Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: dUbGzA13KWZ45auBnncmhiiLzvNBpiPHmHuPdXO8zDU=
Subject key identifier: 85:52:1B:F5:E6:9C:6B:F2:DE:78:F6:0F:78:25:66:C0:0D:74:44:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6088376687890CDCDC08F2EB11EAFE22E491C9F7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Fri 26 Sep 2025 20:20:49 +0000
ROA not before: Fri 26 Sep 2025 20:20:49 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:88:37:66:87:89:0c:dc:dc:08:f2:eb:11:ea:fe:22:e4:91:c9:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:49 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=abbbd8adc6fa2efdc2ffa928f3fde5b03390a0e108571ca744731e1b5c9c6448, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:52:2a:02:e3:d3:c0:5e:1d:50:5d:dd:e3:09:
68:3d:20:2e:07:65:56:b4:3c:4a:85:e0:b4:ba:c5:
41:16:0c:74:4a:98:53:27:d9:de:00:67:8c:13:1a:
ee:67:bb:bc:39:19:d9:f9:7e:4a:57:b8:99:77:fe:
d3:91:2a:ad:97:68:10:96:d9:63:08:57:d3:29:78:
0d:33:f6:de:17:f0:ba:77:cd:01:a7:a1:10:e5:84:
ff:54:03:76:b5:68:37:9c:a7:d9:43:34:2f:d8:c0:
99:cb:36:49:1b:37:e4:cd:f6:d0:1d:35:02:f9:9f:
df:1c:3e:a3:55:0f:ff:8b:17:97:be:65:a5:36:49:
54:e9:0d:19:d5:95:bb:ef:5d:8c:66:fc:88:ef:79:
59:d4:90:c0:10:eb:9d:15:8c:3c:2f:47:a8:5c:c8:
41:8f:ed:8d:c8:e2:41:33:92:51:7d:b2:af:62:0f:
32:56:b6:b6:d9:37:ef:ee:0e:5b:d1:e3:0f:02:08:
80:89:27:1f:14:3f:0a:7a:ca:e8:fa:7d:3e:b5:90:
c6:a7:11:63:52:61:06:df:36:04:cf:b2:4b:a7:eb:
85:65:32:90:6c:7e:f1:ee:2c:77:58:59:34:56:d8:
98:e1:db:02:f1:e9:47:2b:6a:59:d7:7f:b6:16:3a:
1f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:52:1B:F5:E6:9C:6B:F2:DE:78:F6:0F:78:25:66:C0:0D:74:44:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:5e:7d:c0:5d:02:77:f6:a1:71:0f:37:93:2c:f9:42:17:c5:
6d:46:1d:44:33:b6:26:b0:93:42:f2:26:d1:1b:7e:0e:1d:88:
b0:d9:f9:f5:3d:d7:74:4f:11:83:9c:60:76:f3:fa:5b:14:cd:
4d:9e:18:70:e5:71:98:42:59:30:aa:de:c8:0a:9b:cb:fa:f3:
98:d9:ee:da:b2:5d:c5:5c:eb:b5:7d:0c:40:3c:ec:3f:85:54:
2b:eb:82:0a:61:31:a2:ad:3b:61:b0:f2:33:aa:ef:dd:98:a4:
2b:7b:26:fc:fe:f7:1d:e4:f9:cb:f5:94:44:bc:b3:15:c9:ab:
c5:8d:29:d5:f1:c3:1a:19:2f:c0:75:b0:4b:f2:46:62:29:dc:
d1:86:dd:2d:6f:9f:18:b5:3d:6d:30:f5:c2:ac:6a:c8:83:ed:
ac:5d:c6:d5:45:cb:6c:8a:ca:20:ed:bb:eb:60:91:5e:77:ed:
2e:a7:91:ff:ff:c3:43:94:93:d1:e7:55:bc:ea:8b:d5:5a:84:
25:88:98:95:79:e0:6e:d3:55:35:94:e8:db:9d:b1:17:78:ab:
6d:c0:85:43:01:9a:30:e7:93:81:be:e9:a7:3f:65:ae:47:ed:
d8:19:50:3d:e4:62:21:21:53:78:01:7d:ed:c1:92:ce:ba:8f:
2b:6b:d7:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYIg3ZoeJDNzcCPLrEer+IuSRyfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiYmJkOGFkYzZmYTJlZmRjMmZmYTkyOGYzZmRlNWIwMzM5MGEwZTEwODU3
MWNhNzQ0NzMxZTFiNWM5YzY0NDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBSKgLj08BeHVBd3eMJaD0gLgdlVrQ8SoXgtLrFQRYMdEqYUyfZ3gBnjBMa
7me7vDkZ2fl+Sle4mXf+05EqrZdoEJbZYwhX0yl4DTP23hfwunfNAaehEOWE/1QD
drVoN5yn2UM0L9jAmcs2SRs35M320B01Avmf3xw+o1UP/4sXl75lpTZJVOkNGdWV
u+9djGb8iO95WdSQwBDrnRWMPC9HqFzIQY/tjcjiQTOSUX2yr2IPMla2ttk37+4O
W9HjDwIIgIknHxQ/CnrK6Pp9PrWQxqcRY1JhBt82BM+yS6frhWUykGx+8e4sd1hZ
NFbYmOHbAvHpRytqWdd/thY6Hz8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSFUhv1
5pxr8t549g94JWbADXRESjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQAYXn3AXQJ39qFxDzeTLPlCF8VtRh1EM7YmsJNC8ibR
G34OHYiw2fn1Pdd0TxGDnGB28/pbFM1Nnhhw5XGYQlkwqt7ICpvL+vOY2e7asl3F
XOu1fQxAPOw/hVQr64IKYTGirTthsPIzqu/dmKQreyb8/vcd5PnL9ZREvLMVyavF
jSnV8cMaGS/AdbBL8kZiKdzRht0tb58YtT1tMPXCrGrIg+2sXcbVRctsisog7bvr
YJFed+0up5H//8NDlJPR51W86ovVWoQliJiVeeBu01U1lOjbnbEXeKttwIVDAZow
55OBvumnP2WuR+3YGVA95GIhIVN4AX3twZLOuo8ra9d2
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:57:57 2025 by rpki-client