Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
File: 1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa (raw, json)
Hash identifier: qDp1YHmqaDM/gjEwErAhYVEmMMjcAdvtBNqvw6xXocI=
Subject key identifier: F8:55:9B:1C:9F:CF:08:9A:FE:7D:A1:DA:36:D3:30:DD:E1:07:5E:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 714DE3E9B80FE803775764F8FF696E3DC626F67B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
Signing time: Fri 26 Sep 2025 20:20:09 +0000
ROA not before: Fri 26 Sep 2025 20:20:09 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:4d:e3:e9:b8:0f:e8:03:77:57:64:f8:ff:69:6e:3d:c6:26:f6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:09 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ef34db754e7b0110e058572022e8c1b31e28345ebb7e0b6f4ebbdcb1e007866d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:50:09:d2:1d:dc:f0:44:90:a6:25:b6:c5:a9:
69:9a:a0:24:3c:28:c6:14:3d:6b:cf:37:f7:5a:53:
67:e9:b2:a5:0c:18:c1:70:55:a2:db:1f:4a:8d:47:
65:5c:25:6d:6a:d9:cc:d9:e7:d5:54:70:24:b2:83:
c6:ad:14:d4:d9:bf:b6:2b:f5:6b:b2:ca:50:5c:9d:
83:98:79:47:2c:1d:da:94:ef:58:aa:c1:f9:8d:f4:
25:98:43:ef:c7:88:85:92:a1:ab:fc:79:fd:02:99:
e1:e5:9b:f8:88:6c:11:6d:cd:e6:ce:20:87:3e:59:
4c:64:11:79:6a:58:0f:8f:7d:60:28:04:79:33:0c:
69:35:b5:28:62:1e:05:de:7a:db:0b:31:e0:73:67:
48:b4:29:24:76:13:42:87:e7:1b:8f:81:4a:df:b2:
50:d7:e7:64:79:22:34:a3:5f:ea:d6:f0:79:1c:f2:
06:45:11:fc:7e:7a:48:c2:54:e0:6c:59:53:4b:5d:
c7:b4:aa:61:f4:16:4e:bf:09:16:62:91:8e:a5:fa:
7e:6b:b6:7f:d0:b8:a1:4c:41:b3:e5:a7:15:cf:4d:
02:a1:2a:45:96:94:f4:0f:1b:9e:16:3e:db:2b:a3:
bc:34:50:6d:68:0e:a5:c2:a7:7e:94:04:08:5c:a5:
97:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:55:9B:1C:9F:CF:08:9A:FE:7D:A1:DA:36:D3:30:DD:E1:07:5E:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1b39e9a7-4f3d-4cfc-975f-d9eaceed0ed2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:b4:54:e8:19:16:41:9f:91:3c:47:6c:94:05:29:5f:50:73:
d9:ca:52:8a:68:20:a4:1f:d2:e5:7a:5a:98:b6:7a:e2:0f:34:
6f:31:49:6a:24:13:fe:9d:8c:86:ca:64:ad:16:b5:26:e3:ad:
52:ad:f6:a4:44:1c:5b:5b:f5:53:96:c7:a7:96:3a:41:2d:c8:
1e:e3:46:83:ca:6c:86:2a:ac:64:cd:97:b5:80:eb:a8:12:cc:
7f:88:23:c3:d7:a9:12:5c:25:0b:96:e3:6c:f2:d1:81:2b:75:
9d:ec:d1:29:5c:a7:21:b0:bd:3e:f5:bb:b4:e2:d6:9f:39:18:
6d:df:ed:22:5a:39:b6:5b:05:84:3f:70:97:19:12:ae:5d:0b:
53:a9:81:54:72:d3:b8:00:a0:e2:22:af:49:0f:48:98:46:5d:
21:45:5f:f5:fb:4c:5d:54:37:d0:3e:f7:13:89:c7:02:b6:a9:
74:b6:60:57:08:b4:bc:a0:b6:a3:fa:8f:44:90:a9:e8:8c:3b:
e6:7c:5b:13:6b:88:44:cb:95:b2:d3:0a:5f:ec:02:f8:ad:d1:
36:ac:78:d9:d9:53:bc:4b:eb:14:ed:b4:50:b0:15:76:9d:90:
61:40:60:26:03:a1:dc:7e:39:7c:43:7b:50:41:19:a4:73:6d:
8c:cd:c1:89
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcU3j6bgP6AN3V2T4/2luPcYm9nswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmMzRkYjc1NGU3YjAxMTBlMDU4NTcyMDIyZThjMWIzMWUyODM0NWViYjdl
MGI2ZjRlYmJkY2IxZTAwNzg2NmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1QCdId3PBEkKYltsWpaZqgJDwoxhQ9a88391pTZ+mypQwYwXBVotsfSo1H
ZVwlbWrZzNnn1VRwJLKDxq0U1Nm/tiv1a7LKUFydg5h5Rywd2pTvWKrB+Y30JZhD
78eIhZKhq/x5/QKZ4eWb+IhsEW3N5s4ghz5ZTGQReWpYD499YCgEeTMMaTW1KGIe
Bd562wsx4HNnSLQpJHYTQofnG4+BSt+yUNfnZHkiNKNf6tbweRzyBkUR/H56SMJU
4GxZU0tdx7SqYfQWTr8JFmKRjqX6fmu2f9C4oUxBs+WnFc9NAqEqRZaU9A8bnhY+
2yujvDRQbWgOpcKnfpQECFyll20CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT4VZsc
n88Imv59odo20zDd4Qde3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWIzOWU5YTctNGYzZC00Y2ZjLTk3NWYtZDllYWNlZWQwZWQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQBotFToGRZBn5E8R2yUBSlfUHPZylKKaCCkH9LlelqY
tnriDzRvMUlqJBP+nYyGymStFrUm461SrfakRBxbW/VTlsenljpBLcge40aDymyG
KqxkzZe1gOuoEsx/iCPD16kSXCULluNs8tGBK3Wd7NEpXKchsL0+9bu04tafORht
3+0iWjm2WwWEP3CXGRKuXQtTqYFUctO4AKDiIq9JD0iYRl0hRV/1+0xdVDfQPvcT
iccCtql0tmBXCLS8oLaj+o9EkKnojDvmfFsTa4hEy5Wy0wpf7AL4rdE2rHjZ2VO8
S+sU7bRQsBV2nZBhQGAmA6Hcfjl8Q3tQQRmkc22MzcGJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:57 2025 by rpki-client