Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: +G/k0D7PfcKq4Zn+zEvHnZq5hdCR4j/u5mQ6dW/N0Zg=
Subject key identifier: 08:2F:01:C8:9D:25:F1:0F:44:FF:09:70:30:6D:64:EB:1B:A7:C8:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 399CA997A7AB94F6D9CA120125EE785286E97460
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Fri 26 Sep 2025 20:20:03 +0000
ROA not before: Fri 26 Sep 2025 20:20:03 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:9c:a9:97:a7:ab:94:f6:d9:ca:12:01:25:ee:78:52:86:e9:74:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:03 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=86b5a7491b689d9d65c412d08e7b2ae8e82327ba84394da77e0b2de92de214a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3b:0c:80:81:d3:e5:7b:ce:5c:9f:e8:47:7f:
4f:4d:3b:e9:2a:6d:cd:6f:42:31:8c:fe:10:e9:90:
59:2a:13:90:ec:f4:e5:d6:30:30:34:98:48:bd:c3:
c1:ca:70:56:f1:02:8c:3c:e5:5f:1a:94:c3:6f:85:
8a:cc:a4:3a:cb:f3:9f:5b:c1:63:7f:36:b0:ec:62:
42:2c:f0:05:d0:3c:83:db:c6:03:0e:7c:21:ce:b0:
2a:2b:50:3c:f5:d1:b2:07:18:42:68:0e:16:db:5e:
ce:47:4d:84:29:21:0e:b6:6d:1f:0c:42:b1:79:5d:
47:86:aa:93:e9:39:f2:83:27:a8:d9:7b:3a:95:72:
1c:9a:ef:2e:ef:92:3f:6f:e4:9d:d1:7a:62:74:9b:
61:ce:84:c6:06:43:cf:45:4f:b5:9f:92:68:76:b5:
12:06:d5:c0:0f:9e:b5:1c:81:48:d3:28:db:25:1d:
71:6a:7c:1f:6a:56:00:ee:8a:7d:76:9f:75:66:f7:
1a:c1:0d:07:e1:42:db:63:09:ca:d0:e2:88:eb:da:
23:94:ca:69:b6:2c:dc:23:fc:56:d7:63:ae:5c:cd:
2a:76:ef:bb:cc:71:96:3f:bd:09:0f:ad:66:a3:a1:
7b:cd:63:ae:8c:0f:9f:b4:13:b1:a5:a6:7a:11:02:
ac:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2F:01:C8:9D:25:F1:0F:44:FF:09:70:30:6D:64:EB:1B:A7:C8:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
30:5e:92:c8:66:0c:f7:35:e2:c8:41:da:18:ff:db:74:9f:7d:
a9:05:38:1a:08:04:89:55:d4:28:9a:c8:a9:01:e5:c5:f1:be:
0a:d5:9c:fc:10:8c:a6:15:0e:6e:c8:27:b8:82:cf:ef:80:57:
ec:b9:30:d6:39:c8:ef:94:51:bf:35:82:39:32:21:d3:31:e9:
c2:57:e3:2a:e7:45:07:a5:4c:44:9e:26:c1:45:55:85:7a:bc:
37:7c:84:8a:19:13:48:e9:ae:06:49:01:4f:74:fa:ba:d5:b3:
d7:80:3b:5b:ce:59:36:34:41:2c:50:34:2f:0a:e0:e7:f7:f2:
c7:0d:b4:37:26:02:28:c9:a3:17:dd:e6:b2:61:c6:ef:0a:c2:
90:43:56:de:f7:69:57:64:a9:60:dd:4e:06:d3:02:65:81:be:
73:c2:71:15:64:d7:6c:bb:59:70:32:6c:5c:61:0e:fe:0e:4a:
65:5d:dc:64:b0:d0:39:bd:09:03:fb:c5:a0:24:77:76:25:5c:
70:9e:27:3f:d0:d9:50:f7:80:f4:a4:db:14:e5:92:ff:79:f5:
c2:58:a1:1f:41:35:94:2a:9d:1f:87:ee:0f:de:2a:4b:95:92:
1f:55:90:07:35:d0:42:bc:1f:eb:5e:5d:3f:d8:ec:c4:73:02:
e4:02:bd:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOZypl6erlPbZyhIBJe54UobpdGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YjVhNzQ5MWI2ODlkOWQ2NWM0MTJkMDhlN2IyYWU4ZTgyMzI3YmE4NDM5
NGRhNzdlMGIyZGU5MmRlMjE0YTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMI7DICB0+V7zlyf6Ed/T0076SptzW9CMYz+EOmQWSoTkOz05dYwMDSYSL3D
wcpwVvECjDzlXxqUw2+FisykOsvzn1vBY382sOxiQizwBdA8g9vGAw58Ic6wKitQ
PPXRsgcYQmgOFttezkdNhCkhDrZtHwxCsXldR4aqk+k58oMnqNl7OpVyHJrvLu+S
P2/kndF6YnSbYc6ExgZDz0VPtZ+SaHa1EgbVwA+etRyBSNMo2yUdcWp8H2pWAO6K
fXafdWb3GsENB+FC22MJytDiiOvaI5TKabYs3CP8VtdjrlzNKnbvu8xxlj+9CQ+t
ZqOhe81jrowPn7QTsaWmehECrD8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQILwHI
nSXxD0T/CXAwbWTrG6fIvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQAwXpLIZgz3NeLIQdoY/9t0n32pBTgaCASJVdQomsip
AeXF8b4K1Zz8EIymFQ5uyCe4gs/vgFfsuTDWOcjvlFG/NYI5MiHTMenCV+Mq50UH
pUxEnibBRVWFerw3fISKGRNI6a4GSQFPdPq61bPXgDtbzlk2NEEsUDQvCuDn9/LH
DbQ3JgIoyaMX3eayYcbvCsKQQ1be92lXZKlg3U4G0wJlgb5zwnEVZNdsu1lwMmxc
YQ7+DkplXdxksNA5vQkD+8WgJHd2JVxwnic/0NlQ94D0pNsU5ZL/efXCWKEfQTWU
Kp0fh+4P3ipLlZIfVZAHNdBCvB/rXl0/2OzEcwLkAr3/
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:37:56 2025 by rpki-client