Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
File: cf5e86ef-0733-4056-8b1b-683470ef90f1.roa (raw, json)
Hash identifier: gRPbbn3+9LEcMZMAJbUp8W2TGud/qqXkz1NBha1pjbU=
Subject key identifier: 22:E9:50:68:F7:3A:0D:3C:00:95:6F:2C:4C:73:FA:ED:A5:8C:AA:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B75FF8C3C7AB8CCB3EA2A5F43BB059385FA25C7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
Signing time: Sat 27 Sep 2025 00:52:37 +0000
ROA not before: Sat 27 Sep 2025 00:52:37 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:75:ff:8c:3c:7a:b8:cc:b3:ea:2a:5f:43:bb:05:93:85:fa:25:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:37 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=7067d458a20cc83d932e46ce7822a7066b55d7ecc7f93cf0e5d5cb4e04098150, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b0:bf:68:37:47:3f:ed:fe:c5:2a:d6:21:31:
5b:3a:2e:ba:a4:79:9c:b3:5a:c7:1e:30:32:7d:6b:
86:4f:3f:b2:fd:a8:fa:05:94:6a:cf:21:b2:2b:60:
0c:aa:6a:cb:d7:0b:93:95:67:d1:3a:c7:4c:62:f2:
39:43:1d:61:94:e2:32:83:1a:7b:b4:ba:06:73:d4:
d8:88:ec:be:2b:68:bd:5b:7c:12:19:96:03:2f:5e:
c1:73:cf:50:66:d7:41:81:68:58:44:42:92:b6:d2:
d1:24:84:b2:ee:c5:37:88:0b:ee:be:76:8c:55:b1:
74:36:fe:10:92:a4:54:85:90:cf:0d:9c:27:c6:28:
23:1f:89:11:d4:78:63:e0:b0:f9:f2:3b:83:c6:4c:
7d:0c:23:dd:66:31:39:33:37:fc:82:a2:3a:a4:2b:
32:78:cb:5b:47:bd:07:33:94:38:00:f3:2e:7d:8a:
07:17:d0:75:b9:cb:cc:f4:17:a1:34:41:15:9c:78:
01:96:28:a9:6f:b2:94:e6:ad:bd:70:e0:44:b0:61:
1a:62:28:b1:bb:c1:66:f5:6d:c8:e3:47:bb:87:83:
e6:b7:d7:2b:f6:e9:95:9d:6c:f4:78:6f:0f:0b:9e:
ac:3b:39:92:c2:b6:aa:e5:10:f4:cc:ff:64:9b:f5:
3d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E9:50:68:F7:3A:0D:3C:00:95:6F:2C:4C:73:FA:ED:A5:8C:AA:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf5e86ef-0733-4056-8b1b-683470ef90f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
56:d7:f9:19:7a:17:42:f2:7f:08:cc:41:ac:a4:66:fc:b9:02:
bb:5d:c1:95:94:2a:84:51:f3:f8:62:a8:67:0e:b1:fc:09:d4:
83:90:d1:5f:ec:ed:7c:fa:13:7b:25:6c:41:d6:bf:37:a9:9a:
7f:13:4a:ff:3e:69:bb:a1:be:47:be:0a:07:32:fa:7d:b1:36:
6b:36:9c:c8:4b:23:4a:e7:06:a8:9a:a4:a7:e0:78:77:91:07:
97:ad:00:f9:8c:c4:83:d6:60:64:ab:50:17:37:86:73:4e:39:
d1:78:45:ee:8b:68:f3:04:30:dd:21:83:97:94:f5:ba:b7:d0:
e8:4a:67:d7:07:e1:11:94:23:c9:04:27:f1:26:ad:b0:74:bb:
c2:ac:39:bf:e8:57:7f:be:7b:ae:09:ca:ef:0a:b1:a7:33:52:
b1:d9:2c:80:8c:d0:ed:68:6a:c6:00:62:20:9f:c7:1d:49:dd:
9e:23:d8:5c:d5:64:30:04:ee:d5:72:c4:a4:38:23:f2:76:3d:
67:38:0c:95:98:e3:07:ef:13:35:66:0d:bf:9a:50:ae:e7:ec:
34:d8:41:24:b3:13:72:4a:b7:68:b3:d2:b7:45:c5:21:0e:db:
da:a9:98:e5:b3:7d:7a:ae:9b:f0:54:c4:94:33:74:d5:89:56:
91:59:7b:d3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa3X/jDx6uMyz6ipfQ7sFk4X6JccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyMzdaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwNjdkNDU4YTIwY2M4M2Q5MzJlNDZjZTc4MjJhNzA2NmI1NWQ3ZWNjN2Y5
M2NmMGU1ZDVjYjRlMDQwOTgxNTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqwv2g3Rz/t/sUq1iExWzouuqR5nLNaxx4wMn1rhk8/sv2o+gWUas8hsitg
DKpqy9cLk5Vn0TrHTGLyOUMdYZTiMoMae7S6BnPU2IjsvitovVt8EhmWAy9ewXPP
UGbXQYFoWERCkrbS0SSEsu7FN4gL7r52jFWxdDb+EJKkVIWQzw2cJ8YoIx+JEdR4
Y+Cw+fI7g8ZMfQwj3WYxOTM3/IKiOqQrMnjLW0e9BzOUOADzLn2KBxfQdbnLzPQX
oTRBFZx4AZYoqW+ylOatvXDgRLBhGmIosbvBZvVtyONHu4eD5rfXK/bplZ1s9Hhv
DwuerDs5ksK2quUQ9Mz/ZJv1Pf0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQi6VBo
9zoNPACVbyxMc/rtpYyqZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1ZTg2ZWYtMDczMy00MDU2LThiMWItNjgzNDcwZWY5MGYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAVtf5GXoXQvJ/CMxBrKRm/LkCu13BlZQqhFHz+GKo
Zw6x/AnUg5DRX+ztfPoTeyVsQda/N6mafxNK/z5pu6G+R74KBzL6fbE2azacyEsj
SucGqJqkp+B4d5EHl60A+YzEg9ZgZKtQFzeGc0450XhF7oto8wQw3SGDl5T1urfQ
6Epn1wfhEZQjyQQn8SatsHS7wqw5v+hXf757rgnK7wqxpzNSsdksgIzQ7WhqxgBi
IJ/HHUndniPYXNVkMATu1XLEpDgj8nY9ZzgMlZjjB+8TNWYNv5pQrufsNNhBJLMT
ckq3aLPSt0XFIQ7b2qmY5bN9eq6b8FTElDN01YlWkVl70w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:15:51 2025 by rpki-client