Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: 7lMKf3DfxpPgv+j2nahyUpJ9oGezXGiDUvSuKUYiz2Y=
Subject key identifier: 27:FD:54:82:F9:31:09:E3:21:4C:7B:5C:D2:30:A8:93:99:AB:15:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24C1BCE65C04FB753686B70514FAD1561368E99F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Fri 26 Sep 2025 20:20:31 +0000
ROA not before: Fri 26 Sep 2025 20:20:31 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:c1:bc:e6:5c:04:fb:75:36:86:b7:05:14:fa:d1:56:13:68:e9:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:31 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=69303359b67e67dbdaa005cd89382d83edf358f6093b4954e695a6af409a71e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:aa:f7:bd:6c:8c:ca:81:8c:f0:8e:f4:3b:db:
ee:0c:4d:c9:c6:f5:1c:a4:60:ab:e2:f0:f7:5f:e5:
35:de:6c:70:8a:c8:a8:0d:1d:18:1a:61:1c:47:50:
f0:7b:cb:81:4a:f9:2c:0e:f9:a6:28:49:68:12:f8:
c1:cf:b3:a6:8d:5c:49:22:4b:b6:71:00:30:ec:72:
a9:66:9b:1c:2c:bf:08:35:f5:27:d2:07:d1:3a:9b:
36:c6:35:ec:7e:2f:35:d6:6b:9d:11:13:03:14:32:
ca:8f:cb:45:26:2e:33:77:af:f8:5a:6d:69:37:d5:
b9:94:fd:50:56:f3:ce:28:f6:7c:87:36:5e:5b:e0:
4a:8a:92:1c:5b:0e:93:56:3d:3f:18:2e:62:8d:15:
e5:6f:82:8d:ea:19:bd:9f:e9:2d:3d:54:29:f5:70:
eb:f1:4a:58:59:68:81:89:d3:d2:35:19:5c:58:6e:
ed:23:4f:6a:40:76:a3:33:8d:a9:1c:33:f5:7d:38:
32:39:2f:8e:f0:f5:c3:6d:f3:de:c9:cf:97:e1:d6:
9a:7d:9c:28:17:b4:a3:59:e9:ff:4b:a6:ea:76:89:
0e:80:5b:1c:4e:94:02:72:10:51:11:dc:28:0e:c6:
a5:d3:19:38:e6:91:68:56:47:34:8a:38:58:48:e1:
70:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:FD:54:82:F9:31:09:E3:21:4C:7B:5C:D2:30:A8:93:99:AB:15:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0f:2b:48:0e:29:29:d1:82:21:82:80:04:89:eb:5f:28:64:f5:
51:1b:d0:07:bb:d9:29:29:03:50:4c:99:8e:fd:bb:86:df:57:
76:63:b5:bf:04:d6:bb:f3:8d:2f:f1:e5:d7:d7:7c:2c:87:e1:
24:57:91:cb:f5:7d:c4:22:8e:ad:e2:a2:57:2a:ac:ad:c4:f1:
8d:2d:03:97:46:1a:06:8d:79:42:0d:dc:04:71:09:cd:75:0a:
da:3d:0d:f7:5a:cf:08:f2:22:ea:04:1f:a0:3e:0d:9c:ec:b8:
de:c7:aa:c1:ae:72:3b:19:f9:52:9e:00:7e:4e:9e:94:85:27:
9f:e0:45:e0:62:69:79:b1:80:bf:a1:69:47:07:9c:50:55:4d:
fb:25:1f:44:3e:00:cf:30:6f:2c:30:f4:80:b2:7f:a7:27:88:
b8:6b:45:ef:7a:70:63:14:fe:9f:c4:dc:e5:55:e3:8c:9a:2c:
bf:ab:1c:de:12:e6:3f:16:ae:34:e6:61:c8:77:b7:a1:40:67:
62:86:df:f4:ce:0c:e4:ee:d1:b9:b4:52:af:30:ad:84:6d:47:
71:59:73:02:05:77:51:85:e8:5f:aa:88:2c:fa:32:b7:ce:f0:
a9:9e:57:d2:3a:e7:32:36:e9:a2:8a:12:3c:54:70:ee:fc:ce:
56:3b:c4:10
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJMG85lwE+3U2hrcFFPrRVhNo6Z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5MzAzMzU5YjY3ZTY3ZGJkYWEwMDVjZDg5MzgyZDgzZWRmMzU4ZjYwOTNi
NDk1NGU2OTVhNmFmNDA5YTcxZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALKq971sjMqBjPCO9Dvb7gxNycb1HKRgq+Lw91/lNd5scIrIqA0dGBphHEdQ
8HvLgUr5LA75pihJaBL4wc+zpo1cSSJLtnEAMOxyqWabHCy/CDX1J9IH0TqbNsY1
7H4vNdZrnRETAxQyyo/LRSYuM3ev+FptaTfVuZT9UFbzzij2fIc2XlvgSoqSHFsO
k1Y9PxguYo0V5W+CjeoZvZ/pLT1UKfVw6/FKWFlogYnT0jUZXFhu7SNPakB2ozON
qRwz9X04MjkvjvD1w23z3snPl+HWmn2cKBe0o1np/0um6naJDoBbHE6UAnIQURHc
KA7GpdMZOOaRaFZHNIo4WEjhcMUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQn/VSC
+TEJ4yFMe1zSMKiTmasVWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAPK0gOKSnRgiGCgASJ618oZPVRG9AHu9kpKQNQTJmO
/buG31d2Y7W/BNa7840v8eXX13wsh+EkV5HL9X3EIo6t4qJXKqytxPGNLQOXRhoG
jXlCDdwEcQnNdQraPQ33Ws8I8iLqBB+gPg2c7Ljex6rBrnI7GflSngB+Tp6UhSef
4EXgYml5sYC/oWlHB5xQVU37JR9EPgDPMG8sMPSAsn+nJ4i4a0XvenBjFP6fxNzl
VeOMmiy/qxzeEuY/Fq405mHId7ehQGdiht/0zgzk7tG5tFKvMK2EbUdxWXMCBXdR
hehfqogs+jK3zvCpnlfSOucyNumiihI8VHDu/M5WO8QQ
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:44 2025 by rpki-client