Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: 19LF4PepIL51Ucbb3TdY9LpNMcTdXcA9ST4MOdHmWRA=
Subject key identifier: E5:57:4E:07:78:5F:0F:48:DE:2A:F9:7F:62:68:66:D9:8D:76:84:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 030FA2490B17AB714668BECC84959284F871F74D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Fri 26 Sep 2025 20:20:42 +0000
ROA not before: Fri 26 Sep 2025 20:20:42 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:0f:a2:49:0b:17:ab:71:46:68:be:cc:84:95:92:84:f8:71:f7:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:42 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1d6e728fd78c29e999613a5b958d2d1b3a4065a913838d8950f9152364afa44b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:4b:6d:0b:64:f0:91:8f:ee:19:6d:ef:fb:
1d:5d:25:69:d0:c9:43:1b:60:2e:5e:c0:5a:4c:79:
13:e6:9c:a4:44:93:c7:79:0a:8a:08:b4:2d:44:d0:
bb:eb:68:11:34:2d:68:b5:83:aa:e9:f9:74:c5:36:
a9:f6:85:b9:21:e6:19:ca:d2:36:01:bf:d4:2e:f3:
d4:ee:fe:53:75:01:48:08:ec:74:6b:60:5c:e8:79:
58:c6:da:b8:28:66:7c:c5:0a:a4:76:b5:ce:e8:bb:
f3:6d:22:bd:20:35:40:3a:0c:dc:b0:52:ef:58:8f:
57:e6:5f:19:13:27:5e:fa:89:58:da:0d:98:0c:c6:
64:7a:be:32:a4:4d:33:7b:1e:a4:f5:2e:73:35:e7:
a2:10:6a:a8:ce:53:29:af:89:e1:38:b2:69:07:da:
9c:4a:13:73:68:4d:9e:7f:42:ad:ed:87:1e:2e:67:
6a:ca:35:e4:e2:3c:71:57:d2:f8:12:18:78:b4:4a:
c0:5a:ef:25:8b:6d:b9:1b:24:e7:73:8a:6e:5a:2c:
0a:d2:37:86:03:52:91:ab:15:7c:ab:a7:84:7d:55:
30:4e:c3:d2:ce:85:51:1f:81:db:a8:ea:e4:87:89:
41:75:f4:c4:15:c0:3d:17:6d:bb:c8:60:0a:9c:61:
4a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:57:4E:07:78:5F:0F:48:DE:2A:F9:7F:62:68:66:D9:8D:76:84:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:8f:f2:89:f4:ed:0e:6d:96:3f:6b:bc:3b:ab:6e:6d:8d:ba:
1d:7c:79:bd:bb:1f:d3:18:f8:ca:7d:e9:6d:d1:20:ab:83:cb:
b8:65:c3:b5:c6:4e:e2:16:74:c1:14:06:29:21:7b:33:b4:41:
6a:fa:be:8c:fc:bf:0c:4f:f4:42:25:28:f4:91:60:2e:18:26:
90:c1:ec:5a:3a:b7:d5:2a:9e:b9:04:a6:da:d0:b0:74:28:3a:
48:fa:20:be:17:43:db:ce:99:b6:0f:bc:e0:ae:54:d3:44:7f:
d9:22:07:46:35:89:e0:c2:5f:8b:01:5c:71:74:c0:08:fb:fa:
31:68:79:b3:96:0c:6d:0f:4e:ff:2d:85:d7:22:62:a1:6d:e3:
9c:f6:3d:7a:51:4b:51:d7:44:36:7b:24:e4:ab:62:8b:2d:76:
4b:4f:68:f3:a5:0e:e0:62:9a:5f:0c:33:88:1f:59:a6:08:90:
3f:a0:36:d7:5e:82:7d:c1:c8:96:7d:73:db:22:ca:2b:77:fb:
06:10:2b:ed:db:bf:6d:b4:18:59:99:d5:d5:96:49:b7:9a:13:
4e:f0:68:d1:18:47:1b:51:44:f9:bb:78:92:16:46:dd:9b:ed:
53:24:53:39:0c:02:37:3c:b7:72:f3:87:47:d6:91:a7:7e:07:
ef:31:da:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAw+iSQsXq3FGaL7MhJWShPhx900wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkNmU3MjhmZDc4YzI5ZTk5OTYxM2E1Yjk1OGQyZDFiM2E0MDY1YTkxMzgz
OGQ4OTUwZjkxNTIzNjRhZmE0NGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeWS20LZPCRj+4Zbe/7HV0ladDJQxtgLl7AWkx5E+acpESTx3kKigi0LUTQ
u+toETQtaLWDqun5dMU2qfaFuSHmGcrSNgG/1C7z1O7+U3UBSAjsdGtgXOh5WMba
uChmfMUKpHa1zui7820ivSA1QDoM3LBS71iPV+ZfGRMnXvqJWNoNmAzGZHq+MqRN
M3sepPUuczXnohBqqM5TKa+J4TiyaQfanEoTc2hNnn9Cre2HHi5naso15OI8cVfS
+BIYeLRKwFrvJYttuRsk53OKblosCtI3hgNSkasVfKunhH1VME7D0s6FUR+B26jq
5IeJQXX0xBXAPRdtu8hgCpxhSlUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTlV04H
eF8PSN4q+X9iaGbZjXaEOTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQDOj/KJ9O0ObZY/a7w7q25tjbodfHm9ux/TGPjKfelt
0SCrg8u4ZcO1xk7iFnTBFAYpIXsztEFq+r6M/L8MT/RCJSj0kWAuGCaQwexaOrfV
Kp65BKba0LB0KDpI+iC+F0Pbzpm2D7zgrlTTRH/ZIgdGNYngwl+LAVxxdMAI+/ox
aHmzlgxtD07/LYXXImKhbeOc9j16UUtR10Q2eyTkq2KLLXZLT2jzpQ7gYppfDDOI
H1mmCJA/oDbXXoJ9wciWfXPbIsord/sGECvt279ttBhZmdXVlkm3mhNO8GjRGEcb
UUT5u3iSFkbdm+1TJFM5DAI3PLdy84dH1pGnfgfvMdpj
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:30 2025 by rpki-client