Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
File: c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa (raw, json)
Hash identifier: r2/luJJ++Ule0ra8CZ0XTJHrK13DaiY87c4ZT9OuIAI=
Subject key identifier: D1:FD:A6:21:BD:57:4B:DB:09:6E:63:1F:A8:79:95:0D:3D:3C:E4:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6FB37458DF19FD44218990C62F51C8B63BE45552
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
Signing time: Mon 29 Sep 2025 15:40:05 +0000
ROA not before: Mon 29 Sep 2025 15:40:05 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:b3:74:58:df:19:fd:44:21:89:90:c6:2f:51:c8:b6:3b:e4:55:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:05 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=2af0218759cacdbbdb55239814abd5d9f22dc1f1f28c2fcc5e724d8cd2e034a1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:40:96:ac:05:03:30:27:c6:36:8b:58:74:
eb:e9:20:72:16:55:3e:7d:91:0b:88:16:01:5f:2f:
d5:ed:de:90:25:f3:45:f9:c2:96:9b:59:cf:b1:0d:
55:14:58:c5:8a:0f:aa:a2:d0:02:7b:2f:cd:cf:e2:
ad:68:b5:9a:23:39:cc:89:a3:9f:22:88:fb:ed:51:
a8:e8:1a:1a:37:3d:6d:4f:ec:43:45:f1:99:c9:1f:
d8:2b:02:ea:e6:a4:c0:bf:f1:f6:a4:b5:38:98:b4:
5d:a2:23:89:2b:9a:ed:ad:b9:39:f6:28:e5:31:df:
15:a4:ed:be:b4:41:16:84:87:5e:c4:06:9a:98:1d:
a4:f7:f5:33:e8:1d:96:45:b5:ab:a8:99:35:bf:c7:
bc:fb:df:4e:9b:db:75:be:4b:0e:79:ed:cc:e0:f3:
1e:57:6a:9b:1e:4c:27:6b:7e:29:1a:01:77:dd:62:
3e:01:99:9c:8a:b7:41:3a:92:89:4a:04:f9:de:cb:
de:37:16:0a:75:81:8d:60:ed:39:10:02:09:83:4b:
5b:1b:82:a2:86:56:86:13:f3:1f:1f:35:9f:5f:d9:
f9:68:0b:3f:0c:70:99:59:e3:d2:94:b1:14:7f:ec:
4d:61:b4:4f:7e:5f:89:ca:f8:59:ca:14:53:ff:48:
87:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:FD:A6:21:BD:57:4B:DB:09:6E:63:1F:A8:79:95:0D:3D:3C:E4:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c8fd8c44-7514-40e6-9198-e0b6e37b4c69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.238.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:fc:7b:9f:b9:69:9e:01:36:9b:cb:e8:40:62:96:e1:de:14:
44:44:6c:5f:4b:fd:49:3b:6b:7b:f9:ff:6c:9d:03:f5:8a:1b:
7a:ad:e2:d7:b3:16:64:67:63:1e:db:92:19:38:bc:59:18:a3:
8e:fb:ad:3d:b7:8b:26:db:df:1e:f0:37:d6:fc:0f:bc:15:f9:
f2:f0:de:fd:d1:44:25:20:68:7e:a3:18:0a:71:15:ce:7f:b4:
2e:bc:60:b2:04:b9:c8:8a:54:7a:19:a2:b6:0a:c2:47:f5:fe:
0b:b5:1e:bc:00:db:b3:bd:ac:9a:8e:82:9e:6a:ae:e7:99:65:
9a:70:35:76:56:aa:80:67:7e:02:71:be:58:fb:7e:39:7b:81:
d3:f3:8a:d3:32:ea:cd:3e:b3:64:9a:d1:1a:8a:72:bc:1c:9a:
79:a7:ab:77:f8:d9:db:33:1b:97:95:18:bc:2f:e9:af:35:24:
c6:10:4c:80:06:28:eb:96:4c:ec:db:1a:57:f3:f7:77:ce:aa:
8a:96:69:c5:de:24:eb:9c:a2:3e:cc:c5:6a:03:a3:25:6d:23:
be:d9:b2:1f:5b:28:23:19:eb:1e:f8:1d:73:99:78:ae:f5:65:
54:ae:28:d2:9d:a3:f6:7d:29:1a:bc:51:00:9a:2f:94:bb:ea:
f7:57:3f:4a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb7N0WN8Z/UQhiZDGL1HItjvkVVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMDVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZjAyMTg3NTljYWNkYmJkYjU1MjM5ODE0YWJkNWQ5ZjIyZGMxZjFmMjhj
MmZjYzVlNzI0ZDhjZDJlMDM0YTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlgQJasBQMwJ8Y2i1h06+kgchZVPn2RC4gWAV8v1e3ekCXzRfnClptZz7EN
VRRYxYoPqqLQAnsvzc/irWi1miM5zImjnyKI++1RqOgaGjc9bU/sQ0Xxmckf2CsC
6uakwL/x9qS1OJi0XaIjiSua7a25OfYo5THfFaTtvrRBFoSHXsQGmpgdpPf1M+gd
lkW1q6iZNb/HvPvfTpvbdb5LDnntzODzHldqmx5MJ2t+KRoBd91iPgGZnIq3QTqS
iUoE+d7L3jcWCnWBjWDtORACCYNLWxuCooZWhhPzHx81n1/Z+WgLPwxwmVnj0pSx
FH/sTWG0T35ficr4WcoUU/9Ih+0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTR/aYh
vVdL2wluYx+oeZUNPTzk+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzhmZDhjNDQtNzUxNC00MGU2LTkxOTgtZTBiNmUzN2I0YzY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQ7jAN
BgkqhkiG9w0BAQsFAAOCAQEAq/x7n7lpngE2m8voQGKW4d4URERsX0v9STtre/n/
bJ0D9Yobeq3i17MWZGdjHtuSGTi8WRijjvutPbeLJtvfHvA31vwPvBX58vDe/dFE
JSBofqMYCnEVzn+0LrxgsgS5yIpUehmitgrCR/X+C7UevADbs72smo6Cnmqu55ll
mnA1dlaqgGd+AnG+WPt+OXuB0/OK0zLqzT6zZJrRGopyvByaeaerd/jZ2zMbl5UY
vC/przUkxhBMgAYo65ZM7NsaV/P3d86qipZpxd4k65yiPszFagOjJW0jvtmyH1so
IxnrHvgdc5l4rvVlVK4o0p2j9n0pGrxRAJovlLvq91c/Sg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:59 2025 by rpki-client