Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: oxywCpKVFcqvKXdEprMPWWl7A7rhetdZO9ZG+u7inHE=
Subject key identifier: 3F:60:18:1B:8E:E5:8A:11:36:F7:AC:62:26:21:3E:31:5D:E2:75:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E39659388043409C1C853444A59A400709A2AB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Fri 26 Sep 2025 20:20:04 +0000
ROA not before: Fri 26 Sep 2025 20:20:04 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:39:65:93:88:04:34:09:c1:c8:53:44:4a:59:a4:00:70:9a:2a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:04 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=188e1189e9c04bfe89a397ebe0095178673127aafb552dea8a7e96df2992cfda, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bd:83:b9:d0:57:b7:0f:91:6e:56:e7:4a:ae:
a5:89:a9:63:94:5b:0e:9c:9e:13:ef:65:e5:81:a8:
e4:7a:8a:f9:ec:39:e4:63:f8:ae:30:28:a4:3e:41:
74:ed:45:4a:d9:5d:d7:bd:23:9b:cb:24:3a:de:9f:
14:db:26:f0:65:a3:0e:5e:1f:2c:d3:de:ea:fe:c1:
d3:9a:9a:75:b2:f2:a2:8c:de:16:ec:36:9a:e1:9d:
3a:3c:f8:1f:93:ed:1c:c5:5d:58:7b:80:12:47:1a:
34:12:63:17:69:a9:24:24:83:37:fc:21:f1:03:c6:
1a:c6:ae:2c:1d:c6:b7:a3:3a:8c:9d:07:e9:4c:6a:
20:13:eb:3a:8f:bc:5f:99:93:36:4f:68:f1:d5:20:
0d:3a:89:aa:1c:c3:d4:c8:ea:b5:1e:d5:87:45:a6:
80:f0:f3:1d:3c:57:ae:f5:f0:ec:02:35:a8:5a:62:
2f:f0:32:c5:38:02:e4:cc:8b:6a:93:a8:8c:d8:a2:
35:17:62:89:c9:5f:70:ca:80:cc:66:f8:4d:aa:e4:
be:69:53:53:1f:ff:32:29:36:78:ad:cc:a7:4b:82:
a7:25:ff:1f:d8:09:86:5e:2c:8a:2d:82:82:8e:3f:
49:a3:ca:8a:31:be:d2:d7:d1:27:91:91:bf:fc:40:
64:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:60:18:1B:8E:E5:8A:11:36:F7:AC:62:26:21:3E:31:5D:E2:75:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:60:02:5c:7c:b0:73:ac:ef:18:0a:2d:43:a6:37:0c:1c:8f:
89:d6:e3:f0:59:9d:36:14:ce:09:e2:51:aa:64:6c:e6:52:d9:
63:42:56:6a:7c:f1:30:64:15:f2:7f:bd:cc:02:0a:e5:4c:df:
dd:01:12:e9:e0:a2:30:e2:94:3e:88:c4:5e:f1:8d:86:cb:27:
1f:1f:31:df:d4:be:0e:85:88:ef:89:43:0f:b5:72:51:c1:0a:
32:95:8a:6a:77:3f:18:33:57:51:54:bb:f5:8a:6d:98:03:bb:
f3:28:9f:ab:ad:9d:75:ee:01:43:b0:3b:4d:2b:7d:34:84:23:
5f:af:f4:b7:67:bc:38:25:3f:7e:3a:7a:1c:b6:11:a7:a9:05:
cb:48:0f:8c:94:2f:20:fd:6b:51:73:b6:43:f8:30:12:ef:72:
1c:02:a3:e8:b9:d2:be:62:ea:9b:d5:e4:99:94:44:05:7b:ff:
6b:51:81:c1:be:20:62:1e:3d:d0:89:d0:f8:31:09:f4:d6:58:
67:fc:cd:73:a6:78:bd:fe:b7:bd:35:8d:83:20:ed:84:ce:a5:
4a:7e:8f:4f:34:2a:a1:08:b1:38:2d:66:17:82:61:35:89:65:
d4:16:1a:08:04:e2:26:6c:60:b0:d5:a6:03:36:fe:19:fe:65:
a5:c8:d1:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDjllk4gENAnByFNESlmkAHCaKrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMDRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4OGUxMTg5ZTljMDRiZmU4OWEzOTdlYmUwMDk1MTc4NjczMTI3YWFmYjU1
MmRlYThhN2U5NmRmMjk5MmNmZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMu9g7nQV7cPkW5W50qupYmpY5RbDpyeE+9l5YGo5HqK+ew55GP4rjAopD5B
dO1FStld170jm8skOt6fFNsm8GWjDl4fLNPe6v7B05qadbLyoozeFuw2muGdOjz4
H5PtHMVdWHuAEkcaNBJjF2mpJCSDN/wh8QPGGsauLB3Gt6M6jJ0H6UxqIBPrOo+8
X5mTNk9o8dUgDTqJqhzD1MjqtR7Vh0WmgPDzHTxXrvXw7AI1qFpiL/AyxTgC5MyL
apOojNiiNRdiiclfcMqAzGb4TarkvmlTUx//Mik2eK3Mp0uCpyX/H9gJhl4sii2C
go4/SaPKijG+0tfRJ5GRv/xAZDECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ/YBgb
juWKETb3rGImIT4xXeJ1GDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQC6YAJcfLBzrO8YCi1DpjcMHI+J1uPwWZ02FM4J4lGq
ZGzmUtljQlZqfPEwZBXyf73MAgrlTN/dARLp4KIw4pQ+iMRe8Y2GyycfHzHf1L4O
hYjviUMPtXJRwQoylYpqdz8YM1dRVLv1im2YA7vzKJ+rrZ117gFDsDtNK300hCNf
r/S3Z7w4JT9+OnocthGnqQXLSA+MlC8g/WtRc7ZD+DAS73IcAqPoudK+Yuqb1eSZ
lEQFe/9rUYHBviBiHj3QidD4MQn01lhn/M1zpni9/re9NY2DIO2EzqVKfo9PNCqh
CLE4LWYXgmE1iWXUFhoIBOImbGCw1aYDNv4Z/mWlyNHU
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:15 2025 by rpki-client