Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
File: 123b20eb-4142-4c18-96e0-d1871de66fd3.roa (raw, json)
Hash identifier: cbS853jJu6zS8FhDIE3+BUsYqkNF5f772h1yITOxqTE=
Subject key identifier: 66:45:7F:42:1A:71:CE:91:EA:B1:52:A4:B6:74:D3:94:BC:5E:40:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5FD8DF7500078D3C6C3130CC5113A0B96018D28E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
Signing time: Fri 26 Sep 2025 20:20:44 +0000
ROA not before: Fri 26 Sep 2025 20:20:44 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:d8:df:75:00:07:8d:3c:6c:31:30:cc:51:13:a0:b9:60:18:d2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:44 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a9ddf6bbf0683ae66776ef6e347e2f22b5d17bc4c7f87e3c9b4419cb34a4cef0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:01:37:7a:50:b0:9d:15:f4:a5:b3:a8:15:42:
bc:1f:64:25:8d:7d:13:2f:63:d5:ca:08:3d:3c:f0:
0e:11:b1:47:37:95:9c:97:2d:e0:90:2d:e2:cd:21:
d3:b9:12:28:5c:88:0e:a3:e3:d6:e1:4b:be:87:04:
dc:e4:e6:3e:ea:33:91:77:68:a0:89:df:1c:7a:dc:
87:4f:49:14:d1:1c:4a:e2:65:74:55:6d:9d:52:45:
34:ba:f3:b8:5e:5d:4c:ce:c3:83:7c:d1:67:e6:1f:
58:b8:4d:ae:a6:3e:da:49:01:a3:b2:ea:ac:de:de:
44:95:0b:53:3d:e9:6d:c4:33:bd:9c:a2:51:70:96:
06:39:f3:5f:cc:1d:5b:25:2a:ec:09:ba:d0:bf:29:
bd:9e:eb:2d:ab:b3:71:75:8c:4a:18:63:d4:47:42:
92:b9:e1:d5:a4:58:64:20:74:41:21:0b:56:5d:d5:
c9:46:d0:a0:c5:b1:d7:cc:95:b8:54:aa:4a:a0:61:
21:cb:d2:7d:85:c4:3f:08:d5:49:f3:69:ee:25:4b:
23:cf:0b:4d:9f:81:9d:9a:78:49:c1:0b:bb:69:80:
87:94:1e:4b:13:45:a8:fd:fc:9a:22:fb:6a:78:6c:
d1:eb:cf:f6:71:d1:f9:e5:ea:a1:cd:9f:e4:2f:3b:
7b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:45:7F:42:1A:71:CE:91:EA:B1:52:A4:B6:74:D3:94:BC:5E:40:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/123b20eb-4142-4c18-96e0-d1871de66fd3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
64:ab:92:b6:7f:21:c8:0a:0a:b7:08:c6:bc:e8:76:12:ee:77:
40:3e:22:0f:98:4d:8e:81:35:01:f7:b2:9c:fb:75:6b:1d:74:
67:ac:db:1a:b1:bb:22:03:d1:ba:d4:74:b2:cf:8c:94:3b:90:
a8:5a:45:5c:55:9b:74:9b:74:d2:31:fe:d0:41:d1:36:b3:b7:
7e:39:04:fc:57:ae:15:ca:19:8f:12:88:7c:e5:77:f5:6f:86:
14:57:de:ef:f4:fe:d3:35:ca:8a:6f:47:b9:90:25:ba:04:66:
2f:30:f7:6d:e8:c4:cc:98:a3:06:e0:5a:a5:88:2c:bb:f2:b3:
b3:f6:57:dc:a3:8c:2c:27:40:dd:86:85:0d:f4:3b:a6:0a:89:
e3:a2:2f:54:ca:5d:96:67:2a:db:b0:8f:b4:c7:13:18:20:65:
51:f0:18:b5:28:9b:99:1a:a0:c0:b8:5b:ef:ec:cf:27:ec:36:
0f:03:ca:70:da:60:9c:20:ff:94:49:30:0f:d6:dc:d7:2e:fb:
2a:38:ea:23:17:09:01:6c:3f:69:34:67:15:ab:67:44:3e:f9:
36:5f:77:60:36:60:84:3f:86:3f:06:2a:5c:0b:d4:2a:c0:07:
b2:47:40:96:64:a3:07:3f:8e:4a:b8:66:28:76:04:20:9a:5c:
c2:28:5a:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX9jfdQAHjTxsMTDMUROguWAY0o4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5ZGRmNmJiZjA2ODNhZTY2Nzc2ZWY2ZTM0N2UyZjIyYjVkMTdiYzRjN2Y4
N2UzYzliNDQxOWNiMzRhNGNlZjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcBN3pQsJ0V9KWzqBVCvB9kJY19Ey9j1coIPTzwDhGxRzeVnJct4JAt4s0h
07kSKFyIDqPj1uFLvocE3OTmPuozkXdooInfHHrch09JFNEcSuJldFVtnVJFNLrz
uF5dTM7Dg3zRZ+YfWLhNrqY+2kkBo7LqrN7eRJULUz3pbcQzvZyiUXCWBjnzX8wd
WyUq7Am60L8pvZ7rLauzcXWMShhj1EdCkrnh1aRYZCB0QSELVl3VyUbQoMWx18yV
uFSqSqBhIcvSfYXEPwjVSfNp7iVLI88LTZ+BnZp4ScELu2mAh5QeSxNFqP38miL7
anhs0evP9nHR+eXqoc2f5C87e3cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmRX9C
GnHOkeqxUqS2dNOUvF5ACzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIzYjIwZWItNDE0Mi00YzE4LTk2ZTAtZDE4NzFkZTY2ZmQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQBkq5K2fyHICgq3CMa86HYS7ndAPiIPmE2OgTUB97Kc
+3VrHXRnrNsasbsiA9G61HSyz4yUO5CoWkVcVZt0m3TSMf7QQdE2s7d+OQT8V64V
yhmPEoh85Xf1b4YUV97v9P7TNcqKb0e5kCW6BGYvMPdt6MTMmKMG4FqliCy78rOz
9lfco4wsJ0DdhoUN9DumConjoi9Uyl2WZyrbsI+0xxMYIGVR8Bi1KJuZGqDAuFvv
7M8n7DYPA8pw2mCcIP+USTAP1tzXLvsqOOojFwkBbD9pNGcVq2dEPvk2X3dgNmCE
P4Y/BipcC9QqwAeyR0CWZKMHP45KuGYodgQgmlzCKFqD
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:57:32 2025 by rpki-client