Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
File: af8582f5-d209-4e12-aacf-31186289c430.roa (raw, json)
Hash identifier: MTmSz77FyKBboP7I1P0NTyDwbIEW6CyE2dEKuICScpk=
Subject key identifier: 66:B4:0A:F9:90:39:BA:8F:FA:AD:C8:6F:1A:BE:77:E2:15:03:DE:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 756238DA03ED5A0F8DBCB7191A88E6E5D6575110
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
Signing time: Fri 26 Sep 2025 20:20:46 +0000
ROA not before: Fri 26 Sep 2025 20:20:46 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:62:38:da:03:ed:5a:0f:8d:bc:b7:19:1a:88:e6:e5:d6:57:51:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:46 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=10639d57fa4f1a968845979e4c19c90db9eb903c1ecaa6b9080487616a78853b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:54:24:8a:ba:3e:98:67:27:56:67:68:0e:4a:
1a:e9:14:92:5d:5d:96:96:b9:be:4e:ed:7b:43:84:
1a:e2:66:53:76:6c:1a:a4:1f:8d:b4:ee:f8:1e:6e:
bb:e4:2a:c7:6d:e5:73:32:61:d5:dc:a3:0c:97:7c:
86:7f:d3:4b:0d:16:b9:08:40:e8:3b:c4:b4:5c:a3:
8e:0d:b5:06:da:64:2a:87:6d:91:7c:fc:a8:92:ab:
61:6a:af:89:d8:87:b1:2d:0b:16:c9:a3:d8:24:26:
92:a2:11:3c:d8:95:b9:16:e4:0c:ac:10:ca:d9:0b:
9a:cb:9f:92:85:67:7b:d6:15:3c:90:00:2d:f9:ac:
a6:7c:c9:8c:2a:fa:44:58:39:f4:10:cc:b6:35:a1:
32:8c:be:52:d6:e0:93:a3:5a:f9:4e:6b:11:a2:49:
94:c8:83:f2:48:b9:b2:7f:9e:16:ec:ff:bf:9d:4d:
b1:be:f6:62:b2:99:85:25:91:5e:40:f5:f7:50:bd:
29:1c:26:41:32:d6:bb:95:47:87:71:2f:fc:9e:5c:
7d:28:e5:ad:44:cd:f2:fe:27:e4:01:76:33:97:95:
60:09:66:39:2c:d5:02:cf:85:21:28:c0:2b:33:1c:
74:82:cf:b3:4f:9a:3f:91:ba:9d:04:ae:d9:50:87:
5e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B4:0A:F9:90:39:BA:8F:FA:AD:C8:6F:1A:BE:77:E2:15:03:DE:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/af8582f5-d209-4e12-aacf-31186289c430.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
81:1b:a2:04:00:c8:73:e6:8d:ae:7e:f2:bd:7e:be:c3:4c:af:
ed:21:37:04:e5:2c:64:12:31:40:5a:32:94:e1:5a:cf:f8:02:
d1:ce:14:83:66:f0:0b:b1:78:9f:2b:f7:1e:0c:9c:5d:ad:b2:
e5:7e:43:d3:11:81:90:e2:69:49:e6:ea:eb:5c:44:a3:f8:17:
57:e4:d1:8e:58:60:9e:87:3d:b5:e2:08:ad:88:f7:66:33:37:
22:c0:6f:ec:47:61:c2:99:db:3f:29:e1:a9:3c:92:3f:70:25:
93:c6:e1:b2:c3:e5:d5:eb:28:c9:5b:ee:af:2b:63:30:05:87:
1b:d8:6d:57:93:3a:93:0d:2f:c9:cb:f6:93:36:4e:29:cf:93:
4d:dc:50:91:f9:7e:3a:cb:53:3b:d7:a4:1c:ba:23:ed:8b:16:
5d:a3:ba:bb:9f:1d:91:3a:61:2f:d1:12:f6:9a:b4:56:e4:0f:
a9:39:5d:ad:dc:fc:32:3a:49:79:e5:94:82:9e:58:70:58:75:
5f:2e:3d:d3:68:bc:0f:00:21:e7:9c:ee:1d:84:06:21:ce:c8:
f5:36:e4:53:75:ec:69:36:fc:53:be:c3:37:be:d3:d1:56:cc:
ed:98:1e:37:86:da:e9:1b:ac:3b:a3:28:65:68:bf:65:e4:bb:
77:16:67:b2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdWI42gPtWg+NvLcZGojm5dZXURAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwNjM5ZDU3ZmE0ZjFhOTY4ODQ1OTc5ZTRjMTljOTBkYjllYjkwM2MxZWNh
YTZiOTA4MDQ4NzYxNmE3ODg1M2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNUJIq6PphnJ1ZnaA5KGukUkl1dlpa5vk7te0OEGuJmU3ZsGqQfjbTu+B5u
u+Qqx23lczJh1dyjDJd8hn/TSw0WuQhA6DvEtFyjjg21BtpkKodtkXz8qJKrYWqv
idiHsS0LFsmj2CQmkqIRPNiVuRbkDKwQytkLmsufkoVne9YVPJAALfmspnzJjCr6
RFg59BDMtjWhMoy+Utbgk6Na+U5rEaJJlMiD8ki5sn+eFuz/v51Nsb72YrKZhSWR
XkD191C9KRwmQTLWu5VHh3Ev/J5cfSjlrUTN8v4n5AF2M5eVYAlmOSzVAs+FISjA
KzMcdILPs0+aP5G6nQSu2VCHXhMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmtAr5
kDm6j/qtyG8avnfiFQPetzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWY4NTgyZjUtZDIwOS00ZTEyLWFhY2YtMzExODYyODljNDMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQCBG6IEAMhz5o2ufvK9fr7DTK/tITcE5SxkEjFAWjKU
4VrP+ALRzhSDZvALsXifK/ceDJxdrbLlfkPTEYGQ4mlJ5urrXESj+BdX5NGOWGCe
hz214gitiPdmMzciwG/sR2HCmds/KeGpPJI/cCWTxuGyw+XV6yjJW+6vK2MwBYcb
2G1XkzqTDS/Jy/aTNk4pz5NN3FCR+X46y1M716QcuiPtixZdo7q7nx2ROmEv0RL2
mrRW5A+pOV2t3PwyOkl55ZSCnlhwWHVfLj3TaLwPACHnnO4dhAYhzsj1NuRTdexp
NvxTvsM3vtPRVsztmB43htrpG6w7oyhlaL9l5Lt3Fmey
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:16 2025 by rpki-client