Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
File: 51429a37-e3fd-4b49-a184-1e07ed522f97.roa (raw, json)
Hash identifier: Juw9iBYrKJRANXa2olY1viFSpF+E9D+X5hLFpWRs+Ow=
Subject key identifier: B5:3C:64:DD:0F:44:28:7E:00:6F:66:EF:D5:0C:75:2B:B0:D8:69:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 250734CC88BECF2EA125A3B894E30371E80C732F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
Signing time: Fri 26 Sep 2025 20:39:40 +0000
ROA not before: Fri 26 Sep 2025 20:39:40 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:07:34:cc:88:be:cf:2e:a1:25:a3:b8:94:e3:03:71:e8:0c:73:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:40 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=23a9f456d405c01b8d4f4fbf6ba33b28343a22b0c0d9fbde9985bf6c7ade2931, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f4:45:a6:c6:50:7c:8b:bc:9d:ab:78:28:66:
d5:52:eb:a9:56:5b:f6:4c:f0:a9:36:a6:4a:97:ad:
bc:e6:f3:5e:23:8c:0c:5f:8d:ab:ef:0a:62:e2:e6:
81:bf:84:81:36:ef:88:36:0a:e8:a3:e2:bb:62:83:
88:8c:aa:50:13:e0:bc:f1:a8:b5:5c:b7:b3:ff:68:
27:46:7f:88:d0:a2:d9:ec:87:a9:8a:42:00:fb:ba:
0e:0d:d1:5d:6a:03:c3:9f:d4:fa:52:3b:9f:fe:b9:
de:13:a4:98:65:74:32:8d:7b:69:ab:63:ff:fe:b8:
93:db:63:5b:a6:70:d2:7d:96:ba:74:d9:74:c1:6d:
5d:c8:c3:23:2a:8e:dd:8e:02:58:70:91:ec:c1:d5:
7c:4f:23:3f:60:04:d8:62:08:2a:6d:68:8b:b1:41:
a1:b2:5b:ab:66:0e:05:d0:4d:f5:6a:6f:3a:0a:ef:
a2:75:d7:ad:34:30:96:17:48:60:47:e3:83:04:a5:
87:45:30:85:d3:80:82:9e:cd:45:43:67:97:a5:0a:
e2:4c:61:d2:50:b2:7d:0c:db:69:97:f7:c6:b5:ee:
e7:05:ed:8b:5f:63:2f:fd:c4:35:8d:34:c9:3f:b9:
a0:15:bd:57:f2:2c:46:e5:75:11:21:5b:bb:cb:51:
15:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3C:64:DD:0F:44:28:7E:00:6F:66:EF:D5:0C:75:2B:B0:D8:69:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/51429a37-e3fd-4b49-a184-1e07ed522f97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:18:07:f4:d3:44:65:30:e2:73:da:84:d9:a5:b9:90:54:d7:
2d:46:07:16:fb:d9:d8:64:85:a1:0c:23:b7:4b:5f:ab:74:72:
6f:ea:b4:d1:d9:8f:dc:23:20:8b:04:25:c6:67:e0:95:39:48:
f1:ff:f9:0e:6d:b7:52:99:f8:45:78:f6:28:94:cf:ec:56:27:
7b:19:a6:22:c0:a6:4d:99:50:9a:af:56:51:3c:bd:da:92:af:
ce:9a:f0:1d:63:94:71:46:60:18:87:7d:61:5a:e4:34:f7:0d:
6b:14:6a:c4:da:37:09:79:13:65:72:40:59:df:66:34:11:16:
02:24:1b:cf:f1:eb:d8:02:9b:5b:71:11:83:a6:fc:b0:92:59:
a8:44:e9:58:6e:87:2a:09:e9:e8:09:4b:6e:1a:81:c0:e5:64:
30:6a:b9:ac:a8:3b:50:2c:22:61:ba:44:3f:98:ce:0e:fc:2b:
c6:89:86:25:03:f4:fa:2d:3d:3b:6b:bd:d6:63:e8:95:1a:62:
55:42:9e:e8:a1:d2:88:ce:06:ce:ad:bd:15:26:2d:97:d0:66:
d2:a5:1a:5d:4e:ab:d6:38:ec:3d:23:0b:c3:c2:0b:55:80:16:
f2:d1:e2:a6:b3:e2:26:e8:5c:a8:2a:29:f5:9d:b1:7e:01:1e:
4c:71:20:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJQc0zIi+zy6hJaO4lOMDcegMcy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NDBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzYTlmNDU2ZDQwNWMwMWI4ZDRmNGZiZjZiYTMzYjI4MzQzYTIyYjBjMGQ5
ZmJkZTk5ODViZjZjN2FkZTI5MzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/0RabGUHyLvJ2reChm1VLrqVZb9kzwqTamSpetvObzXiOMDF+Nq+8KYuLm
gb+EgTbviDYK6KPiu2KDiIyqUBPgvPGotVy3s/9oJ0Z/iNCi2eyHqYpCAPu6Dg3R
XWoDw5/U+lI7n/653hOkmGV0Mo17aatj//64k9tjW6Zw0n2WunTZdMFtXcjDIyqO
3Y4CWHCR7MHVfE8jP2AE2GIIKm1oi7FBobJbq2YOBdBN9WpvOgrvonXXrTQwlhdI
YEfjgwSlh0UwhdOAgp7NRUNnl6UK4kxh0lCyfQzbaZf3xrXu5wXti19jL/3ENY00
yT+5oBW9V/IsRuV1ESFbu8tRFbsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1PGTd
D0QofgBvZu/VDHUrsNhpuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTE0MjlhMzctZTNmZC00YjQ5LWExODQtMWUwN2VkNTIyZjk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQAEGAf000RlMOJz2oTZpbmQVNctRgcW+9nYZIWhDCO3
S1+rdHJv6rTR2Y/cIyCLBCXGZ+CVOUjx//kObbdSmfhFePYolM/sVid7GaYiwKZN
mVCar1ZRPL3akq/OmvAdY5RxRmAYh31hWuQ09w1rFGrE2jcJeRNlckBZ32Y0ERYC
JBvP8evYAptbcRGDpvywklmoROlYbocqCenoCUtuGoHA5WQwarmsqDtQLCJhukQ/
mM4O/CvGiYYlA/T6LT07a73WY+iVGmJVQp7oodKIzgbOrb0VJi2X0GbSpRpdTqvW
OOw9IwvDwgtVgBby0eKms+Im6FyoKin1nbF+AR5McSBo
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:01:07 2025 by rpki-client