Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: JbIC2Ngc5ZzaeKc6ShKiAi4c5QD1k93Mwe/UQG1E/6c=
Subject key identifier: 5B:DD:84:01:1A:94:18:14:42:BD:8D:8C:91:B9:69:BE:16:D5:07:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A1930E47C6BD43A9ACCC2567E8C72699C111CB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Fri 26 Sep 2025 20:21:18 +0000
ROA not before: Fri 26 Sep 2025 20:21:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:19:30:e4:7c:6b:d4:3a:9a:cc:c2:56:7e:8c:72:69:9c:11:1c:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=08a30d653f0dd032f719d0c6ecb42db5bd8d6fa47e0884ceec7d1bd5cbf20c7c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2d:ab:16:69:48:0f:6a:1d:f4:1f:5d:8c:fe:
b5:b4:f7:19:d2:fe:1f:39:b7:bf:8e:88:6a:52:7c:
32:1e:0b:ba:17:92:19:e8:5c:d4:86:7a:ff:2a:bc:
c4:57:94:34:3f:39:8f:f8:16:c9:0c:fc:19:3d:08:
00:9f:4d:59:94:e5:ff:7b:36:05:11:65:32:01:ea:
0f:9d:b0:70:53:86:03:83:c9:f2:97:fa:94:54:21:
78:22:e9:df:28:de:dc:78:f1:56:ee:a9:aa:48:82:
86:b2:bd:54:56:14:32:44:52:60:a5:d5:d0:11:2c:
d7:64:44:23:e5:9d:c3:f4:b3:b5:7a:e5:c8:21:4a:
2a:62:04:9a:1f:47:8d:83:a2:33:69:a1:38:4c:e5:
e3:77:8a:a8:67:00:b6:3a:6d:25:60:32:96:11:84:
ac:da:34:56:a2:b5:ce:e8:df:70:4c:9b:2b:cd:0a:
77:94:2a:a1:b6:d1:b5:84:48:d5:d7:53:a3:21:ce:
4b:2a:d9:48:1d:53:5a:5d:08:b7:99:9a:11:86:a2:
d4:3b:3d:22:1c:83:b0:b0:36:00:58:9c:b4:f1:7c:
78:6e:03:cf:75:2f:77:8b:98:64:0f:b3:33:e2:72:
6c:0e:47:56:5b:5d:7e:3c:9a:1a:1d:47:a7:4b:fa:
20:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DD:84:01:1A:94:18:14:42:BD:8D:8C:91:B9:69:BE:16:D5:07:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:48:24:66:c5:29:bb:30:e8:d3:1f:fb:94:00:67:a8:53:7d:
a8:d7:6f:50:cc:a4:1d:ff:d6:6b:a8:ca:f9:eb:0e:9c:7d:35:
3a:ff:c4:d5:ea:77:05:25:05:1f:e9:7b:19:90:9f:00:f6:92:
d1:cc:d7:03:de:fb:75:a0:89:91:d5:95:d3:69:d9:bd:3f:d3:
ab:b6:a5:d9:55:4d:90:e2:f1:6c:0d:e9:38:63:15:0c:07:06:
20:4f:f6:99:ac:13:45:f0:eb:11:f1:c8:f7:7d:5c:37:1a:15:
6b:00:90:ac:a1:de:1a:84:cd:68:e9:28:0f:e4:1b:68:15:0c:
bc:01:b2:63:cb:46:3f:49:3e:36:4c:a5:ef:7a:0a:85:26:02:
50:51:23:a9:e3:ca:09:9c:fb:d6:97:34:75:64:c6:c5:de:6e:
fc:32:fc:14:6d:6c:70:d9:14:ec:91:53:e0:14:82:3f:e1:25:
4e:c2:0a:a1:c2:be:48:60:bd:4e:cc:8c:4f:f6:e9:7d:11:8f:
57:8a:cb:75:fd:74:c9:dc:07:44:ae:15:dc:53:e6:6c:8d:6d:
9f:49:c4:36:09:47:b7:73:76:df:55:d9:29:d8:c6:b4:9a:7d:
9c:01:6c:54:53:9b:11:93:a5:56:d3:f7:df:3f:21:06:77:36:
d4:2d:38:6a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKhkw5Hxr1DqazMJWfoxyaZwRHLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4YTMwZDY1M2YwZGQwMzJmNzE5ZDBjNmVjYjQyZGI1YmQ4ZDZmYTQ3ZTA4
ODRjZWVjN2QxYmQ1Y2JmMjBjN2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALctqxZpSA9qHfQfXYz+tbT3GdL+Hzm3v46IalJ8Mh4LuheSGehc1IZ6/yq8
xFeUND85j/gWyQz8GT0IAJ9NWZTl/3s2BRFlMgHqD52wcFOGA4PJ8pf6lFQheCLp
3yje3HjxVu6pqkiChrK9VFYUMkRSYKXV0BEs12REI+Wdw/SztXrlyCFKKmIEmh9H
jYOiM2mhOEzl43eKqGcAtjptJWAylhGErNo0VqK1zujfcEybK80Kd5QqobbRtYRI
1ddToyHOSyrZSB1TWl0It5maEYai1Ds9IhyDsLA2AFictPF8eG4Dz3Uvd4uYZA+z
M+JybA5HVltdfjyaGh1Hp0v6ILkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRb3YQB
GpQYFEK9jYyRuWm+FtUHIDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQBISCRmxSm7MOjTH/uUAGeoU32o129QzKQd/9ZrqMr5
6w6cfTU6/8TV6ncFJQUf6XsZkJ8A9pLRzNcD3vt1oImR1ZXTadm9P9OrtqXZVU2Q
4vFsDek4YxUMBwYgT/aZrBNF8OsR8cj3fVw3GhVrAJCsod4ahM1o6SgP5BtoFQy8
AbJjy0Y/ST42TKXvegqFJgJQUSOp48oJnPvWlzR1ZMbF3m78MvwUbWxw2RTskVPg
FII/4SVOwgqhwr5IYL1OzIxP9ul9EY9Xist1/XTJ3AdErhXcU+ZsjW2fScQ2CUe3
c3bfVdkp2Ma0mn2cAWxUU5sRk6VW0/ffPyEGdzbULThq
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:15:56 2025 by rpki-client