Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: MLpzlRs2k29cp5QuZrDZV5w3/jde+uEltKlbmjsXEBQ=
Subject key identifier: 2E:C0:9E:5E:A0:47:6C:66:D9:32:82:D7:25:D3:17:A5:89:82:9C:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 469D35531DEFBC22BCD855EF3751615773ED3788
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Mon 06 Oct 2025 18:10:36 +0000
ROA not before: Mon 06 Oct 2025 18:10:36 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:9d:35:53:1d:ef:bc:22:bc:d8:55:ef:37:51:61:57:73:ed:37:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:36 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=30d600d0f375a5cb83ebf68a927662da66771488087e77aa5055bd6229982c85, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6b:fd:7a:40:6f:c1:c8:ee:25:1a:95:07:2d:
ba:3e:6f:41:59:d3:eb:21:8d:a8:6b:1b:26:8c:c8:
86:67:2a:5d:f7:d4:67:d4:f7:8f:aa:7e:3c:86:ae:
2a:56:c7:32:2b:8a:01:20:d9:e4:12:1a:66:2b:a1:
9c:a7:2c:be:dd:76:9f:3f:91:bb:98:d5:c5:48:2f:
d4:21:5c:65:57:8b:a3:46:e7:4c:8f:b2:1f:8e:9d:
6f:23:9e:0f:36:d2:00:5c:94:f9:02:0f:e1:13:88:
05:d6:33:3c:93:38:be:3e:f9:cf:6c:8e:01:08:ab:
52:b4:a6:15:1b:e1:64:3b:f2:6b:3c:bf:af:a8:80:
11:33:76:0f:1a:c6:c0:27:00:7f:1a:a7:fc:30:4e:
80:f4:c1:6c:b6:a4:7f:6e:1b:24:1e:d7:a3:27:93:
b6:1a:a6:01:74:81:9b:a8:a4:d9:22:9e:25:50:4d:
0e:d6:5a:c3:24:31:a2:84:5e:1e:4f:24:b4:a8:cd:
f9:8f:a3:24:7e:9a:3c:1a:53:3f:4a:1f:b7:b6:18:
a2:bf:22:76:8d:83:d6:25:8e:99:f7:f1:a4:28:fc:
a7:0d:72:0d:eb:35:a6:05:e6:4a:f0:29:78:30:b1:
ea:35:20:8e:4c:66:49:66:b3:72:5a:45:28:dc:e2:
38:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C0:9E:5E:A0:47:6C:66:D9:32:82:D7:25:D3:17:A5:89:82:9C:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
28:37:4b:68:07:f0:29:34:1e:4a:85:a2:07:d5:8c:f9:aa:c2:
0c:87:99:ba:d5:9c:f3:3b:b6:cf:8c:4f:25:64:d5:9b:bf:a9:
fd:af:6f:0a:41:76:da:37:1d:f2:11:65:2d:b3:f7:97:7e:4e:
18:73:56:93:d7:0b:e3:8b:6f:d3:94:c9:c1:ef:7a:0c:10:38:
b7:4a:e5:7a:c5:55:3c:f2:11:20:99:23:6b:0e:34:d1:a7:6b:
e4:03:6c:0a:c1:07:27:58:33:d4:8f:b1:80:91:63:68:65:b7:
fe:28:3c:ac:e5:bc:17:5c:8f:e2:9c:cd:03:24:6e:7e:9c:52:
86:1b:92:a0:f9:52:66:2a:62:71:4f:80:e6:8f:9e:be:7c:28:
c0:66:b6:dd:f9:52:48:fe:a1:7b:ec:fd:6f:b0:ba:26:62:ea:
21:15:bd:cb:c9:de:29:c3:d7:c7:0c:53:ae:f6:02:63:1f:c5:
41:23:ed:e1:f0:c5:2d:18:21:95:dc:8b:8a:ab:31:2d:92:71:
a6:89:52:0b:93:6d:d7:f1:bc:73:da:ca:82:1c:d0:2a:70:3c:
59:37:1e:be:6b:9d:1e:be:51:0f:7a:19:b3:8a:73:41:0f:c0:
1e:4a:4f:a6:39:fe:38:14:36:12:56:69:ee:3d:86:10:4f:5a:
c7:00:41:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURp01Ux3vvCK82FXvN1FhV3PtN4gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzZaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZDYwMGQwZjM3NWE1Y2I4M2ViZjY4YTkyNzY2MmRhNjY3NzE0ODgwODdl
NzdhYTUwNTViZDYyMjk5ODJjODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFr/XpAb8HI7iUalQctuj5vQVnT6yGNqGsbJozIhmcqXffUZ9T3j6p+PIau
KlbHMiuKASDZ5BIaZiuhnKcsvt12nz+Ru5jVxUgv1CFcZVeLo0bnTI+yH46dbyOe
DzbSAFyU+QIP4ROIBdYzPJM4vj75z2yOAQirUrSmFRvhZDvyazy/r6iAETN2DxrG
wCcAfxqn/DBOgPTBbLakf24bJB7XoyeTthqmAXSBm6ik2SKeJVBNDtZawyQxooRe
Hk8ktKjN+Y+jJH6aPBpTP0oft7YYor8ido2D1iWOmffxpCj8pw1yDes1pgXmSvAp
eDCx6jUgjkxmSWazclpFKNziOJcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQuwJ5e
oEdsZtkygtcl0xeliYKcgzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQAoN0toB/ApNB5KhaIH1Yz5qsIMh5m61ZzzO7bPjE8l
ZNWbv6n9r28KQXbaNx3yEWUts/eXfk4Yc1aT1wvji2/TlMnB73oMEDi3SuV6xVU8
8hEgmSNrDjTRp2vkA2wKwQcnWDPUj7GAkWNoZbf+KDys5bwXXI/inM0DJG5+nFKG
G5Kg+VJmKmJxT4Dmj56+fCjAZrbd+VJI/qF77P1vsLomYuohFb3Lyd4pw9fHDFOu
9gJjH8VBI+3h8MUtGCGV3IuKqzEtknGmiVILk23X8bxz2sqCHNAqcDxZNx6+a50e
vlEPehmzinNBD8AeSk+mOf44FDYSVmnuPYYQT1rHAEGV
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:01:11 2025 by rpki-client