d7:07:
1a:05:59:63:59:de:6b:e3:02:0e:c7:ce:6b:df:dd:
22:be:e3:89:37:dc:a2:31:ab:04:bc:a5:d7:33:4c:
f8:eb:a9:87:d8:06:1f:c9:2f:04:44:49:9c:5a:b4:
c3:50:66:9c:ba:16:7f:b9:e3:e8:b4:13:d6:a8:6f:
16:49:a2:6e:d7:0f:1a:7c:b8:27:4c:79:48:3c:11:
c1:e8:2c:09:e2:ec:2f:32:c2:4c:43:bc:2d:b9:30:
2d:3a:b4:16:05:6f:4d:62:47:d9:c0:c5:5a:76:02:
8f:75:15:e4:75:55:86:e5:a0:26:67:56:8d:fe:1e:
b3:17:77:01:93:01:76:ad:88:45:9b:cd:3d:32:d8:
33:55:cd:74:70:74:0d:ac:49:18:bc:c2:00:10:10:
3a:3f:56:26:2f:13:31:71:1e:5b:dc:1a:3a:9b:15:
4d:53:d8:02:48:dc:10:0f:8b:c1:2e:7b:cf:1e:5a:
8b:76:2a:76:03:06:8c:e2:a3:5f:9b:c1:c1:ad:59:
cd:ec:9a:0e:e3:ec:80:25:ee:3e:b3:f6:16:0e:23:
dd:8f:c9:50:b5:37:c4:f0:df:d9:a5:40:79:fa:14:
1a:9b:47:26:4a:75:8b:28:f8:a0:fb:b5:f8:2a:db:
7a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:07:EB:8B:89:57:9A:D3:38:AE:0D:BA:C1:FF:42:80:37:CA:81:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a02f9994-3943-4a2f-8467-87935bf3bf9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:89:f6:39:39:e4:bc:82:b9:ab:f9:e6:a1:10:94:65:c7:13:
58:b8:93:98:5d:03:2d:58:a1:61:f9:33:d9:d8:b9:2f:e4:91:
2e:c5:35:25:6a:23:21:6c:84:0f:2a:36:8b:3b:b0:1f:5d:10:
c8:c5:78:c2:b2:15:7f:5b:3f:98:de:64:4f:07:45:f4:99:8f:
18:ab:79:ba:07:c2:38:8e:84:2d:e9:c1:b2:1f:7c:0d:f4:fc:
4e:1c:2e:7e:e6:13:f2:df:05:70:18:d4:50:36:c6:bf:dd:19:
e7:97:24:2c:5f:0e:96:64:d0:38:89:ad:2a:9d:f5:f3:b7:e6:
5d:29:09:86:c5:b7:57:1b:3b:8a:43:49:3e:1d:23:cd:42:37:
b7:2d:36:c1:97:21:fd:04:16:5f:8d:f3:b9:19:44:07:04:44:
61:5e:54:07:58:65:9d:bb:7e:63:50:3c:20:c3:ae:80:20:a6:
7b:9b:4e:23:45:79:01:37:70:d9:d1:ce:d5:fe:4a:bc:e8:18:
6f:85:cb:06:56:88:10:b1:46:db:ad:8f:55:c1:e9:39:1d:13:
5b:08:54:48:53:cf:71:29:19:cc:98:c0:00:84:5c:ce:39:21:
72:a9:39:78:a9:6b:c6:4c:c5:7f:d2:2e:fb:48:25:f5:8f:8e:
f8:cb:3a:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcgkx4HYVz5ZXzKBj/5xI8IVnpXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ4MWM1ZTIzZjdjZDhkNzUyZTcwMjBlZmM0NDczODY4NGZiZjBmN2U1Njg3
OGUzNDY2ZDZmZWMxMjJjYTE2Y2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbZHk2fQM0SMiNYHdcHGgVZY1nea+MCDsfOa9/dIr7jiTfcojGrBLyl1zNM
+Ouph9gGH8kvBERJnFq0w1BmnLoWf7nj6LQT1qhvFkmibtcPGny4J0x5SDwRwegs
CeLsLzLCTEO8LbkwLTq0FgVvTWJH2cDFWnYCj3UV5HVVhuWgJmdWjf4esxd3AZMB
dq2IRZvNPTLYM1XNdHB0DaxJGLzCABAQOj9WJi8TMXEeW9waOpsVTVPYAkjcEA+L
wS57zx5ai3YqdgMGjOKjX5vBwa1ZzeyaDuPsgCXuPrP2Fg4j3Y/JULU3xPDf2aVA
efoUGptHJkp1iyj4oPu1+CrbejMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT6B+uL
iVea0ziuDbrB/0KAN8qBhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTAyZjk5OTQtMzk0My00YTJmLTg0NjctODc5MzViZjNiZjllLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQByifY5OeS8grmr+eahEJRlxxNYuJOYXQMtWKFh+TPZ
2Lkv5JEuxTUlaiMhbIQPKjaLO7AfXRDIxXjCshV/Wz+Y3mRPB0X0mY8Yq3m6B8I4
joQt6cGyH3wN9PxOHC5+5hPy3wVwGNRQNsa/3RnnlyQsXw6WZNA4ia0qnfXzt+Zd
KQmGxbdXGzuKQ0k+HSPNQje3LTbBlyH9BBZfjfO5GUQHBERhXlQHWGWdu35jUDwg
w66AIKZ7m04jRXkBN3DZ0c7V/kq86BhvhcsGVogQsUbbrY9Vwek5HRNbCFRIU89x
KRnMmMAAhFzOOSFyqTl4qWvGTMV/0i77SCX1j474yzoJ
-----END CERTIFICATE-----
Generated at Fri Oct 17 00:51:26 2025 by rpki-client