Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: Kyb9ZSHkgjTQLENMX/jNqWYQ6LK14KZxDghAxc4yGds=
Subject key identifier: 12:45:C9:47:08:CC:B8:D2:20:1F:C3:14:D7:2B:BB:CF:DD:B4:27:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 051FA0C050EA04B3F526452E46CC54C8E9A10C20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Sat 27 Sep 2025 00:52:38 +0000
ROA not before: Sat 27 Sep 2025 00:52:38 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:1f:a0:c0:50:ea:04:b3:f5:26:45:2e:46:cc:54:c8:e9:a1:0c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:38 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=4bb53a2d16e0f4c7d71ba4a4f7c51a1584d4f1ac6671689a299165194405f22e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:59:0e:a7:73:18:0d:e9:1d:71:a8:20:87:cb:
e1:68:da:29:b6:1b:37:c2:d1:3b:0a:47:0c:81:b0:
46:91:0e:a3:c5:ed:91:43:3d:18:db:3d:0a:0b:05:
91:ff:5c:97:13:71:d7:89:56:84:6d:f0:d5:8d:07:
b4:cf:a4:3f:da:a5:6b:02:9d:c0:23:b0:50:3c:b1:
3a:7f:96:40:8d:6a:07:85:c5:e3:d6:43:b6:4c:f6:
e5:78:24:b6:4f:33:74:87:de:d8:f0:b0:52:3a:ba:
58:35:0f:c3:60:c6:0e:45:09:08:96:fa:3f:0e:d5:
7a:71:4c:81:12:dc:e7:8e:f6:28:62:ab:48:ae:d4:
f3:3c:98:26:5d:72:0e:bb:c1:f0:f3:f3:00:80:94:
f4:32:6d:c4:9a:cf:37:23:ad:6e:be:8b:f3:4c:c7:
fd:08:7c:ba:45:38:11:8b:6e:9f:bc:b7:05:4e:57:
00:dc:c9:ac:f3:42:60:0e:5b:58:86:a8:34:ec:f6:
71:cb:c8:aa:0a:e1:72:5b:a9:61:c8:28:c9:54:af:
86:77:24:82:ad:05:90:73:03:d5:f2:40:14:5e:0c:
2e:46:cd:70:98:1c:d6:12:d9:71:61:13:5b:90:e0:
05:31:e2:8e:d8:c6:9c:7b:a3:08:e8:5b:6d:18:c4:
d7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:45:C9:47:08:CC:B8:D2:20:1F:C3:14:D7:2B:BB:CF:DD:B4:27:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
27:df:50:3b:fc:91:f7:7f:3a:61:41:b5:a6:3c:07:40:01:02:
0c:d2:fc:22:af:9d:5f:3a:2a:24:9b:bf:83:89:69:c0:ed:29:
02:67:d3:98:8c:78:75:12:fb:47:98:aa:1e:51:3a:6e:33:43:
84:03:ef:98:46:27:e6:fb:27:b7:a7:92:ef:21:4f:dd:76:76:
7f:5d:24:73:c3:81:92:ac:f2:5f:f7:e2:2a:4a:6a:72:b6:29:
28:96:58:15:38:4d:21:88:a8:97:f9:32:cf:fe:60:15:73:e3:
e2:dc:77:ac:cb:40:99:e7:e5:84:a3:ed:f7:75:c6:55:1b:d9:
8f:7d:04:b9:36:2f:41:86:27:50:74:4d:78:e3:58:d0:d9:9d:
2f:97:9b:22:bd:f3:92:1e:28:de:3e:c5:3b:71:11:5e:e5:1e:
3e:3a:8c:fa:0e:61:fa:25:08:c9:98:23:dc:a9:c6:45:0e:47:
ab:89:21:0f:40:01:55:fa:58:af:55:48:1b:98:fb:6e:e9:f0:
ae:75:1e:f5:ca:0d:c7:74:a0:d3:1f:82:1e:f5:ef:ed:5c:ad:
00:18:29:2e:b7:06:82:cc:ef:6a:dd:5a:52:32:59:6d:1f:c1:
7b:18:f2:7f:ae:2d:2d:66:40:8f:96:34:6e:d3:a1:7b:fd:b8:
46:22:71:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBR+gwFDqBLP1JkUuRsxUyOmhDCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyMzhaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiYjUzYTJkMTZlMGY0YzdkNzFiYTRhNGY3YzUxYTE1ODRkNGYxYWM2Njcx
Njg5YTI5OTE2NTE5NDQwNWYyMmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ9ZDqdzGA3pHXGoIIfL4WjaKbYbN8LROwpHDIGwRpEOo8XtkUM9GNs9CgsF
kf9clxNx14lWhG3w1Y0HtM+kP9qlawKdwCOwUDyxOn+WQI1qB4XF49ZDtkz25Xgk
tk8zdIfe2PCwUjq6WDUPw2DGDkUJCJb6Pw7VenFMgRLc5472KGKrSK7U8zyYJl1y
DrvB8PPzAICU9DJtxJrPNyOtbr6L80zH/Qh8ukU4EYtun7y3BU5XANzJrPNCYA5b
WIaoNOz2ccvIqgrhclupYcgoyVSvhnckgq0FkHMD1fJAFF4MLkbNcJgc1hLZcWET
W5DgBTHijtjGnHujCOhbbRjE15MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQSRclH
CMy40iAfwxTXK7vP3bQnuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQAn31A7/JH3fzphQbWmPAdAAQIM0vwir51fOiokm7+D
iWnA7SkCZ9OYjHh1EvtHmKoeUTpuM0OEA++YRifm+ye3p5LvIU/ddnZ/XSRzw4GS
rPJf9+IqSmpytikollgVOE0hiKiX+TLP/mAVc+Pi3Hesy0CZ5+WEo+33dcZVG9mP
fQS5Ni9BhidQdE1441jQ2Z0vl5sivfOSHijePsU7cRFe5R4+Ooz6DmH6JQjJmCPc
qcZFDkeriSEPQAFV+livVUgbmPtu6fCudR71yg3HdKDTH4Ie9e/tXK0AGCkutwaC
zO9q3VpSMlltH8F7GPJ/ri0tZkCPljRu06F7/bhGInGo
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:59 2025 by rpki-client