Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json)
Hash identifier: 2rdrzlG7Sl2q9KZJniMZIqKvX7clzdEdVUiLXjjdv18=
Subject key identifier: 65:56:12:DC:A4:28:EB:6C:EB:37:FB:8D:4B:9B:3B:34:FD:3F:8C:E0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 616E4D546376E031EBA231583C2A56429F27E0B1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
Signing time: Mon 29 Sep 2025 15:40:22 +0000
ROA not before: Mon 29 Sep 2025 15:40:22 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:6e:4d:54:63:76:e0:31:eb:a2:31:58:3c:2a:56:42:9f:27:e0:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:22 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=e83bd4d7e6a911330903cd102d8d1301f95ec94fff685577378c8fda6bd77b67, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:18:2b:dd:bf:c4:b3:4d:0e:82:d3:51:b4:d6:
66:17:c3:5f:40:20:26:91:9f:91:96:43:ac:4f:bb:
0f:b0:0b:dc:9b:fe:ce:15:47:c2:1c:61:ac:d8:c4:
00:1b:07:61:ce:29:cf:1b:01:ff:d4:e2:9c:53:9f:
2b:cd:b5:3b:9c:42:c1:e2:f5:08:b1:12:9c:c5:45:
28:2c:e4:23:4f:da:03:3d:fd:8b:bf:48:34:a8:62:
30:ef:17:09:ff:37:22:9e:ff:7d:5a:ff:76:03:cb:
1b:fa:54:48:3b:d5:c3:d6:a9:91:bd:c3:c1:b0:fd:
27:38:82:60:fd:5f:a9:33:4b:cc:8f:5b:ff:4e:1f:
c0:37:26:37:9f:c0:45:93:5a:d6:ec:56:60:2e:3c:
0e:7c:da:39:1d:6f:5a:73:4a:2e:c6:df:42:0e:0b:
7a:f3:b9:48:7f:96:f1:37:b5:10:d1:6d:62:c0:df:
58:eb:78:b8:cb:19:fc:76:61:a7:50:df:7b:dd:26:
5d:af:43:53:da:6c:c0:6c:b6:44:77:cb:00:fa:e1:
77:bf:25:73:c7:e4:1c:8a:f9:be:39:37:3e:7a:07:
bb:7a:38:1a:34:c5:bf:5c:e3:02:f4:f4:63:11:68:
d9:b3:1a:c1:17:93:c0:74:fd:ff:a5:84:a4:d4:85:
4c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:56:12:DC:A4:28:EB:6C:EB:37:FB:8D:4B:9B:3B:34:FD:3F:8C:E0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
ce:f2:71:7d:db:92:35:b0:76:79:c3:34:1a:62:21:6f:1b:46:
ea:8c:7c:65:14:7f:83:5a:c5:c4:30:fa:b6:02:00:01:c8:b3:
ad:ba:77:19:24:b5:c2:9b:e4:21:56:c4:5f:4c:1f:0c:f7:6d:
8d:69:90:f0:3b:e9:a9:7f:b4:ca:34:f8:34:c1:ae:26:e8:1f:
de:38:5a:0f:ab:f9:bd:00:a1:87:03:9e:28:26:a6:c5:42:cf:
12:43:ea:25:e6:fa:15:b7:c9:63:72:76:0f:f3:04:94:ca:1e:
0d:38:99:be:4f:b6:fd:47:61:85:d6:d9:65:f2:d1:59:3f:87:
b7:6f:54:11:eb:fc:a9:21:69:19:5f:e1:f3:ff:ac:0b:a3:ba:
9d:af:46:20:c7:c1:5d:c7:e5:1c:27:1c:70:bc:65:ff:ad:b0:
66:08:c6:b5:4a:fd:88:0d:3c:89:9d:e8:9d:38:de:9f:2e:9e:
ab:1a:f5:d1:b8:3a:64:fc:a3:c0:d2:a6:16:f1:d6:6d:18:b6:
fd:df:a2:16:60:f8:f7:1a:00:25:80:ac:f0:46:26:1e:f6:86:
57:c8:7f:f5:4a:5a:78:92:c1:f8:51:19:14:2f:76:de:c8:9c:
d9:b2:eb:e5:3e:89:aa:b8:6a:3c:58:e3:51:84:77:0f:21:4f:
28:a4:d2:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYW5NVGN24DHrojFYPCpWQp8n4LEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMjJaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4M2JkNGQ3ZTZhOTExMzMwOTAzY2QxMDJkOGQxMzAxZjk1ZWM5NGZmZjY4
NTU3NzM3OGM4ZmRhNmJkNzdiNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOUYK92/xLNNDoLTUbTWZhfDX0AgJpGfkZZDrE+7D7AL3Jv+zhVHwhxhrNjE
ABsHYc4pzxsB/9TinFOfK821O5xCweL1CLESnMVFKCzkI0/aAz39i79INKhiMO8X
Cf83Ip7/fVr/dgPLG/pUSDvVw9apkb3DwbD9JziCYP1fqTNLzI9b/04fwDcmN5/A
RZNa1uxWYC48DnzaOR1vWnNKLsbfQg4LevO5SH+W8Te1ENFtYsDfWOt4uMsZ/HZh
p1Dfe90mXa9DU9pswGy2RHfLAPrhd78lc8fkHIr5vjk3PnoHu3o4GjTFv1zjAvT0
YxFo2bMawReTwHT9/6WEpNSFTGUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRlVhLc
pCjrbOs3+41Lmzs0/T+M4DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQDO8nF925I1sHZ5wzQaYiFvG0bqjHxlFH+DWsXEMPq2
AgAByLOtuncZJLXCm+QhVsRfTB8M922NaZDwO+mpf7TKNPg0wa4m6B/eOFoPq/m9
AKGHA54oJqbFQs8SQ+ol5voVt8ljcnYP8wSUyh4NOJm+T7b9R2GF1tll8tFZP4e3
b1QR6/ypIWkZX+Hz/6wLo7qdr0Ygx8Fdx+UcJxxwvGX/rbBmCMa1Sv2IDTyJneid
ON6fLp6rGvXRuDpk/KPA0qYW8dZtGLb936IWYPj3GgAlgKzwRiYe9oZXyH/1Slp4
ksH4URkUL3beyJzZsuvlPomquGo8WONRhHcPIU8opNJu
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:28 2025 by rpki-client