Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: vPcdwzGZmtRIP0acnxWYF4rBeilEKq6MsxYJuMr73yo=
Subject key identifier: FC:2C:D8:6E:89:A5:B5:77:D0:BF:FB:AC:A2:99:5E:22:47:9A:E3:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62437746790699D2E0146C925C1097FB775448B7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Fri 26 Sep 2025 20:39:50 +0000
ROA not before: Fri 26 Sep 2025 20:39:50 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:43:77:46:79:06:99:d2:e0:14:6c:92:5c:10:97:fb:77:54:48:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:50 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7c231dfa75d5a7c5f2a2317a1bcd55d0f7a98faab22d36928378b4963bdae290, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:84:fe:33:d1:96:f8:c7:23:a8:d9:7a:72:e4:
21:3d:0c:14:bc:82:99:aa:ea:93:ee:c6:f7:a5:6c:
df:aa:35:58:18:2b:0d:76:72:38:b6:89:9b:e2:f3:
1f:d2:62:3b:4d:b8:d3:97:33:3f:d2:3f:78:b8:6d:
7a:de:85:07:13:46:f4:3b:6e:4f:40:a8:ad:41:1e:
aa:db:4c:fe:b5:00:86:54:d3:64:6d:6f:41:9b:76:
6d:f4:ba:69:64:18:4a:77:9d:66:bd:c1:48:70:06:
cd:cb:6d:4c:75:db:96:91:a8:a3:23:b1:0f:06:d9:
db:d8:13:23:5d:7c:4c:6c:e7:01:a0:35:8e:52:d3:
d3:ba:14:65:86:9d:c6:31:37:f0:8b:4b:62:e2:a6:
72:29:9a:80:1f:0f:f8:ef:2c:c7:94:67:56:ef:94:
74:e7:b8:9a:f0:d3:6a:a4:ac:bf:07:4b:7b:4d:aa:
35:a5:0e:9c:71:c8:47:7f:dd:7a:e4:03:8e:a9:6b:
3a:15:af:3b:3f:c0:a4:9a:40:f3:43:d0:b6:33:e7:
9c:51:25:cf:01:6b:42:88:60:2a:0f:c0:fa:1d:02:
99:3d:7d:b3:f0:52:28:2b:c7:30:3d:b8:89:a0:69:
17:93:51:1e:1c:0f:98:ac:8d:eb:38:14:59:43:15:
da:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:2C:D8:6E:89:A5:B5:77:D0:BF:FB:AC:A2:99:5E:22:47:9A:E3:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:a9:4c:ef:41:c9:b1:f3:02:07:3e:27:3e:fe:1a:92:72:bf:
63:f2:21:19:7a:02:cd:72:54:2f:8c:9b:5a:d6:83:51:bd:64:
f5:61:11:36:e9:56:dc:f1:4a:65:32:31:79:a0:3d:f7:49:33:
cc:bc:b0:b9:77:db:66:ab:45:77:94:ca:83:0a:a9:f4:8e:27:
69:08:dd:21:0b:5d:42:dc:a2:d2:0a:72:5c:20:83:c0:9a:38:
0f:bc:4f:b7:9e:a3:e7:71:a3:b8:b3:a3:d5:41:83:a6:4c:21:
f2:b7:7e:c5:dd:98:7e:04:53:b0:00:86:ad:aa:de:d5:8c:e9:
29:12:08:6e:5c:78:36:a4:74:2f:c5:91:aa:31:a1:26:2f:30:
5b:d6:53:7a:6b:ba:a6:3e:ff:b3:89:c7:47:5f:a0:cb:13:c7:
22:d9:30:d3:a8:bd:ad:ba:28:10:d8:25:d3:84:8e:e4:e9:80:
56:14:c7:a6:dc:d5:ca:0f:6e:1a:98:cb:0f:e8:ac:88:5b:6d:
d2:e6:cd:da:a4:a2:8c:94:1d:52:d3:bb:5d:e0:00:90:f8:21:
3f:e4:e2:af:9e:6d:27:6a:3d:da:3f:97:cd:88:32:63:3f:8f:
3a:fb:00:56:94:f8:bf:e1:bb:e7:49:83:07:fa:65:97:15:bf:
cd:fb:ef:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYkN3RnkGmdLgFGySXBCX+3dUSLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjMjMxZGZhNzVkNWE3YzVmMmEyMzE3YTFiY2Q1NWQwZjdhOThmYWFiMjJk
MzY5MjgzNzhiNDk2M2JkYWUyOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGE/jPRlvjHI6jZenLkIT0MFLyCmarqk+7G96Vs36o1WBgrDXZyOLaJm+Lz
H9JiO02405czP9I/eLhtet6FBxNG9DtuT0CorUEeqttM/rUAhlTTZG1vQZt2bfS6
aWQYSnedZr3BSHAGzcttTHXblpGooyOxDwbZ29gTI118TGznAaA1jlLT07oUZYad
xjE38ItLYuKmcimagB8P+O8sx5RnVu+UdOe4mvDTaqSsvwdLe02qNaUOnHHIR3/d
euQDjqlrOhWvOz/ApJpA80PQtjPnnFElzwFrQohgKg/A+h0CmT19s/BSKCvHMD24
iaBpF5NRHhwPmKyN6zgUWUMV2iMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8LNhu
iaW1d9C/+6yimV4iR5rjgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQBCqUzvQcmx8wIHPic+/hqScr9j8iEZegLNclQvjJta
1oNRvWT1YRE26Vbc8UplMjF5oD33STPMvLC5d9tmq0V3lMqDCqn0jidpCN0hC11C
3KLSCnJcIIPAmjgPvE+3nqPncaO4s6PVQYOmTCHyt37F3Zh+BFOwAIatqt7VjOkp
EghuXHg2pHQvxZGqMaEmLzBb1lN6a7qmPv+zicdHX6DLE8ci2TDTqL2tuigQ2CXT
hI7k6YBWFMem3NXKD24amMsP6KyIW23S5s3apKKMlB1S07td4ACQ+CE/5OKvnm0n
aj3aP5fNiDJjP486+wBWlPi/4bvnSYMH+mWXFb/N++9k
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:39:47 2025 by rpki-client