Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: RdStVtMVVba9ys0MfaAM7OpsWil/8fM1kYpXCnaa8xA=
Subject key identifier: 83:43:C6:76:75:89:15:CE:E4:AB:57:4A:27:CB:B2:7A:9B:6C:8D:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56578E2D4D009B85D1B2C30BA277F04D87FDB8C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Sat 27 Sep 2025 00:52:43 +0000
ROA not before: Sat 27 Sep 2025 00:52:43 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:57:8e:2d:4d:00:9b:85:d1:b2:c3:0b:a2:77:f0:4d:87:fd:b8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:43 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=5a5aa0b545f286eaf7c12ba728278bee9096fc6b33dd152d031662b1a4b14b05, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:fb:80:67:93:4d:26:22:a0:b3:cd:fd:52:42:
fb:19:9a:67:48:6d:2f:ee:72:e2:f9:2b:0e:50:b9:
de:14:d5:cb:31:aa:d0:ee:58:55:f2:d5:08:3e:cf:
c7:09:4b:42:f5:29:75:19:80:f9:e5:a1:97:ec:2b:
59:e2:db:96:7a:01:ce:94:be:54:2b:21:70:fc:43:
1d:cd:81:8e:36:3a:c8:3f:4a:6a:b3:8c:e6:0a:ee:
57:b5:c3:19:9e:b6:38:51:0b:9f:04:80:3c:17:b1:
3c:2f:7a:75:5b:f9:c9:10:65:7e:86:49:a9:81:24:
c1:66:0c:79:0f:29:ed:9c:08:91:c0:32:c0:99:d1:
19:cf:33:16:f8:21:5f:fb:b5:10:b3:58:6d:27:4d:
7f:28:6a:7d:bf:73:53:f4:d9:5a:2b:b8:e3:f1:f5:
b3:a3:73:91:94:dc:98:35:29:45:86:46:5a:6a:f6:
d0:d8:52:00:e4:fd:d8:8e:c2:ae:39:b5:1d:79:87:
6f:7f:55:0a:88:b9:75:2b:e9:d7:ac:84:2e:00:d3:
33:ff:cd:eb:ce:e1:99:ee:89:fc:79:40:a0:17:dc:
3d:d8:23:7f:3f:f6:13:ad:5f:bd:f7:2c:0d:59:19:
7b:99:44:e8:22:c4:a5:56:07:ad:24:5d:af:e8:77:
dc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:43:C6:76:75:89:15:CE:E4:AB:57:4A:27:CB:B2:7A:9B:6C:8D:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:dd:be:03:7b:15:fc:df:3d:24:c7:a3:4b:34:e5:bf:c0:44:
50:30:6e:a8:c0:d0:c8:32:e3:e5:ae:e8:00:1c:14:f9:e1:5a:
00:6c:c2:61:04:35:bf:af:85:95:b2:a8:41:ec:33:39:7d:ab:
02:21:7f:d0:38:08:1e:56:28:72:d6:ab:9b:d7:c2:9b:eb:d3:
af:e2:ec:c0:38:3c:b3:e4:49:6d:c4:ea:1e:de:ab:be:e1:3d:
d5:ff:0b:48:a4:c8:ad:c2:ea:6a:54:ab:f9:a4:b3:f4:51:86:
3c:9b:3f:0f:19:74:0f:af:50:10:b9:7f:99:d0:ca:24:74:bc:
57:ea:2c:6a:4b:f2:36:4e:00:0c:41:a5:08:93:ee:1b:04:be:
f4:d0:d7:84:58:e4:4c:72:cf:b4:83:72:3c:f6:0c:6e:e0:d5:
c9:9a:e4:bb:54:d3:1f:77:59:e5:34:cb:a8:16:f7:09:31:cd:
66:72:c5:03:77:ad:c1:69:e9:0d:d3:1b:4a:cf:59:63:ec:9f:
58:7d:a4:48:d5:f6:2a:5a:9c:9c:9d:88:49:f0:3b:ed:3b:a4:
b8:7b:d5:a2:03:37:9a:58:cc:aa:b9:f6:ee:88:51:e3:92:50:
00:88:f9:23:a7:fa:98:93:58:ce:8c:1b:1c:b1:91:a2:bd:15:
57:54:c9:bb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVleOLU0Am4XRssMLonfwTYf9uMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyNDNaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhNWFhMGI1NDVmMjg2ZWFmN2MxMmJhNzI4Mjc4YmVlOTA5NmZjNmIzM2Rk
MTUyZDAzMTY2MmIxYTRiMTRiMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ77gGeTTSYioLPN/VJC+xmaZ0htL+5y4vkrDlC53hTVyzGq0O5YVfLVCD7P
xwlLQvUpdRmA+eWhl+wrWeLblnoBzpS+VCshcPxDHc2BjjY6yD9KarOM5gruV7XD
GZ62OFELnwSAPBexPC96dVv5yRBlfoZJqYEkwWYMeQ8p7ZwIkcAywJnRGc8zFvgh
X/u1ELNYbSdNfyhqfb9zU/TZWiu44/H1s6NzkZTcmDUpRYZGWmr20NhSAOT92I7C
rjm1HXmHb39VCoi5dSvp16yELgDTM//N687hme6J/HlAoBfcPdgjfz/2E61fvfcs
DVkZe5lE6CLEpVYHrSRdr+h33P8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSDQ8Z2
dYkVzuSrV0ony7J6m2yNvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAs92+A3sV/N89JMejSzTlv8BEUDBuqMDQyDLj5a7o
ABwU+eFaAGzCYQQ1v6+FlbKoQewzOX2rAiF/0DgIHlYoctarm9fCm+vTr+LswDg8
s+RJbcTqHt6rvuE91f8LSKTIrcLqalSr+aSz9FGGPJs/Dxl0D69QELl/mdDKJHS8
V+osakvyNk4ADEGlCJPuGwS+9NDXhFjkTHLPtINyPPYMbuDVyZrku1TTH3dZ5TTL
qBb3CTHNZnLFA3etwWnpDdMbSs9ZY+yfWH2kSNX2KlqcnJ2ISfA77TukuHvVogM3
mljMqrn27ohR45JQAIj5I6f6mJNYzowbHLGRor0VV1TJuw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:19 2025 by rpki-client