Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: l0tsFhtxGzou8voCxf0bzLk2xGM9hGLb1LjeHEmRRzs=
Subject key identifier: 3B:07:97:DD:1D:84:F3:CF:40:94:A3:55:E3:C9:AF:D8:8C:4B:84:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52E47DE67C878801368F9E33E496F765B36BEF4C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Mon 06 Oct 2025 18:10:34 +0000
ROA not before: Mon 06 Oct 2025 18:10:34 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:e4:7d:e6:7c:87:88:01:36:8f:9e:33:e4:96:f7:65:b3:6b:ef:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:34 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=5ed0b66e55e213e438c81bda95fe5a8017c1636336d8543f9eb7e57077923aa6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8b:3d:0b:3f:51:61:fc:46:93:4f:03:e7:55:
a2:d9:de:59:e8:92:bf:bc:31:9c:32:c0:fe:d0:3e:
aa:2c:8a:eb:14:10:e6:00:90:26:22:f5:a0:31:ae:
0f:1d:8d:43:f4:94:94:6a:dd:1a:3a:57:4e:ed:1f:
56:c2:6d:18:00:70:5e:64:bf:9d:a5:62:60:df:f2:
42:7d:e9:0d:0e:a0:d4:40:30:36:a4:07:03:ca:7f:
e0:4f:6d:17:64:37:b5:c8:1b:95:27:32:c8:71:a2:
1b:77:ca:fc:c7:dd:4d:a4:60:d8:fb:32:dc:a7:2b:
2b:16:61:af:4c:58:13:83:2f:28:03:1c:6c:8b:8a:
9a:45:9b:58:53:8c:3a:a1:b1:15:b8:a8:0e:35:bd:
6e:82:49:3a:05:15:5b:ef:70:46:5d:fd:01:4c:1f:
23:3e:7f:56:f0:1b:f8:37:a6:e8:d8:9c:a7:31:ae:
89:83:05:cc:1b:f0:27:12:eb:8a:32:9f:0d:a7:f9:
2c:ac:6a:35:4e:c0:ff:eb:ee:56:70:b0:26:21:b3:
c3:c2:dc:97:df:b7:85:a0:b2:f7:7b:da:9a:68:72:
09:97:c6:74:62:8f:9c:09:04:1e:ed:76:ed:5d:32:
91:de:b4:f2:0f:63:4a:6f:a9:1b:76:8a:4b:63:e3:
99:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:07:97:DD:1D:84:F3:CF:40:94:A3:55:E3:C9:AF:D8:8C:4B:84:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d7:11:08:a1:31:90:3a:b4:1f:fc:7f:cd:93:e6:b9:62:c6:8d:
b4:5e:6c:d4:94:e3:df:b5:83:13:35:c1:97:86:38:b2:75:b7:
68:ed:a8:e7:16:2e:9b:46:db:bd:c8:f8:72:4b:f3:74:91:7a:
c6:1e:95:e7:67:e4:cf:71:05:78:88:fb:60:dc:e8:e3:88:c8:
b5:b7:59:60:c8:ae:6e:e3:04:74:c1:7b:ef:ad:bd:00:bd:43:
2e:fc:06:5b:3c:11:c4:1f:33:5c:31:6a:1b:e8:44:2f:8e:c9:
0b:0d:d6:a8:2c:9b:98:a9:db:73:e9:cd:1e:a2:50:a4:30:79:
ed:2b:9d:a7:b0:94:5d:b2:9d:e1:59:b0:18:18:3b:80:c3:04:
ea:5e:c3:da:57:2f:01:ae:fd:4f:e3:d6:91:e7:4c:87:87:2c:
b4:81:c3:cf:0f:42:f7:2c:11:70:99:dd:3c:81:c9:91:7b:16:
be:64:b6:2c:42:71:bf:e0:e6:d1:3e:4a:2d:3a:53:50:83:80:
1c:59:2e:39:a0:3c:1c:06:68:87:41:59:c8:11:00:bd:a6:ea:
40:5d:83:6b:06:4d:5c:c5:68:04:3e:b7:0d:c0:53:59:a9:76:
a6:9e:1e:2e:ec:ab:cb:f1:2d:36:0c:1e:47:6e:da:c9:11:93:
d9:00:3b:74
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUuR95nyHiAE2j54z5Jb3ZbNr70wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlZDBiNjZlNTVlMjEzZTQzOGM4MWJkYTk1ZmU1YTgwMTdjMTYzNjMzNmQ4
NTQzZjllYjdlNTcwNzc5MjNhYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqLPQs/UWH8RpNPA+dVotneWeiSv7wxnDLA/tA+qiyK6xQQ5gCQJiL1oDGu
Dx2NQ/SUlGrdGjpXTu0fVsJtGABwXmS/naViYN/yQn3pDQ6g1EAwNqQHA8p/4E9t
F2Q3tcgblScyyHGiG3fK/MfdTaRg2Psy3KcrKxZhr0xYE4MvKAMcbIuKmkWbWFOM
OqGxFbioDjW9boJJOgUVW+9wRl39AUwfIz5/VvAb+Dem6NicpzGuiYMFzBvwJxLr
ijKfDaf5LKxqNU7A/+vuVnCwJiGzw8Lcl9+3haCy93vammhyCZfGdGKPnAkEHu12
7V0ykd608g9jSm+pG3aKS2PjmV0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ7B5fd
HYTzz0CUo1Xjya/YjEuE1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQDXEQihMZA6tB/8f82T5rlixo20XmzUlOPftYMTNcGX
hjiydbdo7ajnFi6bRtu9yPhyS/N0kXrGHpXnZ+TPcQV4iPtg3OjjiMi1t1lgyK5u
4wR0wXvvrb0AvUMu/AZbPBHEHzNcMWob6EQvjskLDdaoLJuYqdtz6c0eolCkMHnt
K52nsJRdsp3hWbAYGDuAwwTqXsPaVy8Brv1P49aR50yHhyy0gcPPD0L3LBFwmd08
gcmRexa+ZLYsQnG/4ObRPkotOlNQg4AcWS45oDwcBmiHQVnIEQC9pupAXYNrBk1c
xWgEPrcNwFNZqXamnh4u7KvL8S02DB5HbtrJEZPZADt0
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:47 2025 by rpki-client