Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
File: 2db57b82-f8e4-4b85-a46a-befecb4774c0.roa (raw, json)
Hash identifier: 4ZUgZmf0bXgbz7FYRhu8j/Axhg8YxBN0GyiF+7gYgYY=
Subject key identifier: 01:F3:09:FF:48:C7:EC:6C:BB:3F:7E:00:7D:C6:D0:EF:80:78:86:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76AB3AB40079FE51EC986732C66C5A37DBDDE363
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
Signing time: Fri 26 Sep 2025 20:39:41 +0000
ROA not before: Fri 26 Sep 2025 20:39:41 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.32.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:ab:3a:b4:00:79:fe:51:ec:98:67:32:c6:6c:5a:37:db:dd:e3:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:41 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=8154489ffe6aac968e8c30762bdad498b6a47f73332276dc78d97d679f9830e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a8:92:36:84:07:62:63:d7:91:e8:8c:46:de:
e0:dc:fe:ce:a1:4e:ba:9f:2d:b7:fd:2e:23:cb:be:
da:ca:76:48:49:97:fc:da:78:5e:0b:15:1e:b0:0b:
ef:e1:14:34:77:03:1d:6f:cd:df:c1:bb:7e:17:b3:
d8:f2:a1:49:69:07:53:2c:da:e4:df:bb:7a:ab:b4:
05:04:6c:af:b4:06:62:a5:9a:37:8d:a4:9f:89:cb:
1a:74:46:8d:33:a3:25:18:f8:89:04:a3:70:ee:3b:
42:e9:13:ca:8a:61:52:7d:5b:11:b7:e9:ce:a0:ed:
eb:73:d2:80:50:9a:93:83:fb:69:b5:74:49:f9:86:
1a:48:7c:cd:8c:0e:51:e8:1c:f7:83:8c:e9:be:51:
9e:31:0a:7d:41:0b:3b:53:7f:f5:62:25:34:47:b7:
64:d4:5b:aa:c5:cd:57:fb:0f:dd:fd:34:5d:22:bd:
f2:52:59:97:ca:a5:e8:0b:c2:05:db:7a:c6:19:71:
9c:12:cb:74:f0:76:9d:68:94:ab:d2:45:05:34:98:
5a:01:e6:fe:0b:b7:3b:6f:a9:50:99:d7:20:66:66:
7b:d6:1d:3f:6a:83:14:2d:a0:48:89:0c:65:07:d0:
61:fd:47:a0:d6:e7:66:51:ad:58:2e:19:0c:f5:d6:
e2:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F3:09:FF:48:C7:EC:6C:BB:3F:7E:00:7D:C6:D0:EF:80:78:86:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2db57b82-f8e4-4b85-a46a-befecb4774c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.32.0.0/16
Signature Algorithm: sha256WithRSAEncryption
85:bf:33:c9:94:63:7a:8a:1f:14:9f:2d:89:92:28:a7:ff:c3:
68:02:b3:3c:49:d4:63:3d:4a:88:a0:c2:3f:50:11:60:fa:a0:
64:b6:91:82:98:bf:2c:2b:37:40:72:b4:9d:0d:e5:ec:56:99:
ef:7c:57:8a:e0:7f:e6:4d:a6:23:68:dd:e8:87:11:d7:87:03:
13:9e:a9:e2:d7:33:d4:49:66:40:7c:5c:a3:1f:31:49:cc:5c:
55:d4:8b:19:1b:85:4e:18:0f:b4:d2:db:98:90:e1:90:f9:f0:
b1:e7:e6:7f:f9:29:4e:08:e6:48:63:4a:9d:4c:77:c2:80:55:
df:39:47:0b:e2:a9:36:b7:78:e1:0e:45:6a:de:9d:b3:3c:a6:
99:10:99:0d:f8:df:c8:c3:e3:73:3c:b8:24:83:cf:d9:51:2f:
37:c1:63:ff:8d:52:4a:e3:d9:f5:cc:70:a1:58:34:9e:f2:44:
93:5d:e4:e0:bd:21:c3:3b:8e:89:ed:21:ec:60:15:18:e1:dc:
eb:ec:a0:83:83:76:17:5d:1e:d9:b6:d4:d3:92:15:ef:bf:c4:
e1:aa:74:9e:41:00:0a:9d:c4:a1:cd:9a:c3:ca:3c:5b:1f:50:
e9:d0:fc:45:5e:96:fd:db:ad:30:53:ae:5c:30:98:d2:b2:76:
41:d1:36:c3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdqs6tAB5/lHsmGcyxmxaN9vd42MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNTQ0ODlmZmU2YWFjOTY4ZThjMzA3NjJiZGFkNDk4YjZhNDdmNzMzMzIy
NzZkYzc4ZDk3ZDY3OWY5ODMwZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOokjaEB2Jj15HojEbe4Nz+zqFOup8tt/0uI8u+2sp2SEmX/Np4XgsVHrAL
7+EUNHcDHW/N38G7fhez2PKhSWkHUyza5N+7equ0BQRsr7QGYqWaN42kn4nLGnRG
jTOjJRj4iQSjcO47QukTyophUn1bEbfpzqDt63PSgFCak4P7abV0SfmGGkh8zYwO
Uegc94OM6b5RnjEKfUELO1N/9WIlNEe3ZNRbqsXNV/sP3f00XSK98lJZl8ql6AvC
Bdt6xhlxnBLLdPB2nWiUq9JFBTSYWgHm/gu3O2+pUJnXIGZme9YdP2qDFC2gSIkM
ZQfQYf1HoNbnZlGtWC4ZDPXW4l0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQB8wn/
SMfsbLs/fgB9xtDvgHiGPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiNTdiODItZjhlNC00Yjg1LWE0NmEtYmVmZWNiNDc3NGMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMgMA0G
CSqGSIb3DQEBCwUAA4IBAQCFvzPJlGN6ih8Uny2Jkiin/8NoArM8SdRjPUqIoMI/
UBFg+qBktpGCmL8sKzdAcrSdDeXsVpnvfFeK4H/mTaYjaN3ohxHXhwMTnqni1zPU
SWZAfFyjHzFJzFxV1IsZG4VOGA+00tuYkOGQ+fCx5+Z/+SlOCOZIY0qdTHfCgFXf
OUcL4qk2t3jhDkVq3p2zPKaZEJkN+N/Iw+NzPLgkg8/ZUS83wWP/jVJK49n1zHCh
WDSe8kSTXeTgvSHDO46J7SHsYBUY4dzr7KCDg3YXXR7ZttTTkhXvv8ThqnSeQQAK
ncShzZrDyjxbH1Dp0PxFXpb9260wU65cMJjSsnZB0TbD
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:15 2025 by rpki-client