Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: NhFTUtFCrN5n4Qufx/5eTRm1V3tkm9r36bUs1dZHusw=
Subject key identifier: 8F:F5:84:1A:50:42:EC:58:7E:FD:05:9C:7C:C9:8E:50:6E:49:A2:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38EC38ABB754A1240FB5F5AB48CF47E5F413BDD1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Fri 26 Sep 2025 20:20:36 +0000
ROA not before: Fri 26 Sep 2025 20:20:36 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:ec:38:ab:b7:54:a1:24:0f:b5:f5:ab:48:cf:47:e5:f4:13:bd:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:36 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=926ded62877acd9f1c93c1892cd393b47ea435153ddf201924c033cac0756823, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a6:ed:79:a7:11:63:ce:c1:4b:90:8b:9b:07:
36:aa:2d:f6:82:94:74:91:7b:75:55:db:ae:da:61:
a7:4e:41:3d:58:16:91:fd:16:3d:8b:e5:9f:1b:1f:
db:b7:57:c1:6b:22:0e:97:78:65:3f:82:80:bc:f8:
c5:d9:1d:92:9e:4e:e7:bf:9a:12:d5:57:96:31:2d:
6a:93:30:9a:72:af:93:4a:fb:ba:ed:8e:3b:72:e6:
cf:4e:16:a9:a2:f0:84:e6:f5:bc:e5:a1:ee:af:39:
0d:df:17:c6:3f:9e:41:15:33:0b:6f:93:53:2d:9d:
e9:29:38:86:39:00:a9:76:7f:32:e4:0c:35:b3:5c:
d1:c2:da:e2:8d:3f:54:2a:c7:22:90:74:db:b8:f9:
2b:10:0c:6c:08:05:7f:d9:1d:a3:64:18:ac:bd:0a:
dc:4c:31:1d:1e:0a:13:4f:e0:e2:a8:31:bf:93:66:
cc:58:25:e4:83:0f:55:a9:cc:c4:f0:88:1a:84:95:
60:06:5c:7f:a5:03:6a:8f:1c:5c:5a:0b:f6:87:25:
8a:f5:dc:bf:fc:5c:a4:ca:2e:1a:a2:24:b4:83:d5:
66:0b:89:ab:a6:f4:bb:68:55:9b:9f:90:c4:d4:26:
1c:99:89:40:35:4a:ac:b9:99:37:5a:9b:4b:c7:99:
cd:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F5:84:1A:50:42:EC:58:7E:FD:05:9C:7C:C9:8E:50:6E:49:A2:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6e:7d:76:57:66:0a:54:ed:ce:ba:28:4f:e4:54:bc:ae:aa:04:
91:ee:9b:7b:03:04:cf:b8:bc:1f:a6:e1:0f:79:d3:5a:57:c9:
05:22:a2:05:e4:61:00:fc:c1:5b:c3:fe:02:2f:e8:98:d8:a6:
2a:de:a3:ef:36:12:aa:ea:42:7d:a9:f4:c6:6f:63:a1:67:49:
aa:a1:86:c6:75:81:76:b1:6b:44:f2:86:77:5c:9a:99:9e:56:
31:d2:0f:87:1d:89:a4:c1:f7:67:9f:34:a7:26:c7:77:86:5e:
20:04:22:e4:f3:7a:6a:19:0f:30:d5:dc:f9:5c:7b:e8:39:51:
9e:da:45:ed:cd:55:b8:88:4e:64:dd:88:25:2e:a0:57:72:9d:
5a:c9:b2:fa:47:cb:76:3a:a7:59:be:cd:d7:bf:14:c8:1b:f3:
87:72:aa:48:11:fd:9a:85:3a:22:cb:25:c2:73:74:ef:a2:7e:
d4:9b:e7:6b:8b:55:31:e9:28:95:cd:56:11:4c:11:6d:1d:dd:
ef:cb:dd:6e:16:48:2b:79:3b:67:64:10:d2:cb:58:28:e6:be:
a9:22:e6:db:a8:25:ec:9d:65:f2:0c:48:3f:8d:45:80:d3:b2:
75:15:35:d6:bd:ca:ab:2d:d7:03:a8:f0:f6:87:aa:cb:de:0c:
82:d1:ae:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOOw4q7dUoSQPtfWrSM9H5fQTvdEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyNmRlZDYyODc3YWNkOWYxYzkzYzE4OTJjZDM5M2I0N2VhNDM1MTUzZGRm
MjAxOTI0YzAzM2NhYzA3NTY4MjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqm7XmnEWPOwUuQi5sHNqot9oKUdJF7dVXbrtphp05BPVgWkf0WPYvlnxsf
27dXwWsiDpd4ZT+CgLz4xdkdkp5O57+aEtVXljEtapMwmnKvk0r7uu2OO3Lmz04W
qaLwhOb1vOWh7q85Dd8Xxj+eQRUzC2+TUy2d6Sk4hjkAqXZ/MuQMNbNc0cLa4o0/
VCrHIpB027j5KxAMbAgFf9kdo2QYrL0K3EwxHR4KE0/g4qgxv5NmzFgl5IMPVanM
xPCIGoSVYAZcf6UDao8cXFoL9oclivXcv/xcpMouGqIktIPVZguJq6b0u2hVm5+Q
xNQmHJmJQDVKrLmZN1qbS8eZzdMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSP9YQa
UELsWH79BZx8yY5QbkmiUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQBufXZXZgpU7c66KE/kVLyuqgSR7pt7AwTPuLwfpuEP
edNaV8kFIqIF5GEA/MFbw/4CL+iY2KYq3qPvNhKq6kJ9qfTGb2OhZ0mqoYbGdYF2
sWtE8oZ3XJqZnlYx0g+HHYmkwfdnnzSnJsd3hl4gBCLk83pqGQ8w1dz5XHvoOVGe
2kXtzVW4iE5k3YglLqBXcp1aybL6R8t2OqdZvs3XvxTIG/OHcqpIEf2ahToiyyXC
c3Tvon7Um+dri1Ux6SiVzVYRTBFtHd3vy91uFkgreTtnZBDSy1go5r6pIubbqCXs
nWXyDEg/jUWA07J1FTXWvcqrLdcDqPD2h6rL3gyC0a6+
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:34:38 2025 by rpki-client