Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
File: 9adb83e6-fa36-47fa-b5be-856fd7247898.roa (raw, json)
Hash identifier: HBpkaocFZYbJ4oItVeNeh3POMMRr6aSR4sJhAUgWJlE=
Subject key identifier: D3:F8:0F:2C:15:BF:60:B5:F4:5C:03:35:87:4C:9F:CE:86:D0:E6:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EB02611DBCB936CE8ACB0EA72775F316449C044
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
Signing time: Sat 27 Sep 2025 00:52:46 +0000
ROA not before: Sat 27 Sep 2025 00:52:46 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:b0:26:11:db:cb:93:6c:e8:ac:b0:ea:72:77:5f:31:64:49:c0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:46 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=d0b4dcedf22d6736cc2fe9859bfcf3546473ab23649692bc222b89667f815b21, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:b9:5c:f5:5b:0c:8c:d8:14:60:8a:3e:48:
3f:df:6d:7d:98:49:c0:a5:f0:30:45:f0:5a:af:2f:
01:f3:3f:c9:92:3f:b1:bf:9b:cf:e5:25:dc:ec:bd:
46:3f:f7:1d:5f:6e:3e:28:bf:bb:27:2c:f4:be:9f:
37:ff:1f:ce:ca:85:b9:ad:91:90:23:5b:41:ba:03:
6e:ec:a6:15:ca:e2:e1:c0:62:e4:8e:b4:c0:4c:66:
2f:c7:65:db:88:5a:99:a4:a5:99:08:82:a8:82:2e:
b4:00:d2:9d:bf:53:55:90:bd:44:fa:ff:5b:d9:be:
4c:d8:e5:65:e3:73:04:81:82:9c:d9:9e:5e:51:76:
3c:73:d7:d8:9e:b4:cc:c0:7d:bb:1d:aa:12:a0:77:
e8:e4:94:14:2a:17:29:0e:40:1b:c3:07:d7:b1:3f:
e1:07:8e:41:e4:6e:ef:b2:45:21:3a:18:58:89:93:
91:c8:d1:82:6c:61:81:7b:da:76:20:c5:fb:47:fc:
ad:66:aa:26:18:4d:64:a4:fa:0e:8e:51:9b:9a:dd:
33:97:58:f0:37:b8:f5:ca:68:ee:11:9e:e1:d9:2d:
d0:42:ab:22:ea:d2:30:fc:1a:e7:27:28:e4:c2:4b:
4c:ee:c9:d8:63:c8:08:8c:3f:5d:ac:7b:00:fd:21:
2c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F8:0F:2C:15:BF:60:B5:F4:5C:03:35:87:4C:9F:CE:86:D0:E6:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.104.0/23
Signature Algorithm: sha256WithRSAEncryption
ac:ee:ec:5c:64:62:42:69:d0:ba:33:4e:8b:3b:ee:a1:b8:95:
bd:17:cd:87:53:b2:06:2f:07:a7:88:28:67:2e:ee:9a:89:77:
36:e6:aa:0d:8a:68:d9:8d:eb:ff:dc:9d:82:05:e1:45:b7:18:
0d:8e:99:f3:df:11:e3:1b:93:67:2e:12:b0:dc:41:2a:3e:ea:
99:a8:98:67:53:5b:3a:18:35:b5:6d:8f:d3:5f:5a:a2:55:25:
d9:5f:2a:62:e9:d2:ff:a3:a7:7b:2e:d4:c6:e4:35:58:b2:8e:
22:85:28:3d:de:7f:e1:f9:b6:66:57:d0:94:55:69:35:c9:dc:
a7:26:e7:b0:c1:4a:a4:7b:ba:1b:44:eb:57:a1:69:5a:4a:aa:
15:02:70:95:3a:2a:25:43:43:b0:d9:67:e6:e9:ef:97:b1:89:
a6:17:89:f3:21:5e:6e:8a:de:27:b0:a9:42:7b:2c:6f:b5:d1:
04:20:32:56:6d:ef:90:e0:3c:b0:cc:d3:8d:c1:b7:f7:fc:ad:
e6:b5:c1:2b:26:ce:53:00:bc:6f:15:0d:e3:67:bb:50:eb:9d:
71:b0:8f:16:88:74:b7:9f:16:14:06:a5:04:ce:ef:79:1f:5a:
47:29:74:63:d0:1c:cf:a5:3c:ea:70:eb:63:b6:48:da:ae:79:
4d:ad:aa:e4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTrAmEdvLk2zorLDqcndfMWRJwEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyNDZaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwYjRkY2VkZjIyZDY3MzZjYzJmZTk4NTliZmNmMzU0NjQ3M2FiMjM2NDk2
OTJiYzIyMmI4OTY2N2Y4MTViMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKz9uVz1WwyM2BRgij5IP99tfZhJwKXwMEXwWq8vAfM/yZI/sb+bz+Ul3Oy9
Rj/3HV9uPii/uycs9L6fN/8fzsqFua2RkCNbQboDbuymFcri4cBi5I60wExmL8dl
24hamaSlmQiCqIIutADSnb9TVZC9RPr/W9m+TNjlZeNzBIGCnNmeXlF2PHPX2J60
zMB9ux2qEqB36OSUFCoXKQ5AG8MH17E/4QeOQeRu77JFIToYWImTkcjRgmxhgXva
diDF+0f8rWaqJhhNZKT6Do5Rm5rdM5dY8De49cpo7hGe4dkt0EKrIurSMPwa5yco
5MJLTO7J2GPICIw/Xax7AP0hLJcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTT+A8s
Fb9gtfRcAzWHTJ/OhtDmgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWFkYjgzZTYtZmEzNi00N2ZhLWI1YmUtODU2ZmQ3MjQ3ODk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQaDAN
BgkqhkiG9w0BAQsFAAOCAQEArO7sXGRiQmnQujNOizvuobiVvRfNh1OyBi8Hp4go
Zy7umol3NuaqDYpo2Y3r/9ydggXhRbcYDY6Z898R4xuTZy4SsNxBKj7qmaiYZ1Nb
Ohg1tW2P019aolUl2V8qYunS/6Oney7UxuQ1WLKOIoUoPd5/4fm2ZlfQlFVpNcnc
pybnsMFKpHu6G0TrV6FpWkqqFQJwlToqJUNDsNln5unvl7GJpheJ8yFeboreJ7Cp
Qnssb7XRBCAyVm3vkOA8sMzTjcG39/yt5rXBKybOUwC8bxUN42e7UOudcbCPFoh0
t58WFAalBM7veR9aRyl0Y9Acz6U86nDrY7ZI2q55Ta2q5A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:21 2025 by rpki-client