Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: KyrSxEMZ4U1un/Gpu1zsNP8M0sE4Ov86Fw4HkViNbHo=
Subject key identifier: 97:9B:79:1C:EE:69:3E:A8:24:98:C3:4C:25:4E:77:D9:F8:60:F9:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F0D1DCBB0B835D152722D57B760D809B9C0DF4B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Sat 27 Sep 2025 00:52:40 +0000
ROA not before: Sat 27 Sep 2025 00:52:40 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:0d:1d:cb:b0:b8:35:d1:52:72:2d:57:b7:60:d8:09:b9:c0:df:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:40 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=98407eb0f0ceb0c206844e80e9e90749d55d52fa86f1de568a9ee988bc3a20a3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ed:cd:e3:4d:d5:7d:8e:69:12:7e:34:ed:b9:
f5:79:73:7f:f1:a7:8d:ef:3f:1b:c4:72:8e:de:27:
5f:c7:a7:4f:17:a4:27:cf:5e:23:63:1f:e5:8c:dc:
fb:75:5c:df:18:4d:76:88:98:c0:cc:38:68:49:48:
64:1f:90:7c:31:83:3f:e2:3b:d8:7e:b8:b8:8c:90:
d2:70:a5:28:04:b5:85:eb:83:90:0e:be:da:0f:b1:
14:80:dc:f7:87:65:a6:c8:fc:ba:79:36:9b:5f:02:
d4:ef:b2:0a:d9:e9:95:88:9c:ac:bf:c8:31:27:cc:
8f:fb:4a:bb:9d:c4:3e:ad:b9:1d:91:45:52:47:04:
55:5c:a2:68:61:e7:86:05:fb:ad:f7:af:33:4d:9f:
2e:7b:8c:02:9d:cf:f7:5e:9a:00:70:11:c8:95:30:
d4:34:60:d4:a9:fc:b8:5b:81:bf:6a:aa:e4:37:6c:
ec:78:45:33:20:f3:46:be:b7:65:80:d2:e3:b7:61:
af:14:9e:ce:3c:ab:32:d3:68:9c:88:7a:2f:0a:22:
63:8a:72:22:22:d5:0d:99:cd:ab:09:ad:08:b0:98:
bb:66:5a:f3:e2:83:07:c5:d3:e8:27:a9:31:3e:ac:
73:61:e0:ab:b6:73:2d:6d:37:88:12:79:44:58:af:
82:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:9B:79:1C:EE:69:3E:A8:24:98:C3:4C:25:4E:77:D9:F8:60:F9:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6a:9d:5e:92:6b:ec:2b:e7:ce:57:ba:77:0b:0c:cd:c8:04:
e2:80:14:e0:c9:dc:86:e5:86:22:e9:cd:77:60:05:c4:85:ea:
89:38:c2:1b:c3:e3:0a:37:b0:8e:a7:2c:41:b6:73:15:be:d1:
0a:22:78:90:d0:41:0d:20:53:5d:22:9e:10:ae:19:87:a3:78:
17:11:e9:09:55:5d:c4:85:6d:38:18:e9:c0:c4:8a:87:27:32:
9b:b6:b8:64:34:50:cc:5c:ac:49:58:aa:38:91:a2:61:fe:a1:
6c:1d:02:8c:ec:d1:ab:84:a8:07:47:86:8d:bf:d2:31:29:e9:
c6:bf:02:91:f0:f8:1b:c7:b7:6c:16:1d:0e:98:8c:22:6e:87:
4a:c4:28:4d:23:f4:b2:0b:a4:28:e7:38:27:83:12:ab:5d:0e:
27:8d:eb:af:d2:0d:7c:ed:25:2d:cf:46:a9:c2:1e:c4:bc:2d:
fc:17:a6:82:8f:4b:85:65:91:e1:b4:21:b2:24:cc:1a:4a:8a:
c7:3a:a1:94:c8:4c:49:c0:e0:8f:c2:ba:30:b9:db:a5:1f:8d:
b7:72:75:9c:75:06:a2:ba:a8:45:62:d4:e8:08:02:be:a8:bf:
f5:c2:79:09:f6:d8:af:ee:34:e9:37:43:21:aa:e4:79:8e:81:
7a:7b:ca:7b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXw0dy7C4NdFSci1Xt2DYCbnA30swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyNDBaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk4NDA3ZWIwZjBjZWIwYzIwNjg0NGU4MGU5ZTkwNzQ5ZDU1ZDUyZmE4NmYx
ZGU1NjhhOWVlOTg4YmMzYTIwYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7tzeNN1X2OaRJ+NO259Xlzf/Gnje8/G8Ryjt4nX8enTxekJ89eI2Mf5Yzc
+3Vc3xhNdoiYwMw4aElIZB+QfDGDP+I72H64uIyQ0nClKAS1heuDkA6+2g+xFIDc
94dlpsj8unk2m18C1O+yCtnplYicrL/IMSfMj/tKu53EPq25HZFFUkcEVVyiaGHn
hgX7rfevM02fLnuMAp3P916aAHARyJUw1DRg1Kn8uFuBv2qq5Dds7HhFMyDzRr63
ZYDS47dhrxSezjyrMtNonIh6LwoiY4pyIiLVDZnNqwmtCLCYu2Za8+KDB8XT6Cep
MT6sc2Hgq7ZzLW03iBJ5RFivglsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSXm3kc
7mk+qCSYw0wlTnfZ+GD52DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAVGqdXpJr7Cvnzle6dwsMzcgE4oAU4MnchuWGIunN
d2AFxIXqiTjCG8PjCjewjqcsQbZzFb7RCiJ4kNBBDSBTXSKeEK4Zh6N4FxHpCVVd
xIVtOBjpwMSKhycym7a4ZDRQzFysSViqOJGiYf6hbB0CjOzRq4SoB0eGjb/SMSnp
xr8CkfD4G8e3bBYdDpiMIm6HSsQoTSP0sgukKOc4J4MSq10OJ43rr9INfO0lLc9G
qcIexLwt/Bemgo9LhWWR4bQhsiTMGkqKxzqhlMhMScDgj8K6MLnbpR+Nt3J1nHUG
orqoRWLU6AgCvqi/9cJ5CfbYr+406TdDIarkeY6BenvKew==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:40 2025 by rpki-client