Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: TaKExPCtsJBxyn5hCvX28Hhq2KMSS2M02AEGs9augxQ=
Subject key identifier: 7F:FD:3D:30:C1:B5:15:1B:46:8A:72:4E:8F:65:7A:B3:40:78:BB:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 664515D5FEC74FDB95E5FEEBA413C449752005ED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Mon 29 Sep 2025 15:40:10 +0000
ROA not before: Mon 29 Sep 2025 15:40:10 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:45:15:d5:fe:c7:4f:db:95:e5:fe:eb:a4:13:c4:49:75:20:05:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:10 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=a23528a85727eac741ece431f0b1fa20bf6d9fc25b7c9c762065f915e57b81e9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:59:63:ee:12:6e:42:21:f4:cd:7e:a2:cf:ee:
4c:ed:a0:b5:15:69:5c:a5:d3:2c:9f:e6:22:48:df:
a4:3d:66:25:13:e3:fd:0c:72:53:eb:ee:4f:3c:81:
b8:32:e9:c2:0e:13:2e:b8:11:75:e1:75:b4:70:e2:
89:c7:52:6b:d1:1a:a3:1f:18:da:f6:a3:00:e1:bc:
31:76:c9:21:a0:03:bf:a0:ae:2d:54:b9:4f:54:c3:
26:52:bc:ac:8b:cd:c0:1c:c9:30:45:8a:56:25:84:
f4:37:13:84:bd:f5:7d:1f:c0:54:d5:60:64:0d:19:
04:6e:53:3c:8c:69:10:a0:88:42:30:7f:bd:38:4c:
84:20:5d:22:86:66:68:1a:65:05:a4:4a:92:9c:ea:
8f:ff:a9:99:44:57:c0:fe:af:df:f2:04:ed:60:f6:
82:00:a8:20:c2:a3:f8:ae:59:80:76:b1:62:31:f4:
6f:cf:01:65:90:7f:a7:c2:66:db:69:e4:b5:b5:aa:
de:c7:e4:58:ed:8d:3d:2d:f4:46:99:ef:4f:89:25:
3f:95:1b:24:75:2f:58:aa:c9:88:5f:36:d3:71:54:
e7:07:84:db:3b:16:48:67:1f:53:d7:4d:19:03:d4:
32:7b:f0:13:95:e7:62:7a:01:41:e4:4c:a0:20:ac:
84:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:FD:3D:30:C1:B5:15:1B:46:8A:72:4E:8F:65:7A:B3:40:78:BB:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
95:b6:be:2f:be:13:91:d9:bf:36:77:8f:3e:d0:da:27:98:5a:
89:11:f3:c9:6e:f1:05:80:21:d0:c7:05:52:25:05:b7:01:fb:
17:be:0a:da:25:13:6c:09:93:10:18:1b:c8:ed:7c:4f:00:d8:
05:56:a5:03:4f:70:4e:7f:03:be:45:51:cd:a7:a1:a2:49:82:
4f:43:9e:21:36:e2:4e:bd:c1:7f:63:92:5f:8f:58:3c:a4:87:
c5:26:9a:f0:6c:62:59:87:f1:59:d0:fd:35:0a:3e:c9:e5:54:
b1:37:1a:b2:1a:1a:0d:cf:12:28:5a:8d:5a:00:e5:99:3e:58:
c4:bb:e2:f4:4e:94:8c:9a:10:50:95:c3:3c:3e:b0:ab:54:1f:
c1:cf:c7:43:9a:df:26:3c:98:c4:6c:c7:0f:42:b7:04:89:cc:
7a:86:f3:25:71:34:88:8f:ff:4c:07:17:10:78:f5:49:08:6b:
94:a3:91:90:6d:78:9d:a3:f6:fc:43:bd:9a:df:df:49:35:9f:
86:23:1c:a7:a4:9b:18:60:97:9e:5b:ef:7f:d2:81:84:96:94:
17:bf:4a:b4:6b:eb:44:78:1c:8c:b7:04:2e:9b:7d:18:86:07:
7e:f4:88:ad:05:03:24:0a:52:af:1f:d3:89:37:03:ea:0f:32:
ef:71:27:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZkUV1f7HT9uV5f7rpBPESXUgBe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMTBaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMzUyOGE4NTcyN2VhYzc0MWVjZTQzMWYwYjFmYTIwYmY2ZDlmYzI1Yjdj
OWM3NjIwNjVmOTE1ZTU3YjgxZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOlZY+4SbkIh9M1+os/uTO2gtRVpXKXTLJ/mIkjfpD1mJRPj/QxyU+vuTzyB
uDLpwg4TLrgRdeF1tHDiicdSa9Eaox8Y2vajAOG8MXbJIaADv6CuLVS5T1TDJlK8
rIvNwBzJMEWKViWE9DcThL31fR/AVNVgZA0ZBG5TPIxpEKCIQjB/vThMhCBdIoZm
aBplBaRKkpzqj/+pmURXwP6v3/IE7WD2ggCoIMKj+K5ZgHaxYjH0b88BZZB/p8Jm
22nktbWq3sfkWO2NPS30RpnvT4klP5UbJHUvWKrJiF8203FU5weE2zsWSGcfU9dN
GQPUMnvwE5XnYnoBQeRMoCCshDUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR//T0w
wbUVG0aKck6PZXqzQHi74TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQCVtr4vvhOR2b82d48+0NonmFqJEfPJbvEFgCHQxwVS
JQW3AfsXvgraJRNsCZMQGBvI7XxPANgFVqUDT3BOfwO+RVHNp6GiSYJPQ54hNuJO
vcF/Y5Jfj1g8pIfFJprwbGJZh/FZ0P01Cj7J5VSxNxqyGhoNzxIoWo1aAOWZPljE
u+L0TpSMmhBQlcM8PrCrVB/Bz8dDmt8mPJjEbMcPQrcEicx6hvMlcTSIj/9MBxcQ
ePVJCGuUo5GQbXido/b8Q72a399JNZ+GIxynpJsYYJeeW+9/0oGElpQXv0q0a+tE
eByMtwQum30Yhgd+9IitBQMkClKvH9OJNwPqDzLvcScN
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:53 2025 by rpki-client