Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: vDF/QsF1MnSxiwNa/KkDfb0r01hKoixi+iPkPJSqtRo=
Subject key identifier: A1:8E:2A:53:FA:07:A8:4A:BF:A7:58:97:59:86:6A:BD:D8:25:0E:AD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EE2E63E8C5C8334EE738199B9044793B79DB9F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Fri 26 Sep 2025 20:20:39 +0000
ROA not before: Fri 26 Sep 2025 20:20:39 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:e2:e6:3e:8c:5c:83:34:ee:73:81:99:b9:04:47:93:b7:9d:b9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:39 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=fee2dd9fa56d1ac95cf19fc8599cadc9ee294935aed5867ecc00f3d36205bb21, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:81:c3:c5:0b:09:9b:8c:10:06:f7:ae:6d:d5:
30:9e:15:64:85:9e:95:80:f7:e7:28:d1:ca:bb:d4:
49:f8:25:e1:f2:37:fe:f0:f6:3d:2c:90:cf:8b:01:
5f:71:9c:b6:e3:4a:f3:77:35:95:08:aa:23:57:37:
81:e7:ca:80:b1:ad:90:23:9c:98:11:01:08:b0:b7:
a9:ad:77:60:54:59:f6:42:8f:e3:04:9b:85:67:83:
da:f5:f5:9c:b5:c2:42:cb:7c:a8:b7:e7:1f:bc:c7:
4c:dc:36:bd:f7:d4:f4:fa:23:ec:64:2f:8a:31:62:
f6:e4:13:fc:4a:4d:75:2c:dc:db:67:be:08:d5:9b:
9c:ab:56:2d:3b:29:05:a0:5d:38:0a:f7:a6:72:8a:
69:8e:54:66:8f:26:ad:ce:fc:7e:b6:7f:7d:31:77:
e9:da:31:74:56:69:a9:0b:4f:00:7e:77:1a:2b:71:
12:87:f2:53:44:ff:a9:9b:47:fb:06:d6:9e:68:f1:
70:3e:1b:74:88:ec:ca:48:0a:7e:a9:af:f6:fb:89:
f5:55:4c:8e:14:95:56:24:09:28:96:21:61:37:31:
a8:c3:0c:c1:aa:41:31:01:f6:3d:fe:c9:df:60:32:
1d:b8:4f:0c:b3:3b:fa:16:82:37:b6:94:69:64:05:
41:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8E:2A:53:FA:07:A8:4A:BF:A7:58:97:59:86:6A:BD:D8:25:0E:AD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b9:7e:87:78:73:f5:ca:8b:be:27:32:0e:05:95:d8:ea:44:0c:
ba:49:11:34:64:a4:28:1b:49:f7:96:f8:21:c5:9a:75:07:de:
2e:6a:ea:0f:7c:90:a5:4d:61:81:3f:02:25:6f:43:12:35:16:
d5:9e:32:98:4c:52:34:9a:89:24:0f:21:94:a6:ee:ed:1f:c7:
96:89:3e:ad:8f:c1:4f:f1:19:8d:30:ce:ae:74:9e:c6:7c:ce:
57:03:d2:bc:b6:a8:31:e9:8d:32:38:8b:e6:98:85:89:53:21:
0e:2f:f9:8a:ec:1a:be:5a:ba:65:3b:28:82:61:9c:c9:e8:b1:
ca:d9:38:7b:23:f3:e2:e4:a9:1b:65:ef:fa:d4:4b:82:07:2e:
d1:fe:f7:c7:fb:39:79:88:3a:f1:49:33:83:c6:dd:e5:68:e8:
fb:fe:9f:6a:23:f3:51:95:df:00:d5:e6:09:d9:e8:08:84:e3:
71:9d:a2:95:2b:a6:38:dc:96:bb:22:de:ca:46:a7:a5:db:fc:
01:9f:5e:5b:41:aa:67:23:79:af:05:d6:76:7e:7a:57:66:66:
b9:74:06:33:b5:95:b1:91:d6:2a:71:65:d6:ab:34:91:e7:01:
cf:93:98:a0:d7:ae:5c:b6:51:79:90:74:b5:64:d6:39:93:e9:
ca:37:72:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXuLmPoxcgzTuc4GZuQRHk7edufIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZTJkZDlmYTU2ZDFhYzk1Y2YxOWZjODU5OWNhZGM5ZWUyOTQ5MzVhZWQ1
ODY3ZWNjMDBmM2QzNjIwNWJiMjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2Bw8ULCZuMEAb3rm3VMJ4VZIWelYD35yjRyrvUSfgl4fI3/vD2PSyQz4sB
X3GctuNK83c1lQiqI1c3gefKgLGtkCOcmBEBCLC3qa13YFRZ9kKP4wSbhWeD2vX1
nLXCQst8qLfnH7zHTNw2vffU9Poj7GQvijFi9uQT/EpNdSzc22e+CNWbnKtWLTsp
BaBdOAr3pnKKaY5UZo8mrc78frZ/fTF36doxdFZpqQtPAH53GitxEofyU0T/qZtH
+wbWnmjxcD4bdIjsykgKfqmv9vuJ9VVMjhSVViQJKJYhYTcxqMMMwapBMQH2Pf7J
32AyHbhPDLM7+haCN7aUaWQFQZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBShjipT
+geoSr+nWJdZhmq92CUOrTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQC5fod4c/XKi74nMg4FldjqRAy6SRE0ZKQoG0n3lvgh
xZp1B94uauoPfJClTWGBPwIlb0MSNRbVnjKYTFI0mokkDyGUpu7tH8eWiT6tj8FP
8RmNMM6udJ7GfM5XA9K8tqgx6Y0yOIvmmIWJUyEOL/mK7Bq+WrplOyiCYZzJ6LHK
2Th7I/Pi5KkbZe/61EuCBy7R/vfH+zl5iDrxSTODxt3laOj7/p9qI/NRld8A1eYJ
2egIhONxnaKVK6Y43Ja7It7KRqel2/wBn15bQapnI3mvBdZ2fnpXZma5dAYztZWx
kdYqcWXWqzSR5wHPk5ig165ctlF5kHS1ZNY5k+nKN3LF
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:58:36 2025 by rpki-client