Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: tEsvyslk29UYVTd9daKGfaNuZqtCob6mAOpKPM7EY6U=
Subject key identifier: 0C:E1:9A:19:40:68:7F:7B:50:EB:71:F6:EA:0B:32:98:9A:7B:98:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E6CDF4B18E496CCFB4312ECC0DC7D42BFBB6C86
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Fri 26 Sep 2025 20:20:14 +0000
ROA not before: Fri 26 Sep 2025 20:20:14 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:6c:df:4b:18:e4:96:cc:fb:43:12:ec:c0:dc:7d:42:bf:bb:6c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:14 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=fd1d4fa587c54acdb01f59d12a032e59dd173d4eea63249670b017bdc5849d9d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:77:f7:3a:30:3c:50:b0:c0:f4:4e:04:9f:ee:
27:22:c1:29:69:46:c0:80:74:73:24:35:45:d8:af:
81:4b:f1:42:1d:26:4f:16:3e:53:01:ed:cb:51:ab:
84:b7:22:6d:08:0f:9b:4c:da:42:fa:fe:ef:1e:be:
1a:42:65:ce:d2:83:8a:b7:d6:2f:8f:99:61:c7:51:
f3:2e:68:3a:79:76:3e:57:9b:a5:2e:df:54:2c:59:
fe:bf:38:86:19:c9:9e:0b:b6:fa:1c:7e:c8:17:c6:
4f:c8:3e:a5:43:57:5c:93:72:08:e6:34:31:c9:13:
b6:ec:13:9c:39:8e:f7:17:d8:1a:4e:29:c1:96:1c:
51:31:5f:78:80:ad:94:5e:03:72:c7:38:d1:6e:84:
48:be:96:87:e2:b5:ec:87:99:df:f3:81:20:39:22:
73:cd:d4:cb:e8:e5:da:81:f3:f0:c9:c9:0b:27:12:
2e:4f:24:a9:24:a3:f0:a4:7c:0e:b0:f8:30:b8:b5:
52:65:f9:41:d1:9e:ab:b8:98:09:61:bc:11:4d:e8:
b8:34:25:a3:db:c2:ae:71:72:26:ff:4f:1a:da:9c:
a3:05:99:82:4f:a0:0c:ed:fe:b6:7e:87:6e:97:c7:
60:eb:7c:3d:ff:7d:8b:11:1b:8b:a9:2d:84:de:30:
2e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E1:9A:19:40:68:7F:7B:50:EB:71:F6:EA:0B:32:98:9A:7B:98:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a6:8b:94:22:29:e0:5a:b5:cf:48:e2:87:d9:f8:27:85:a1:fa:
90:32:d7:1c:15:fb:1d:b1:c8:a4:37:2e:c3:60:f0:b3:c5:fc:
55:59:a0:07:77:9c:e5:cc:8f:f8:62:4b:f1:11:9b:c0:ca:7c:
ee:35:e9:80:84:1a:4a:65:3e:f4:dd:6a:a3:ef:29:ad:9e:f9:
57:07:d7:38:d5:66:ef:d2:e4:77:b2:e5:73:21:43:06:a9:8a:
85:1d:ee:08:2f:da:28:86:1e:25:b6:22:75:22:6a:3e:bf:10:
e9:58:ea:15:a7:1d:a7:c5:7a:ff:00:58:3e:30:9a:f3:44:0e:
8a:cf:47:e5:93:b3:6e:0a:13:73:a1:2f:c1:53:fa:c2:ae:11:
32:e1:e7:d6:14:84:a9:53:ff:49:86:a6:03:81:19:ad:04:cd:
0d:5a:2d:75:53:5e:3d:39:30:39:20:2f:45:4f:88:af:33:af:
dd:de:97:a6:46:32:1a:b5:c8:d7:e6:26:98:f0:a0:83:c4:06:
89:74:bf:c4:5e:1e:6e:34:e3:21:3e:6e:3a:b5:c6:a9:7a:ec:
84:cd:a9:17:bd:d4:27:f3:02:0c:58:18:71:c6:33:c3:bf:5f:
c3:5b:e0:2d:4d:06:57:b2:d1:b6:dc:20:ca:da:ee:9e:99:f3:
48:18:6f:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTmzfSxjklsz7QxLswNx9Qr+7bIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMTRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkMWQ0ZmE1ODdjNTRhY2RiMDFmNTlkMTJhMDMyZTU5ZGQxNzNkNGVlYTYz
MjQ5NjcwYjAxN2JkYzU4NDlkOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx39zowPFCwwPROBJ/uJyLBKWlGwIB0cyQ1RdivgUvxQh0mTxY+UwHty1Gr
hLcibQgPm0zaQvr+7x6+GkJlztKDirfWL4+ZYcdR8y5oOnl2PlebpS7fVCxZ/r84
hhnJngu2+hx+yBfGT8g+pUNXXJNyCOY0MckTtuwTnDmO9xfYGk4pwZYcUTFfeICt
lF4Dcsc40W6ESL6Wh+K17IeZ3/OBIDkic83Uy+jl2oHz8MnJCycSLk8kqSSj8KR8
DrD4MLi1UmX5QdGeq7iYCWG8EU3ouDQlo9vCrnFyJv9PGtqcowWZgk+gDO3+tn6H
bpfHYOt8Pf99ixEbi6kthN4wLhMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQM4ZoZ
QGh/e1DrcfbqCzKYmnuYaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQCmi5QiKeBatc9I4ofZ+CeFofqQMtccFfsdscikNy7D
YPCzxfxVWaAHd5zlzI/4YkvxEZvAynzuNemAhBpKZT703Wqj7ymtnvlXB9c41Wbv
0uR3suVzIUMGqYqFHe4IL9oohh4ltiJ1Imo+vxDpWOoVpx2nxXr/AFg+MJrzRA6K
z0flk7NuChNzoS/BU/rCrhEy4efWFISpU/9JhqYDgRmtBM0NWi11U149OTA5IC9F
T4ivM6/d3pemRjIatcjX5iaY8KCDxAaJdL/EXh5uNOMhPm46tcapeuyEzakXvdQn
8wIMWBhxxjPDv1/DW+AtTQZXstG23CDK2u6emfNIGG9Z
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:34:49 2025 by rpki-client