Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: btMJ/kogObdY8LOVvuBmKN8EmtNEp1Yk4P1TPg3xFpw=
Subject key identifier: 45:26:A1:EC:8B:52:72:97:5E:D9:0D:F8:69:96:DA:AB:F3:AE:52:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 104D56E63ACD48557D169F332B0CE2D5794793DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Fri 26 Sep 2025 20:39:55 +0000
ROA not before: Fri 26 Sep 2025 20:39:55 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:4d:56:e6:3a:cd:48:55:7d:16:9f:33:2b:0c:e2:d5:79:47:93:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:55 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8d580a3e8cba340e968024b0c4b7a124df492215d79a54090b8a7d1ff3ec2788, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:71:b3:0c:e7:f1:a7:71:c2:1c:39:fa:34:
b7:ec:75:7d:2e:01:28:76:f6:fc:0c:b7:76:32:78:
68:2d:bb:1e:4e:db:6b:0c:7e:52:24:d4:ab:47:94:
c7:80:a7:2e:00:5c:50:9f:7f:a9:3b:ce:dd:f2:e8:
e2:c6:25:5b:52:27:1d:f2:b3:64:eb:17:ea:ce:e7:
0a:16:83:f8:6f:8e:f0:19:25:d2:49:38:50:1d:9e:
3b:22:6f:50:27:3e:32:48:a9:81:da:ae:46:ef:dd:
b1:e9:a2:e1:28:08:a3:34:b1:e4:a4:3a:27:7a:d0:
6b:b7:80:5d:e2:2b:45:67:3e:a5:27:da:eb:be:11:
6f:84:cb:95:19:32:19:16:bc:e9:01:02:4a:4c:aa:
7b:45:b0:62:cd:78:b0:d0:7f:47:fc:31:9b:69:0d:
d2:72:6b:fb:3a:57:4e:f4:40:d4:02:b5:b6:5b:21:
0b:2d:73:f2:a6:e0:04:f2:2b:cf:d8:f5:4f:df:6d:
a1:22:04:78:42:7e:73:64:4a:36:dc:fc:63:b1:95:
8a:c7:64:52:59:8b:3b:f9:34:be:3e:c5:9a:81:fa:
a1:87:ac:89:3d:03:b5:9e:77:79:5c:fe:df:71:20:
25:8e:b5:69:ab:3a:ed:8d:55:c8:59:f4:87:22:41:
87:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:26:A1:EC:8B:52:72:97:5E:D9:0D:F8:69:96:DA:AB:F3:AE:52:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:b2:42:e3:54:3a:2f:79:9c:49:a8:56:3d:a2:0c:10:79:83:
a0:27:7f:9e:b1:8c:75:55:1e:09:80:04:ab:53:e7:a8:df:a2:
93:d5:91:2e:aa:eb:80:41:4a:2c:02:3c:3f:f8:5c:f7:c4:9a:
24:fc:b8:9e:b7:dd:bb:40:03:b2:fc:b8:38:35:05:1e:4e:62:
34:82:3a:4a:a7:db:83:e1:8e:a5:f8:a9:bd:76:0b:60:2e:78:
7b:93:d2:ad:54:b9:53:ea:a5:b2:61:b0:3b:5a:ce:e7:ef:b3:
fb:97:b9:f9:c2:f4:39:b6:e9:b3:d7:71:7a:cc:d3:7e:51:87:
d1:e5:2e:e8:2d:bb:bd:e6:1d:74:f2:fd:6e:39:26:b8:b4:3b:
b2:41:c5:51:a5:0e:a1:d3:55:ea:dd:4b:72:8c:75:32:e7:02:
d7:9b:4a:6f:4f:ae:45:b5:72:2b:bb:93:53:93:47:01:5b:81:
f5:3b:5d:57:35:c7:19:ba:a1:86:96:bd:77:48:d4:47:29:a6:
8d:7c:34:e4:d1:84:1a:b9:e1:f8:61:4d:fd:03:51:47:98:22:
8d:27:d7:87:68:b5:94:f1:1c:16:07:f5:7c:67:3a:60:2a:13:
29:8a:23:3b:ae:6a:de:a9:a9:fd:df:d2:55:e5:9b:35:c5:a4:
02:62:27:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEE1W5jrNSFV9Fp8zKwzi1XlHk90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkNTgwYTNlOGNiYTM0MGU5NjgwMjRiMGM0YjdhMTI0ZGY0OTIyMTVkNzlh
NTQwOTBiOGE3ZDFmZjNlYzI3ODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAccbMM5/GnccIcOfo0t+x1fS4BKHb2/Ay3djJ4aC27Hk7bawx+UiTUq0eU
x4CnLgBcUJ9/qTvO3fLo4sYlW1InHfKzZOsX6s7nChaD+G+O8Bkl0kk4UB2eOyJv
UCc+MkipgdquRu/dsemi4SgIozSx5KQ6J3rQa7eAXeIrRWc+pSfa674Rb4TLlRky
GRa86QECSkyqe0WwYs14sNB/R/wxm2kN0nJr+zpXTvRA1AK1tlshCy1z8qbgBPIr
z9j1T99toSIEeEJ+c2RKNtz8Y7GVisdkUlmLO/k0vj7FmoH6oYesiT0DtZ53eVz+
33EgJY61aas67Y1VyFn0hyJBhx8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRFJqHs
i1Jyl17ZDfhpltqr865SETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQCGskLjVDoveZxJqFY9ogwQeYOgJ3+esYx1VR4JgASr
U+eo36KT1ZEuquuAQUosAjw/+Fz3xJok/Liet927QAOy/Lg4NQUeTmI0gjpKp9uD
4Y6l+Km9dgtgLnh7k9KtVLlT6qWyYbA7Ws7n77P7l7n5wvQ5tumz13F6zNN+UYfR
5S7oLbu95h108v1uOSa4tDuyQcVRpQ6h01Xq3UtyjHUy5wLXm0pvT65FtXIru5NT
k0cBW4H1O11XNccZuqGGlr13SNRHKaaNfDTk0YQaueH4YU39A1FHmCKNJ9eHaLWU
8RwWB/V8ZzpgKhMpiiM7rmreqan939JV5Zs1xaQCYieu
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:59:03 2025 by rpki-client