Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: dlx5ZJIUB3UasBHm0Iyx5w6ggIleRMlHibD/qW3SKq4=
Subject key identifier: 58:BA:F7:BA:D2:34:A3:0F:26:9F:83:E2:4A:D8:C7:D0:8A:13:B0:00
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2BA32657CD7317640F60D22E3AE3C25FCACC238A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Fri 26 Sep 2025 20:39:56 +0000
ROA not before: Fri 26 Sep 2025 20:39:56 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:a3:26:57:cd:73:17:64:0f:60:d2:2e:3a:e3:c2:5f:ca:cc:23:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:56 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7dfaa6f34d108515ccc85dd764a22e14322a0713a21d6717267a992eade54d9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:54:fd:92:13:06:4b:25:df:d5:12:82:a9:e2:
1b:9a:e6:1b:18:76:cc:af:31:1a:2d:4f:a5:9c:7c:
25:1a:7f:5b:ca:e6:95:a5:9c:a9:ca:3b:14:d9:3b:
3a:40:cf:65:51:b9:2d:a1:9d:ab:14:63:73:10:05:
2d:53:d7:1c:c1:e5:b6:41:60:46:eb:6e:3b:1d:e6:
b9:1f:ec:2b:c3:32:5b:aa:1a:53:12:57:2e:8b:14:
b5:00:a6:69:66:d4:b9:e1:6a:e3:7d:29:d4:f8:1f:
09:50:59:14:91:09:94:55:0e:30:dd:1c:ee:d2:8d:
05:8e:77:44:c0:64:94:ea:aa:bc:79:a2:ba:0b:ac:
3b:4a:ec:f6:19:71:58:f2:38:3d:c4:49:17:23:df:
0f:2f:2c:c0:b7:95:ec:5b:9b:98:c5:da:fc:97:b4:
68:24:de:c4:19:17:7d:13:37:47:89:eb:f1:74:dd:
70:71:4b:14:b6:0c:ba:62:e0:6c:3f:3b:60:eb:27:
13:5b:2f:c2:db:30:0a:ae:04:31:1d:27:f8:45:e2:
f8:39:ac:3a:67:c9:d9:c9:a0:bb:f8:88:db:d8:c4:
78:a5:8e:09:da:4c:8f:e9:fb:7b:54:30:e9:25:0c:
8b:9c:5d:60:bc:10:7d:fa:5c:72:bb:2f:25:47:db:
d4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:BA:F7:BA:D2:34:A3:0F:26:9F:83:E2:4A:D8:C7:D0:8A:13:B0:00
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:ad:c7:2b:6a:9f:80:0f:00:8d:08:c0:1d:80:6d:bf:fa:e4:
a8:6e:b6:df:43:de:a8:69:8a:b1:2c:a3:fb:f7:50:4f:ce:31:
43:5f:68:9b:53:b0:5d:e4:99:2f:77:e1:a8:78:55:c2:77:e8:
df:76:0b:f7:d4:e9:e6:8b:07:bb:8b:67:01:99:12:94:69:5e:
88:f0:7a:09:5a:81:59:27:78:fd:23:f7:fc:a0:be:b0:b5:5f:
84:c6:67:b6:38:ba:c7:1f:f9:51:34:15:c8:9b:fe:73:a1:4c:
b5:1c:5e:7e:6e:68:63:b2:bd:cd:f8:f3:8f:f4:5f:4d:ca:46:
95:01:6e:b8:b8:3d:94:53:8f:9d:3c:9d:f5:5c:ef:d1:d1:0e:
82:9e:34:99:06:87:b6:78:0d:34:84:96:86:e2:b0:b5:91:f0:
7e:9a:ee:45:d7:fc:cb:fb:99:55:8c:dc:6a:2d:7b:8b:ec:e0:
85:df:53:d1:d5:f8:c8:44:d9:bf:52:45:a1:f6:7d:09:1c:97:
f9:73:8e:87:0c:e2:34:83:e5:fd:10:71:6e:2c:f4:ce:32:f3:
1a:d5:d1:40:44:36:06:04:9d:58:02:ec:3d:14:b5:b7:54:08:
e1:fe:4e:c8:0f:54:8a:5c:09:ad:11:9a:ca:8f:39:5b:36:04:
6e:bc:f9:ea
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK6MmV81zF2QPYNIuOuPCX8rMI4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NTZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkZmFhNmYzNGQxMDg1MTVjY2M4NWRkNzY0YTIyZTE0MzIyYTA3MTNhMjFk
NjcxNzI2N2E5OTJlYWRlNTRkOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRU/ZITBksl39USgqniG5rmGxh2zK8xGi1PpZx8JRp/W8rmlaWcqco7FNk7
OkDPZVG5LaGdqxRjcxAFLVPXHMHltkFgRutuOx3muR/sK8MyW6oaUxJXLosUtQCm
aWbUueFq430p1PgfCVBZFJEJlFUOMN0c7tKNBY53RMBklOqqvHmiugusO0rs9hlx
WPI4PcRJFyPfDy8swLeV7FubmMXa/Je0aCTexBkXfRM3R4nr8XTdcHFLFLYMumLg
bD87YOsnE1svwtswCq4EMR0n+EXi+DmsOmfJ2cmgu/iI29jEeKWOCdpMj+n7e1Qw
6SUMi5xdYLwQffpccrsvJUfb1LECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYuve6
0jSjDyafg+JK2MfQihOwADAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQBurccrap+ADwCNCMAdgG2/+uSobrbfQ96oaYqxLKP7
91BPzjFDX2ibU7Bd5Jkvd+GoeFXCd+jfdgv31Onmiwe7i2cBmRKUaV6I8HoJWoFZ
J3j9I/f8oL6wtV+Exme2OLrHH/lRNBXIm/5zoUy1HF5+bmhjsr3N+POP9F9NykaV
AW64uD2UU4+dPJ31XO/R0Q6CnjSZBoe2eA00hJaG4rC1kfB+mu5F1/zL+5lVjNxq
LXuL7OCF31PR1fjIRNm/UkWh9n0JHJf5c46HDOI0g+X9EHFuLPTOMvMa1dFARDYG
BJ1YAuw9FLW3VAjh/k7ID1SKXAmtEZrKjzlbNgRuvPnq
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:31:45 2025 by rpki-client