Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
File: 0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa (raw, json)
Hash identifier: vN6N0P530Ua2weYccklb0DlPEA4OwJamiDRLK7ZXqkI=
Subject key identifier: 1E:34:00:43:24:6B:45:60:75:BD:F2:D0:5F:94:2E:92:6D:E8:5E:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 434119B6F5A150974F467277EA67C831513E727A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
Signing time: Fri 26 Sep 2025 20:21:18 +0000
ROA not before: Fri 26 Sep 2025 20:21:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.100.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:41:19:b6:f5:a1:50:97:4f:46:72:77:ea:67:c8:31:51:3e:72:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7538b45c657fe778a9475ef942f3545e36fe3523c623c4d195efcefe8594456d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:85:dc:c4:e3:98:63:70:35:88:dc:93:e8:04:
29:6e:c7:40:9c:61:5a:29:a1:bc:c6:9e:4d:e4:11:
2d:72:15:7e:b7:09:27:f4:98:4c:eb:88:61:fe:9a:
12:7b:f2:99:21:7f:c1:4a:33:2e:a7:09:42:0e:3c:
d3:05:f2:c4:49:b7:7a:8f:75:9a:c2:d8:e9:e6:e0:
ef:f3:81:3d:60:be:a0:71:ff:8b:50:da:bf:a5:c3:
61:65:8c:38:7b:c8:bf:a5:23:61:07:92:d7:0f:a3:
50:0a:30:bf:a8:7f:de:c3:c4:48:43:a0:b8:4d:31:
fc:6d:1a:e9:7e:59:a2:c2:d4:09:e0:13:d3:78:68:
c6:f9:52:b6:52:1c:7f:1a:99:67:a5:97:24:3c:ce:
a5:73:c4:ac:99:a4:7a:8f:d7:90:fc:a5:5a:f9:c6:
f4:73:04:fb:79:2c:88:b7:2c:2b:c7:44:6d:21:42:
09:16:6d:b9:4f:a7:81:dc:c7:e3:e0:1b:cc:7d:ce:
8a:3b:99:09:63:23:d9:7e:29:0f:ee:7d:87:fd:8a:
74:aa:3b:1a:d5:33:53:a8:04:9c:67:4d:a5:8f:de:
94:43:21:df:78:5b:d8:b2:37:53:ad:0b:6a:42:1c:
36:70:70:6f:63:2f:0d:14:41:79:af:ef:cb:23:9e:
62:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:34:00:43:24:6B:45:60:75:BD:F2:D0:5F:94:2E:92:6D:E8:5E:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0bfa25dd-319f-4f2d-b786-8ab19d58e811.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.100.0.0/15
Signature Algorithm: sha256WithRSAEncryption
68:b2:76:5d:3f:18:ad:41:0c:2f:25:fc:5d:23:0d:5e:61:ca:
35:fe:33:98:43:8c:5a:1a:64:0d:41:b6:69:40:7d:c7:83:b0:
c6:41:37:fd:97:9a:34:1b:12:ef:80:d8:54:74:0d:00:d3:fc:
3e:4f:88:28:28:a5:86:47:05:64:d9:b2:c8:d3:f6:6d:eb:9b:
ad:12:e5:ec:f0:69:10:48:d8:ff:8b:b1:43:c7:f0:d1:48:e3:
42:18:02:c3:49:c2:28:48:3d:e7:30:fa:16:7e:7a:a1:ad:89:
82:31:f7:a4:5f:7c:5e:ad:43:0a:b7:cb:35:43:d9:56:82:ba:
82:0e:7d:0a:68:b0:23:35:af:13:28:b5:08:d8:c9:28:9f:60:
1d:24:07:04:3c:4a:68:33:b9:e7:b6:83:bf:46:f6:d3:49:85:
3e:64:2b:4d:6b:58:44:71:f6:71:bb:20:2e:72:9b:44:6f:3f:
de:50:88:c7:f4:e3:0d:b4:10:48:bf:ec:97:10:e8:98:5b:e5:
2d:d9:66:65:ca:ae:93:44:1e:fe:99:3e:73:cc:57:6e:13:bf:
da:81:32:47:27:4d:15:b5:43:ea:23:1a:2a:98:73:56:23:3e:
49:87:2e:59:aa:d8:c9:50:29:fc:f1:68:36:73:c1:2d:21:db:
fe:70:19:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ0EZtvWhUJdPRnJ36mfIMVE+cnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc1MzhiNDVjNjU3ZmU3NzhhOTQ3NWVmOTQyZjM1NDVlMzZmZTM1MjNjNjIz
YzRkMTk1ZWZjZWZlODU5NDQ1NmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM+F3MTjmGNwNYjck+gEKW7HQJxhWimhvMaeTeQRLXIVfrcJJ/SYTOuIYf6a
EnvymSF/wUozLqcJQg480wXyxEm3eo91msLY6ebg7/OBPWC+oHH/i1Dav6XDYWWM
OHvIv6UjYQeS1w+jUAowv6h/3sPESEOguE0x/G0a6X5ZosLUCeAT03hoxvlStlIc
fxqZZ6WXJDzOpXPErJmkeo/XkPylWvnG9HME+3ksiLcsK8dEbSFCCRZtuU+ngdzH
4+AbzH3OijuZCWMj2X4pD+59h/2KdKo7GtUzU6gEnGdNpY/elEMh33hb2LI3U60L
akIcNnBwb2MvDRRBea/vyyOeYlsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQeNABD
JGtFYHW98tBflC6SbehezjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGJmYTI1ZGQtMzE5Zi00ZjJkLWI3ODYtOGFiMTlkNThlODExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNkMA0G
CSqGSIb3DQEBCwUAA4IBAQBosnZdPxitQQwvJfxdIw1eYco1/jOYQ4xaGmQNQbZp
QH3Hg7DGQTf9l5o0GxLvgNhUdA0A0/w+T4goKKWGRwVk2bLI0/Zt65utEuXs8GkQ
SNj/i7FDx/DRSONCGALDScIoSD3nMPoWfnqhrYmCMfekX3xerUMKt8s1Q9lWgrqC
Dn0KaLAjNa8TKLUI2Mkon2AdJAcEPEpoM7nntoO/RvbTSYU+ZCtNa1hEcfZxuyAu
cptEbz/eUIjH9OMNtBBIv+yXEOiYW+Ut2WZlyq6TRB7+mT5zzFduE7/agTJHJ00V
tUPqIxoqmHNWIz5Jhy5ZqtjJUCn88Wg2c8EtIdv+cBl1
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:01:12 2025 by rpki-client