Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: 69LXs95DTZBwkjfjmVcQ5mb6hy1izohKNI2XZgTe/EQ=
Subject key identifier: F0:50:6C:27:BD:6F:5D:92:9A:B7:01:B4:71:8B:E0:C8:EA:D0:A0:E9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37920CECD41D3464385FA2495DF16EF24E767CAE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Fri 26 Sep 2025 20:20:14 +0000
ROA not before: Fri 26 Sep 2025 20:20:14 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:92:0c:ec:d4:1d:34:64:38:5f:a2:49:5d:f1:6e:f2:4e:76:7c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:14 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=13a6e651edc1c00e382534ef3ff00b1269a03bbb4ede126c58d26b7fd169cd20, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:9b:95:c1:46:03:e2:c0:73:fe:94:06:28:
75:1c:5b:bc:93:4b:0c:63:b6:0f:5d:7a:db:c7:74:
a0:f8:63:89:04:47:22:0f:3a:9c:51:5c:b0:2d:fd:
9e:66:40:fc:fc:b7:29:e8:86:42:0d:37:cf:73:83:
c7:0b:85:53:a2:80:82:3d:f8:61:22:29:24:61:2a:
33:92:82:c9:ce:25:65:f5:c0:19:33:7d:bd:3a:0b:
ac:08:e3:b7:82:97:cf:f8:bc:5c:0e:ba:75:e4:13:
1d:32:a2:39:64:74:1b:d5:47:17:ce:9b:ea:eb:b3:
cd:0e:e4:1c:4d:e6:d4:d3:4b:b4:2c:08:2d:e0:a9:
3e:f2:50:46:69:ad:81:73:05:5a:f4:c8:73:d9:e1:
23:d6:17:d1:dc:6a:64:d6:20:94:d1:5c:ed:bb:d2:
c7:ff:39:2e:5a:c0:b7:bf:55:ec:d2:91:3b:9e:e6:
1a:87:fd:24:a7:20:c9:97:3a:75:58:6b:c3:ec:12:
ce:0b:f8:bf:ed:14:6e:03:5a:0a:22:43:dc:8d:16:
a2:5b:8f:75:19:19:fc:2e:40:d7:d5:6d:e6:9a:9f:
0e:84:ca:98:06:77:d4:cb:50:9a:7c:22:29:2a:5f:
2b:62:83:28:d4:62:12:e6:84:70:61:97:78:ad:22:
02:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:50:6C:27:BD:6F:5D:92:9A:B7:01:B4:71:8B:E0:C8:EA:D0:A0:E9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
29:6b:8f:73:94:71:f2:50:d4:6f:e1:37:22:83:4f:fd:42:f7:
54:41:27:f0:5e:3c:5d:5d:82:1b:be:f5:be:f1:2b:67:c2:24:
9c:f4:b5:b2:b7:04:ed:6d:7b:aa:f7:84:d3:2e:d6:70:aa:c7:
d7:35:3b:aa:08:5a:ad:6f:be:a5:43:cf:96:c4:b0:04:f5:ff:
fb:65:8d:7b:4a:f4:8f:09:6f:fe:fe:66:28:7f:d4:69:e9:ec:
29:00:9f:c8:1d:c2:81:a9:70:ed:ae:ea:b0:81:cf:5d:f4:97:
e1:5e:3e:b2:b4:ac:cd:41:fd:ac:c4:db:52:cd:04:46:5a:28:
8b:a0:49:e1:81:56:37:5e:ef:35:1f:84:1f:1a:95:bb:83:a0:
0f:01:0e:09:68:41:88:43:f1:ea:08:50:b2:2d:15:35:a9:6d:
f4:bb:18:6f:ba:06:65:69:8a:2f:46:ee:dc:bb:7c:63:26:62:
ad:cb:fb:35:10:e4:ed:cf:45:e1:eb:a6:ab:21:4a:e3:44:b9:
9f:ed:76:68:de:39:4a:53:24:8a:42:2a:6f:ce:40:16:f0:33:
3b:2f:d4:2d:d6:a7:25:19:e1:4f:b0:6f:95:61:2a:50:ab:23:
6c:ec:90:e6:1c:92:96:57:7e:ec:3d:06:bf:8d:f8:65:4d:91:
1f:05:92:61
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN5IM7NQdNGQ4X6JJXfFu8k52fK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMTRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzYTZlNjUxZWRjMWMwMGUzODI1MzRlZjNmZjAwYjEyNjlhMDNiYmI0ZWRl
MTI2YzU4ZDI2YjdmZDE2OWNkMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/om5XBRgPiwHP+lAYodRxbvJNLDGO2D11628d0oPhjiQRHIg86nFFcsC39
nmZA/Py3KeiGQg03z3ODxwuFU6KAgj34YSIpJGEqM5KCyc4lZfXAGTN9vToLrAjj
t4KXz/i8XA66deQTHTKiOWR0G9VHF86b6uuzzQ7kHE3m1NNLtCwILeCpPvJQRmmt
gXMFWvTIc9nhI9YX0dxqZNYglNFc7bvSx/85LlrAt79V7NKRO57mGof9JKcgyZc6
dVhrw+wSzgv4v+0UbgNaCiJD3I0WoluPdRkZ/C5A19Vt5pqfDoTKmAZ31MtQmnwi
KSpfK2KDKNRiEuaEcGGXeK0iAnsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwUGwn
vW9dkpq3AbRxi+DI6tCg6TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQApa49zlHHyUNRv4Tcig0/9QvdUQSfwXjxdXYIbvvW+
8StnwiSc9LWytwTtbXuq94TTLtZwqsfXNTuqCFqtb76lQ8+WxLAE9f/7ZY17SvSP
CW/+/mYof9Rp6ewpAJ/IHcKBqXDtruqwgc9d9JfhXj6ytKzNQf2sxNtSzQRGWiiL
oEnhgVY3Xu81H4QfGpW7g6APAQ4JaEGIQ/HqCFCyLRU1qW30uxhvugZlaYovRu7c
u3xjJmKty/s1EOTtz0Xh66arIUrjRLmf7XZo3jlKUySKQipvzkAW8DM7L9Qt1qcl
GeFPsG+VYSpQqyNs7JDmHJKWV37sPQa/jfhlTZEfBZJh
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:03 2025 by rpki-client