Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
File: 01305f95-02db-46f4-a135-5ff585346b72.roa (raw, json)
Hash identifier: VkzjioPBCF0BHOl7hsyisUYDYSnW4ipN+NyhMzMHVxo=
Subject key identifier: 7A:FC:56:43:95:D6:94:0D:44:04:18:75:92:BA:9B:FD:7D:6D:F0:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 645C5C5E3F614A7449ADCC0445C4D5107B1F1A83
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
Signing time: Fri 26 Sep 2025 20:20:41 +0000
ROA not before: Fri 26 Sep 2025 20:20:41 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:5c:5c:5e:3f:61:4a:74:49:ad:cc:04:45:c4:d5:10:7b:1f:1a:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:41 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c7e000c9fb8ec84e13ac9ac288b8f81a364e2b8fd2f469981d0e07d0b4412cf9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:79:3d:9d:f1:34:5e:92:6f:28:86:f2:87:
e2:7c:ad:90:42:cd:d9:f3:99:96:90:02:bd:25:06:
2c:89:29:4d:69:a2:0f:3c:30:d8:c8:43:8b:85:30:
2e:3f:b2:3c:f7:a9:b7:76:8a:93:37:83:62:34:5a:
5a:7a:dd:ee:c7:7b:60:c3:28:cb:54:4a:bb:c6:7d:
b2:43:13:a1:18:5e:48:c8:99:88:ae:7b:21:39:e5:
42:92:5f:0e:7c:a7:1c:e4:ed:22:1a:c9:84:9f:d0:
b6:f6:8e:b2:fc:c5:10:56:ad:9b:fd:38:95:e0:ec:
1c:18:86:d3:b6:7f:14:2f:c1:97:29:50:e7:27:72:
46:9a:50:10:a6:47:90:b0:bd:b7:ca:fa:97:07:24:
e8:b8:e1:4d:3a:5b:47:fa:f8:96:5d:f8:be:c1:7b:
1e:d6:61:72:4a:52:5c:98:a8:af:5d:01:41:31:c2:
39:1b:dc:6d:56:d2:22:f6:4f:aa:16:f4:93:0a:7e:
60:fd:da:e9:ad:04:65:8b:35:85:be:d5:41:39:52:
6c:49:81:33:14:48:68:87:7b:9d:41:83:f7:d0:aa:
c4:70:4c:de:84:fa:77:fd:ff:46:b8:44:cb:a7:45:
32:ab:34:7f:e3:fe:ff:18:54:e7:1b:db:34:f5:d2:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:FC:56:43:95:D6:94:0D:44:04:18:75:92:BA:9B:FD:7D:6D:F0:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01305f95-02db-46f4-a135-5ff585346b72.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4e:5e:84:11:d8:0c:49:40:8b:3c:68:5c:20:8f:64:34:9e:48:
44:12:75:ed:0d:66:2b:f3:00:18:4f:56:53:f7:0a:ae:08:ae:
8f:a3:88:f8:e2:db:f8:ec:9e:b4:b1:5d:aa:97:2f:3b:b7:01:
8d:a5:fa:2f:0b:63:3a:b9:82:09:62:de:f5:93:54:9d:b8:1f:
3f:9e:05:74:f1:97:34:0e:e6:ab:6b:e8:75:a1:1f:a2:77:95:
c7:f7:48:18:4a:78:8d:b3:b2:61:2e:61:4c:60:00:47:22:a3:
47:a7:de:87:97:36:8b:18:1a:65:46:a3:16:53:bf:5a:aa:b4:
77:9a:71:36:b4:78:65:78:6e:3b:bd:35:fa:7f:09:9d:7a:f4:
f4:d5:73:4f:15:c6:f6:e9:36:0c:ac:7b:b6:1e:73:86:50:65:
51:02:1a:59:bf:31:15:79:47:23:da:e0:89:a1:c2:31:ea:a3:
b0:b7:99:f7:99:89:7e:ae:b8:35:c1:cc:ba:a9:1d:83:fa:ac:
58:c3:64:9a:c2:2a:40:0f:0d:22:dc:c2:d2:2a:82:60:e0:3e:
4d:b6:e7:d9:76:a6:40:73:6a:bc:3a:91:65:68:eb:50:4c:00:
f3:46:f1:62:a1:90:07:33:95:0a:df:1f:fd:75:c8:99:18:2a:
2d:1a:52:f5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZFxcXj9hSnRJrcwERcTVEHsfGoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3ZTAwMGM5ZmI4ZWM4NGUxM2FjOWFjMjg4YjhmODFhMzY0ZTJiOGZkMmY0
Njk5ODFkMGUwN2QwYjQ0MTJjZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALXIeT2d8TRekm8ohvKH4nytkELN2fOZlpACvSUGLIkpTWmiDzww2MhDi4Uw
Lj+yPPept3aKkzeDYjRaWnrd7sd7YMMoy1RKu8Z9skMToRheSMiZiK57ITnlQpJf
DnynHOTtIhrJhJ/QtvaOsvzFEFatm/04leDsHBiG07Z/FC/BlylQ5ydyRppQEKZH
kLC9t8r6lwck6LjhTTpbR/r4ll34vsF7HtZhckpSXJior10BQTHCORvcbVbSIvZP
qhb0kwp+YP3a6a0EZYs1hb7VQTlSbEmBMxRIaId7nUGD99CqxHBM3oT6d/3/RrhE
y6dFMqs0f+P+/xhU5xvbNPXSiikCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR6/FZD
ldaUDUQEGHWSupv9fW3wfzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDEzMDVmOTUtMDJkYi00NmY0LWExMzUtNWZmNTg1MzQ2YjcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQBOXoQR2AxJQIs8aFwgj2Q0nkhEEnXtDWYr8wAYT1ZT
9wquCK6Po4j44tv47J60sV2qly87twGNpfovC2M6uYIJYt71k1SduB8/ngV08Zc0
Duara+h1oR+id5XH90gYSniNs7JhLmFMYABHIqNHp96HlzaLGBplRqMWU79aqrR3
mnE2tHhleG47vTX6fwmdevT01XNPFcb26TYMrHu2HnOGUGVRAhpZvzEVeUcj2uCJ
ocIx6qOwt5n3mYl+rrg1wcy6qR2D+qxYw2SawipADw0i3MLSKoJg4D5NtufZdqZA
c2q8OpFlaOtQTADzRvFioZAHM5UK3x/9dciZGCotGlL1
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:08 2025 by rpki-client