Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: xZGPez1c3eJI46HZq4JN07ilzN64EqOAbK65nD8Uea8=
Subject key identifier: 2F:44:19:D1:25:5B:24:4E:0A:51:47:B5:AF:F5:D6:D2:6A:D7:CF:EF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2BEE0DDD4DB96A36F85D523870156AC59850B7FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Fri 26 Sep 2025 20:20:11 +0000
ROA not before: Fri 26 Sep 2025 20:20:11 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ee:0d:dd:4d:b9:6a:36:f8:5d:52:38:70:15:6a:c5:98:50:b7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:11 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4f9a37049af77958e9226d27041249f93b54a3ef2c440c1a743a58dd2e90f42d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a5:60:a3:a8:63:14:83:6d:20:16:03:d4:57:
3f:1b:10:a8:72:ea:97:ba:e2:4f:fa:7b:7a:80:97:
a5:c2:4e:38:b7:b0:80:d2:ac:de:8c:95:7e:c6:1f:
e1:8c:7c:fe:a1:13:bc:c6:bb:71:52:4e:94:5e:44:
41:c8:89:2d:c3:19:6e:96:86:91:e7:9c:63:d2:25:
6a:f4:94:4d:5a:7c:e4:1f:a8:0a:b2:cd:d1:1e:08:
12:4f:b1:e2:82:2f:ec:a8:08:25:f7:3b:52:0f:a5:
8b:2a:3a:b4:78:7c:62:1b:36:4c:df:a2:c0:6b:90:
ad:47:7a:e8:ac:3c:5c:8a:b4:09:90:be:c5:a7:4a:
17:97:08:4c:f2:25:a8:ad:b8:8a:df:c9:6e:60:f3:
ea:71:c6:b3:80:44:de:a6:61:24:43:ea:6e:3f:a6:
2b:9c:2d:ad:96:2c:94:b1:f5:bb:ed:28:42:b3:dc:
bb:b7:d6:f2:31:dd:a6:0c:41:ae:04:d9:ed:14:82:
1c:7b:85:e7:0c:dd:b2:c6:a9:ca:6f:52:7c:fd:1c:
f5:41:02:94:6e:14:85:a7:94:55:af:0f:b8:1b:e8:
75:a5:b9:61:63:2d:2f:1e:92:a2:31:4c:2d:ee:82:
c0:46:6e:d0:fa:df:ce:fc:ea:73:7e:38:00:08:79:
df:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:44:19:D1:25:5B:24:4E:0A:51:47:B5:AF:F5:D6:D2:6A:D7:CF:EF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:5e:0b:2f:4b:cf:df:83:72:be:fb:9e:7e:99:ca:ec:db:cf:
14:75:fd:e3:f8:eb:f5:b8:a4:d3:00:3b:22:a7:55:a5:e9:d3:
4d:4b:05:04:b8:90:d0:45:18:3b:8d:44:71:0b:5c:93:79:fd:
68:f0:c7:fe:38:13:39:5d:da:33:ed:3c:ce:4b:02:c4:59:b5:
6a:a3:38:c2:07:23:cf:95:4b:1f:ea:f4:94:58:6c:e5:b9:7f:
dc:c8:40:50:9f:82:dc:04:ac:5a:11:15:9b:9b:f9:5c:81:7a:
23:57:13:bb:23:bc:be:30:e2:8f:02:19:0e:f9:1a:48:50:8d:
02:ed:05:5f:94:b4:28:bf:bd:66:16:e1:5e:f5:93:ea:0f:1e:
5a:68:7a:a4:62:d8:ba:fd:5c:a6:d4:e4:c3:d8:26:64:dc:ed:
51:21:66:64:61:8e:e9:eb:b0:dc:f3:da:fb:60:46:f4:6d:b2:
42:c8:61:f5:5a:9f:a5:91:c9:f9:3b:0a:cf:9d:da:6b:56:49:
a6:5e:8f:be:0d:18:81:08:1c:6c:34:12:16:c1:e7:f8:7b:c8:
70:b5:c8:80:f9:60:a9:8a:d9:e9:b8:2e:db:0f:de:9a:ca:7f:
49:86:60:1e:68:b9:41:22:78:ea:0c:d5:02:9a:44:65:bf:e3:
1d:2e:89:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK+4N3U25ajb4XVI4cBVqxZhQt/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMTFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmOWEzNzA0OWFmNzc5NThlOTIyNmQyNzA0MTI0OWY5M2I1NGEzZWYyYzQ0
MGMxYTc0M2E1OGRkMmU5MGY0MmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOalYKOoYxSDbSAWA9RXPxsQqHLql7riT/p7eoCXpcJOOLewgNKs3oyVfsYf
4Yx8/qETvMa7cVJOlF5EQciJLcMZbpaGkeecY9IlavSUTVp85B+oCrLN0R4IEk+x
4oIv7KgIJfc7Ug+liyo6tHh8Yhs2TN+iwGuQrUd66Kw8XIq0CZC+xadKF5cITPIl
qK24it/JbmDz6nHGs4BE3qZhJEPqbj+mK5wtrZYslLH1u+0oQrPcu7fW8jHdpgxB
rgTZ7RSCHHuF5wzdssapym9SfP0c9UEClG4UhaeUVa8PuBvodaW5YWMtLx6SojFM
Le6CwEZu0Prfzvzqc344AAh53zECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvRBnR
JVskTgpRR7Wv9dbSatfP7zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQA6XgsvS8/fg3K++55+mcrs288Udf3j+Ov1uKTTADsi
p1Wl6dNNSwUEuJDQRRg7jURxC1yTef1o8Mf+OBM5Xdoz7TzOSwLEWbVqozjCByPP
lUsf6vSUWGzluX/cyEBQn4LcBKxaERWbm/lcgXojVxO7I7y+MOKPAhkO+RpIUI0C
7QVflLQov71mFuFe9ZPqDx5aaHqkYti6/Vym1OTD2CZk3O1RIWZkYY7p67Dc89r7
YEb0bbJCyGH1Wp+lkcn5OwrPndprVkmmXo++DRiBCBxsNBIWwef4e8hwtciA+WCp
itnpuC7bD96ayn9JhmAeaLlBInjqDNUCmkRlv+MdLonR
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:31 2025 by rpki-client