Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
File: 2ce9a789-9599-4c9d-a093-ead3033f60d1.roa (raw, json)
Hash identifier: TwrH9oOD2n4S3s9b0VjuoLxWIy2O+tw3b2yX0Sw7Xl4=
Subject key identifier: A2:B4:0A:3F:B4:EC:72:42:35:0E:AE:83:87:85:55:74:06:D8:DB:8E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 369DD63E459DFE26CFCA64783D5375969C5C526D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
Signing time: Fri 26 Sep 2025 20:39:46 +0000
ROA not before: Fri 26 Sep 2025 20:39:46 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:9d:d6:3e:45:9d:fe:26:cf:ca:64:78:3d:53:75:96:9c:5c:52:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:46 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7efd1de6cbcb6a39ec5c72b4d045cb50c2b6d86820a97a9139f5ef6e5acee34c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6c:2d:ad:4a:8e:12:b9:5c:72:98:29:f6:9a:
23:b9:5e:39:98:2e:73:b3:cf:d6:04:07:af:07:49:
f2:dc:14:7f:43:fd:f7:75:4f:86:a8:e2:1b:8e:05:
25:22:9f:cc:de:79:92:dd:93:dd:1a:63:4d:14:55:
08:b1:19:d1:3b:9e:47:08:b2:bc:eb:73:aa:3f:45:
68:9b:a8:65:fa:70:e7:76:88:41:80:3c:74:57:fc:
b1:fe:29:99:d9:df:60:06:36:36:2a:5e:c0:63:68:
f6:f2:36:09:42:a6:e7:e9:c4:57:e4:96:7a:14:87:
3e:59:15:66:7c:a4:58:e9:03:da:56:d5:b3:30:ca:
34:d2:e4:61:9e:05:02:3e:7f:12:44:59:7d:67:a8:
bb:3e:70:2e:0a:87:75:69:5f:77:8c:f2:c5:1a:79:
f6:92:3b:2a:11:c2:a1:4b:ca:a0:b0:26:35:82:34:
20:c8:cd:c9:25:c0:1b:57:10:93:03:e6:47:37:94:
22:bf:e1:db:e8:da:e1:c1:d0:6d:6b:9b:84:87:7c:
4a:01:52:9a:94:c4:e2:70:a2:f7:0c:0e:3d:17:a3:
47:73:f6:0c:56:4b:62:b0:de:71:7d:f0:02:f8:22:
65:fb:03:38:71:0c:46:37:73:3f:51:c8:2d:5b:4c:
d4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:B4:0A:3F:B4:EC:72:42:35:0E:AE:83:87:85:55:74:06:D8:DB:8E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2ce9a789-9599-4c9d-a093-ead3033f60d1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cf:cc:0e:94:44:70:ea:50:8f:8d:98:51:fe:a4:a1:41:40:7b:
86:ba:26:77:e4:e3:2d:65:8d:d3:99:fa:5c:44:f5:dd:92:0e:
7d:f0:d6:f3:93:a5:e5:66:19:cc:d8:12:ad:c0:2a:2d:e3:73:
b9:b6:b2:91:2a:19:63:f1:78:6b:4c:ba:47:1f:ce:d9:09:84:
23:a8:79:f9:d3:31:be:03:f8:37:92:29:f1:70:5a:0d:7a:63:
29:4a:e3:94:3f:49:0d:48:b8:92:c6:b0:5b:a3:50:d8:96:85:
2c:43:c2:ad:ac:3d:03:1c:29:56:7a:fb:73:0b:ad:c7:eb:1a:
37:d5:af:8b:26:09:b5:48:39:a3:d7:57:22:9f:76:14:29:d9:
cd:a9:19:f2:c2:5c:23:ec:c8:b9:21:ae:77:47:48:e1:ab:6d:
62:b3:6b:82:f1:79:3a:43:93:8e:b1:81:1f:01:41:88:49:66:
90:e3:d4:24:d2:a1:32:eb:f1:38:7d:60:ef:0a:8e:ae:c1:10:
7b:dc:6b:68:07:11:40:fc:21:5c:fe:07:e8:a1:1f:ff:b4:99:
a7:31:02:ed:a3:2a:ec:bf:d5:5c:30:22:65:cb:54:78:f3:aa:
c3:41:77:2d:79:13:ea:fd:17:1a:57:3a:91:4f:a9:9a:10:9a:
44:6b:fb:09
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNp3WPkWd/ibPymR4PVN1lpxcUm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZmQxZGU2Y2JjYjZhMzllYzVjNzJiNGQwNDVjYjUwYzJiNmQ4NjgyMGE5
N2E5MTM5ZjVlZjZlNWFjZWUzNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJsLa1KjhK5XHKYKfaaI7leOZguc7PP1gQHrwdJ8twUf0P993VPhqjiG44F
JSKfzN55kt2T3RpjTRRVCLEZ0TueRwiyvOtzqj9FaJuoZfpw53aIQYA8dFf8sf4p
mdnfYAY2NipewGNo9vI2CUKm5+nEV+SWehSHPlkVZnykWOkD2lbVszDKNNLkYZ4F
Aj5/EkRZfWeouz5wLgqHdWlfd4zyxRp59pI7KhHCoUvKoLAmNYI0IMjNySXAG1cQ
kwPmRzeUIr/h2+ja4cHQbWubhId8SgFSmpTE4nCi9wwOPRejR3P2DFZLYrDecX3w
AvgiZfsDOHEMRjdzP1HILVtM1JcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSitAo/
tOxyQjUOroOHhVV0BtjbjjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmNlOWE3ODktOTU5OS00YzlkLWEwOTMtZWFkMzAzM2Y2MGQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMiMA0G
CSqGSIb3DQEBCwUAA4IBAQDPzA6URHDqUI+NmFH+pKFBQHuGuiZ35OMtZY3Tmfpc
RPXdkg598Nbzk6XlZhnM2BKtwCot43O5trKRKhlj8XhrTLpHH87ZCYQjqHn50zG+
A/g3kinxcFoNemMpSuOUP0kNSLiSxrBbo1DYloUsQ8KtrD0DHClWevtzC63H6xo3
1a+LJgm1SDmj11cin3YUKdnNqRnywlwj7Mi5Ia53R0jhq21is2uC8Xk6Q5OOsYEf
AUGISWaQ49Qk0qEy6/E4fWDvCo6uwRB73GtoBxFA/CFc/gfooR//tJmnMQLtoyrs
v9VcMCJly1R486rDQXcteRPq/RcaVzqRT6maEJpEa/sJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:12 2025 by rpki-client