Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: Utz7LmqPqSnuy8yLx4b3r7UqrjKuMssOJzpX0I1xFUo=
Subject key identifier: 87:30:10:2E:02:87:9E:EC:83:36:D1:DA:0C:13:3B:49:93:5D:EC:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5163A1A8373AB017C24BF448031C26097CE4E81F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Fri 26 Sep 2025 20:20:32 +0000
ROA not before: Fri 26 Sep 2025 20:20:32 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:63:a1:a8:37:3a:b0:17:c2:4b:f4:48:03:1c:26:09:7c:e4:e8:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:32 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=5020f2ace6c8aec7a706a3095c54a4b491615ad28e77256b3fa333ad3f4e6271, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:35:62:f9:4e:14:a8:6c:b3:aa:15:1f:66:eb:
fc:c1:50:35:f0:50:1c:80:84:84:3a:67:3e:23:4c:
70:2b:90:05:01:aa:68:61:ab:53:0c:50:04:73:63:
96:05:3f:21:5f:3c:f7:2e:bd:f1:60:7c:7a:78:88:
43:75:33:6d:34:c8:97:40:ce:f3:e6:59:4b:6f:15:
91:7d:98:f7:09:0c:b7:59:72:a8:27:8a:e0:57:b3:
bc:68:9a:96:99:b6:02:94:9e:43:75:7d:e9:e9:84:
3d:58:bf:17:11:7f:77:c4:ad:b6:4d:c5:0c:41:75:
07:7b:eb:a4:7b:b7:fa:60:2b:b2:f9:36:41:7c:7c:
eb:24:5c:b8:06:d6:a8:df:38:3e:b2:02:6c:83:f3:
ca:e0:24:fa:d2:74:fc:3a:eb:2d:12:60:40:2c:a2:
ca:38:95:d9:24:0d:c1:0c:f9:62:04:50:cb:5e:81:
73:cb:fd:55:d4:58:40:ee:e1:05:3f:6d:76:ca:33:
17:3c:84:95:82:c5:d0:65:4b:b5:23:42:b0:d5:d4:
79:19:18:83:d1:22:62:81:ae:18:10:8a:bf:32:8e:
f6:2f:20:fc:54:3f:43:ab:37:cc:68:87:49:b9:3a:
d6:cd:73:d8:c1:a9:4a:7c:79:96:71:c9:3e:e5:b8:
e6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:30:10:2E:02:87:9E:EC:83:36:D1:DA:0C:13:3B:49:93:5D:EC:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a0:a4:f8:ad:fe:9a:f5:b7:97:25:74:c7:0a:63:6c:a7:35:56:
e9:a9:8d:b9:fa:56:ea:c9:ea:f3:c1:65:df:67:b1:14:8f:35:
2d:1a:7a:41:02:77:43:aa:66:c1:cf:ad:92:18:58:50:d5:59:
a7:2e:a3:b4:2e:1a:40:1a:81:05:72:7a:47:e8:82:13:08:8a:
c7:38:0c:e3:15:b3:79:48:de:75:01:28:8a:aa:96:8b:15:54:
1e:0b:f1:c1:c5:39:60:b2:f1:d1:f2:f1:15:ee:80:e1:68:c1:
22:74:f3:3c:eb:ba:db:8e:dd:e4:31:4f:d7:b7:7d:d5:99:bb:
dd:98:59:7d:ec:be:5f:16:73:09:af:26:78:75:3b:35:70:b1:
a6:1a:aa:1f:11:e1:d8:d8:fc:d8:4f:46:c2:d3:72:d0:4a:52:
b6:d6:23:97:6b:88:0a:7f:8b:60:5c:27:11:64:b1:90:21:9d:
e3:90:a6:df:5e:89:d4:1f:42:b4:eb:f4:a8:c7:24:ca:76:ec:
e3:15:c6:26:1b:04:62:52:5b:60:2f:f7:e7:aa:d0:9a:5a:5e:
b2:54:f9:27:cf:90:f1:2e:a3:f2:4e:62:ed:9b:44:f6:8c:dd:
e7:16:03:24:56:27:0e:66:c3:c8:14:51:35:00:58:c1:11:fe:
71:c7:64:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUWOhqDc6sBfCS/RIAxwmCXzk6B8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzJaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwMjBmMmFjZTZjOGFlYzdhNzA2YTMwOTVjNTRhNGI0OTE2MTVhZDI4ZTc3
MjU2YjNmYTMzM2FkM2Y0ZTYyNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK01YvlOFKhss6oVH2br/MFQNfBQHICEhDpnPiNMcCuQBQGqaGGrUwxQBHNj
lgU/IV889y698WB8eniIQ3UzbTTIl0DO8+ZZS28VkX2Y9wkMt1lyqCeK4FezvGia
lpm2ApSeQ3V96emEPVi/FxF/d8Sttk3FDEF1B3vrpHu3+mArsvk2QXx86yRcuAbW
qN84PrICbIPzyuAk+tJ0/DrrLRJgQCyiyjiV2SQNwQz5YgRQy16Bc8v9VdRYQO7h
BT9tdsozFzyElYLF0GVLtSNCsNXUeRkYg9EiYoGuGBCKvzKO9i8g/FQ/Q6s3zGiH
Sbk61s1z2MGpSnx5lnHJPuW45i0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSHMBAu
Aoee7IM20doMEztJk13sHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQCgpPit/pr1t5cldMcKY2ynNVbpqY25+lbqyerzwWXf
Z7EUjzUtGnpBAndDqmbBz62SGFhQ1VmnLqO0LhpAGoEFcnpH6IITCIrHOAzjFbN5
SN51ASiKqpaLFVQeC/HBxTlgsvHR8vEV7oDhaMEidPM867rbjt3kMU/Xt33Vmbvd
mFl97L5fFnMJryZ4dTs1cLGmGqofEeHY2PzYT0bC03LQSlK21iOXa4gKf4tgXCcR
ZLGQIZ3jkKbfXonUH0K06/SoxyTKduzjFcYmGwRiUltgL/fnqtCaWl6yVPknz5Dx
LqPyTmLtm0T2jN3nFgMkVicOZsPIFFE1AFjBEf5xx2RL
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:00:22 2025 by rpki-client