Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: MX96M+2WBSybEGvxIKJVd375G0evlccutoy1DadsGGg=
Subject key identifier: 0D:E7:B8:83:60:41:47:1A:17:CF:84:07:B5:96:BA:31:CB:DD:12:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43694CDA7512EB8FD616EE5F0809A5A6ABED0251
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Fri 26 Sep 2025 20:20:12 +0000
ROA not before: Fri 26 Sep 2025 20:20:12 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 Oct 2025 21:54:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:69:4c:da:75:12:eb:8f:d6:16:ee:5f:08:09:a5:a6:ab:ed:02:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:12 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=eb0a1047632faf648c3ec542bbd654cc3a3a7c24548f686a57be2bbce6698e21, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9c:bc:88:92:6e:84:02:29:91:d2:c5:31:71:
76:e9:05:f6:f3:e7:1f:94:4f:b9:6b:d7:d8:00:46:
7b:2d:08:80:7f:cf:6d:d3:45:9f:2c:ea:0a:d4:db:
c6:7d:54:52:5d:24:b0:c6:db:9e:f9:e4:18:0d:2e:
2c:9d:31:22:5f:ab:40:05:8f:be:ee:f0:ad:db:cf:
11:3b:62:d0:46:a7:a3:5c:d0:ea:a5:7f:16:d5:a9:
9a:e9:9d:c8:e8:46:e8:24:53:dc:74:7f:64:c4:8d:
46:fa:50:95:ae:cc:cc:a9:4d:54:c2:7f:e8:13:5b:
74:13:b4:46:0b:24:c4:c5:ed:58:07:6f:32:7f:ff:
11:9d:2a:1e:26:13:55:00:fa:28:1a:72:a4:1b:c6:
76:5a:36:3e:7e:b6:d8:d0:63:3d:df:f8:de:a4:09:
96:4f:51:2f:20:15:d4:0a:84:11:c8:6c:c4:6c:61:
42:bb:4c:48:28:6b:12:25:5d:b9:38:b8:b2:16:39:
7c:48:60:ea:af:11:f6:d9:c2:80:00:a2:87:6c:d3:
c6:ab:1b:94:5b:35:a7:87:b4:5a:ee:09:76:e2:0e:
00:13:f7:f4:ba:ad:5c:89:e4:50:c0:e2:dc:46:75:
70:0e:ad:f7:1e:a8:be:d9:3f:9f:93:b5:19:b9:b3:
54:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E7:B8:83:60:41:47:1A:17:CF:84:07:B5:96:BA:31:CB:DD:12:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:73:06:2f:a9:af:2a:4e:06:dc:ce:ba:6f:49:31:b1:e5:a0:
cc:27:49:62:8d:b8:31:0b:53:bc:d1:e7:49:bf:dd:4c:79:e7:
5e:24:8d:b0:e8:23:c4:3a:57:85:af:94:7a:1b:d3:25:ae:0f:
95:de:2b:81:6b:15:7c:79:ea:9d:8b:5d:70:e7:c2:86:f0:5c:
6c:2c:60:00:e9:d0:0f:94:37:6c:c0:6b:f0:aa:a2:57:35:79:
93:07:c0:35:4d:20:a4:0d:7d:7f:b1:bb:e0:e8:ab:5c:39:18:
e4:8e:c4:06:26:1f:15:50:62:15:1a:16:ff:91:e6:d4:fd:2e:
11:da:66:9a:58:a4:12:d8:b8:89:b1:fb:ed:63:1c:3c:b9:d5:
83:06:9b:97:59:f6:16:43:8a:6a:dd:74:7e:14:ac:40:88:84:
18:6f:ef:54:5f:3b:c4:18:9c:4b:8e:6e:37:e9:c7:b8:36:d6:
6b:a0:47:e2:ad:8d:aa:d7:e0:32:47:55:3d:db:35:e8:0d:a1:
a0:4f:d6:39:96:6b:ac:8e:cb:19:07:37:ba:8c:2f:77:d0:e0:
36:e2:76:fe:c6:a7:96:26:e9:41:b9:80:16:eb:39:16:84:df:
bb:3a:46:69:cd:7c:f2:ef:82:19:32:f8:f1:13:ad:3f:b1:49:
3d:60:10:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ2lM2nUS64/WFu5fCAmlpqvtAlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMTJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMGExMDQ3NjMyZmFmNjQ4YzNlYzU0MmJiZDY1NGNjM2EzYTdjMjQ1NDhm
Njg2YTU3YmUyYmJjZTY2OThlMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWcvIiSboQCKZHSxTFxdukF9vPnH5RPuWvX2ABGey0IgH/PbdNFnyzqCtTb
xn1UUl0ksMbbnvnkGA0uLJ0xIl+rQAWPvu7wrdvPETti0Eano1zQ6qV/FtWpmumd
yOhG6CRT3HR/ZMSNRvpQla7MzKlNVMJ/6BNbdBO0RgskxMXtWAdvMn//EZ0qHiYT
VQD6KBpypBvGdlo2Pn622NBjPd/43qQJlk9RLyAV1AqEEchsxGxhQrtMSChrEiVd
uTi4shY5fEhg6q8R9tnCgACih2zTxqsblFs1p4e0Wu4JduIOABP39LqtXInkUMDi
3EZ1cA6t9x6ovtk/n5O1GbmzVI0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQN57iD
YEFHGhfPhAe1lroxy90SMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQCKcwYvqa8qTgbczrpvSTGx5aDMJ0lijbgxC1O80edJ
v91MeedeJI2w6CPEOleFr5R6G9Mlrg+V3iuBaxV8eeqdi11w58KG8FxsLGAA6dAP
lDdswGvwqqJXNXmTB8A1TSCkDX1/sbvg6KtcORjkjsQGJh8VUGIVGhb/kebU/S4R
2maaWKQS2LiJsfvtYxw8udWDBpuXWfYWQ4pq3XR+FKxAiIQYb+9UXzvEGJxLjm43
6ce4NtZroEfirY2q1+AyR1U92zXoDaGgT9Y5lmusjssZBze6jC930OA24nb+xqeW
JulBuYAW6zkWhN+7OkZpzXzy74IZMvjxE60/sUk9YBBV
-----END CERTIFICATE-----
Generated at Wed Oct 15 05:25:19 2025 by rpki-client