Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: MpnSYkiww+5DDy3JyjhFcrZECkLGvD4oRdSndfiNxgo=
Subject key identifier: C5:05:6B:E3:F0:A6:DB:B8:E6:1F:3E:FE:EA:92:89:4C:DB:D6:E4:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D67D5FDC8737A87268F5FE92726CEFAC11BA606
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Fri 26 Sep 2025 20:21:15 +0000
ROA not before: Fri 26 Sep 2025 20:21:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:67:d5:fd:c8:73:7a:87:26:8f:5f:e9:27:26:ce:fa:c1:1b:a6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=804ad5d320691287570ad353d5c227f43b29974bd458a6ab31d33cbfb9fe31ae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c5:68:8d:dc:5d:71:fb:c0:1b:83:1e:81:4c:
cd:13:4f:8b:48:63:4d:08:dc:da:7f:39:60:a6:a1:
8d:12:2f:a9:f0:72:24:5b:c3:f3:65:03:b8:6d:fc:
0e:e5:56:38:c1:95:a1:4f:91:f8:9c:e7:57:59:2b:
65:17:bb:4e:94:76:d7:ee:78:68:f8:74:f3:d8:12:
60:f0:88:7d:dc:45:c4:34:fa:09:0a:f1:2f:68:70:
e1:e9:9c:51:f6:3e:38:e2:cd:2c:37:82:c3:b6:16:
d4:cd:8c:74:98:e9:62:54:eb:83:be:4f:50:17:99:
ba:2a:92:e2:09:8c:84:9f:06:05:ce:6e:a0:12:84:
13:9d:36:65:ed:64:34:55:af:74:34:1e:78:da:b0:
b1:ce:d3:b1:b5:76:fd:1f:d2:4e:99:ab:5b:c4:03:
56:f8:42:1e:27:21:a8:ba:64:1e:c0:ce:90:ea:31:
16:73:75:e5:af:ff:02:38:52:ba:e6:a1:bb:96:8d:
08:02:b9:d5:48:41:d7:6a:c5:e4:a6:a5:72:6e:d8:
1b:19:2e:f6:bf:00:c4:15:93:ae:b0:e6:3a:ce:c5:
fe:de:ea:00:55:06:38:a6:30:b3:3b:c4:d5:4e:2a:
9a:93:da:35:d9:91:1a:ab:43:87:8e:98:82:f7:32:
cb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:05:6B:E3:F0:A6:DB:B8:E6:1F:3E:FE:EA:92:89:4C:DB:D6:E4:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
53:55:6d:4e:03:41:7e:8d:fd:3b:a3:97:6f:a8:fc:87:e4:0f:
23:4f:60:40:c9:87:4e:4a:9c:6b:8d:fb:2e:62:e4:6b:b6:5f:
bc:79:0b:bd:86:4c:5e:f2:80:0d:95:0c:86:c7:e4:40:75:2b:
58:c6:22:b6:69:d2:94:36:dc:2b:67:ef:2f:7e:a0:b0:9c:cc:
b6:81:10:04:0c:b4:4c:a0:c9:3f:53:47:1a:92:9a:da:bf:90:
9c:8e:68:eb:74:47:8a:50:d4:84:41:62:c0:bf:6c:87:4c:b3:
4e:46:f1:b0:35:c4:93:de:4f:46:2c:39:7a:10:62:c7:af:33:
12:18:63:bd:2d:a1:7c:8b:0a:5c:70:be:07:4a:86:1e:34:71:
48:2b:12:dd:42:38:14:2b:7d:31:4a:54:24:35:b1:32:dd:e6:
29:2c:e4:ce:ca:02:42:1a:5e:e9:38:a3:8a:d3:b9:e8:91:8c:
b0:1c:e1:21:06:27:06:c4:0f:73:78:54:f2:b2:c2:bc:d5:1a:
83:23:83:ae:8b:87:d3:56:fd:e4:4a:ae:f0:c3:2c:fc:67:89:
99:ca:f3:4c:7b:69:6b:84:66:31:6a:80:e8:8d:37:60:91:e4:
e4:a9:e4:21:99:c1:cf:0b:68:44:0d:a5:e8:4a:97:fd:a4:6d:
59:68:2d:4b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfWfV/chzeocmj1/pJybO+sEbpgYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNGFkNWQzMjA2OTEyODc1NzBhZDM1M2Q1YzIyN2Y0M2IyOTk3NGJkNDU4
YTZhYjMxZDMzY2JmYjlmZTMxYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7FaI3cXXH7wBuDHoFMzRNPi0hjTQjc2n85YKahjRIvqfByJFvD82UDuG38
DuVWOMGVoU+R+JznV1krZRe7TpR21+54aPh089gSYPCIfdxFxDT6CQrxL2hw4emc
UfY+OOLNLDeCw7YW1M2MdJjpYlTrg75PUBeZuiqS4gmMhJ8GBc5uoBKEE502Ze1k
NFWvdDQeeNqwsc7TsbV2/R/STpmrW8QDVvhCHichqLpkHsDOkOoxFnN15a//AjhS
uuahu5aNCAK51UhB12rF5Kalcm7YGxku9r8AxBWTrrDmOs7F/t7qAFUGOKYwszvE
1U4qmpPaNdmRGqtDh46Ygvcyy6UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTFBWvj
8KbbuOYfPv7qkolM29bk+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAU1VtTgNBfo39O6OXb6j8h+QPI09gQMmHTkqca437
LmLka7ZfvHkLvYZMXvKADZUMhsfkQHUrWMYitmnSlDbcK2fvL36gsJzMtoEQBAy0
TKDJP1NHGpKa2r+QnI5o63RHilDUhEFiwL9sh0yzTkbxsDXEk95PRiw5ehBix68z
EhhjvS2hfIsKXHC+B0qGHjRxSCsS3UI4FCt9MUpUJDWxMt3mKSzkzsoCQhpe6Tij
itO56JGMsBzhIQYnBsQPc3hU8rLCvNUagyODrouH01b95Equ8MMs/GeJmcrzTHtp
a4RmMWqA6I03YJHk5KnkIZnBzwtoRA2l6EqX/aRtWWgtSw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:57:57 2025 by rpki-client