Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
File: 277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa (raw, json)
Hash identifier: 2WyXRputhrUp1Zuz0y6+9Y5Ue1V3N4hx/9vVvjI35JM=
Subject key identifier: A9:79:AF:35:C0:45:0F:3A:D3:DA:09:01:4A:03:6C:D3:81:40:11:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 681830725AFCF9484643F1086B68BEBE652A6EC7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
Signing time: Mon 13 Oct 2025 18:00:06 +0000
ROA not before: Mon 13 Oct 2025 18:00:06 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:18:30:72:5a:fc:f9:48:46:43:f1:08:6b:68:be:be:65:2a:6e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 13 18:00:06 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=270263560d4208b86ea6b97b6e9af602465b130fb07994a1bb05230d6037210a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:64:f0:8b:16:5f:96:90:5b:29:27:69:aa:5a:
43:48:5b:bc:6c:72:59:7b:bb:82:4b:d1:64:4f:ce:
ac:86:97:b2:72:a2:7b:b4:ea:94:5f:3f:e4:79:67:
e6:77:bb:f8:00:ef:83:7f:81:ba:d0:58:f1:20:f1:
33:9a:06:d6:d2:45:ea:a2:98:a5:d2:eb:cd:67:b8:
44:fa:ea:d2:01:c9:c8:26:81:27:6e:01:20:2f:4f:
5a:79:87:61:9e:8e:04:ea:74:b7:37:bf:58:9b:da:
f7:da:f9:f7:31:bd:51:37:25:1c:4d:c6:73:b6:37:
23:4b:34:94:c9:f2:55:27:c9:9a:ea:98:ab:36:15:
3e:7b:b2:7c:10:7f:38:b4:8c:3b:11:48:ed:02:0c:
80:0c:7a:34:6d:23:18:c9:10:57:45:8b:37:d1:ca:
41:a3:71:e8:94:29:07:b0:f1:b6:42:8c:b8:da:1f:
b2:ff:f2:4f:0d:1b:c6:cf:ab:ee:a1:cb:1e:f3:bb:
b7:be:7b:fa:a4:02:7b:67:c0:5d:c5:dd:96:f5:ce:
2d:a8:5e:32:08:c0:41:19:5f:c4:31:34:b5:47:d6:
f1:96:d4:d9:cf:64:77:0d:c1:48:4c:76:9d:cf:7a:
fc:5f:a8:39:72:35:0f:f7:96:00:45:81:b3:bd:e4:
bd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:79:AF:35:C0:45:0F:3A:D3:DA:09:01:4A:03:6C:D3:81:40:11:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/277d74fd-3101-4a9b-8f2a-9bfd9dc55230.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:d1:06:22:9e:96:f2:5f:a4:d9:84:2c:37:61:01:df:ae:c4:
61:3a:b7:bd:07:33:69:92:84:69:5d:b3:30:44:b7:f6:60:e6:
cb:26:8a:b3:ba:68:ff:94:50:15:cb:3a:75:5f:af:56:f7:c2:
b7:c8:5e:e4:86:47:f1:23:c3:4c:75:e4:19:2e:18:a9:9f:66:
cc:06:04:87:07:bf:21:17:51:e7:8d:3e:c1:6a:75:bd:32:4e:
d1:2b:0b:60:8d:ea:25:11:c7:1e:07:23:54:de:f8:37:3d:ec:
65:56:47:9b:53:2d:9b:41:04:52:e8:0b:1f:b4:ee:ca:70:31:
be:fc:f7:77:d7:c6:6d:28:a6:34:50:48:09:55:cd:95:e8:c7:
94:ec:c6:5d:b9:de:86:19:0e:fc:d4:66:a1:bc:97:7f:96:70:
62:7d:04:01:30:4f:b6:fb:72:cd:e5:2a:91:45:47:b1:98:b1:
8c:fa:0a:24:01:98:46:66:74:c7:69:47:be:80:9b:37:40:14:
54:43:b1:25:aa:e6:50:38:2f:62:d4:fe:96:6d:4a:63:83:ff:
8a:ff:5d:47:c8:f6:f0:99:ba:87:a5:c9:53:41:c9:aa:a7:46:
04:1e:b8:20:e8:88:75:0c:b8:d2:60:d4:8b:7d:93:50:a8:95:
84:ef:42:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaBgwclr8+UhGQ/EIa2i+vmUqbscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTMxODAwMDZaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MDI2MzU2MGQ0MjA4Yjg2ZWE2Yjk3YjZlOWFmNjAyNDY1YjEzMGZiMDc5
OTRhMWJiMDUyMzBkNjAzNzIxMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANBk8IsWX5aQWyknaapaQ0hbvGxyWXu7gkvRZE/OrIaXsnKie7TqlF8/5Hln
5ne7+ADvg3+ButBY8SDxM5oG1tJF6qKYpdLrzWe4RPrq0gHJyCaBJ24BIC9PWnmH
YZ6OBOp0tze/WJva99r59zG9UTclHE3Gc7Y3I0s0lMnyVSfJmuqYqzYVPnuyfBB/
OLSMOxFI7QIMgAx6NG0jGMkQV0WLN9HKQaNx6JQpB7DxtkKMuNofsv/yTw0bxs+r
7qHLHvO7t757+qQCe2fAXcXdlvXOLaheMgjAQRlfxDE0tUfW8ZbU2c9kdw3BSEx2
nc96/F+oOXI1D/eWAEWBs73kvUsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpea81
wEUPOtPaCQFKA2zTgUARTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc3ZDc0ZmQtMzEwMS00YTliLThmMmEtOWJmZDlkYzU1MjMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN2MA0G
CSqGSIb3DQEBCwUAA4IBAQDK0QYinpbyX6TZhCw3YQHfrsRhOre9BzNpkoRpXbMw
RLf2YObLJoqzumj/lFAVyzp1X69W98K3yF7khkfxI8NMdeQZLhipn2bMBgSHB78h
F1HnjT7BanW9Mk7RKwtgjeolEcceByNU3vg3PexlVkebUy2bQQRS6AsftO7KcDG+
/Pd318ZtKKY0UEgJVc2V6MeU7MZdud6GGQ781GahvJd/lnBifQQBME+2+3LN5SqR
RUexmLGM+gokAZhGZnTHaUe+gJs3QBRUQ7ElquZQOC9i1P6WbUpjg/+K/11HyPbw
mbqHpclTQcmqp0YEHrgg6Ih1DLjSYNSLfZNQqJWE70KY
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:04:56 2025 by rpki-client