Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
File: d51a4935-8601-4ebd-a099-1d61b0a661b3.roa (raw, json)
Hash identifier: dreAVpFUZIxDAaQyfUSWHXooLY1kObet0/KdV+v2ts4=
Subject key identifier: 8A:4E:1A:AF:83:C9:A2:25:6B:0A:6A:0C:79:FE:9E:B3:FE:3B:7C:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 023A9C2D39BFA83FE6F3CF0AB8EAA5CF644FF6A5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
Signing time: Fri 26 Sep 2025 20:20:50 +0000
ROA not before: Fri 26 Sep 2025 20:20:50 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:3a:9c:2d:39:bf:a8:3f:e6:f3:cf:0a:b8:ea:a5:cf:64:4f:f6:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:50 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=b18e42510b0d3237bd824efe0bdaf425becd1127e0fac77d4cdb67b9d6dac817, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:54:c2:f8:5b:12:8e:fd:16:92:e9:61:90:c3:
55:af:cc:5b:87:84:29:88:c6:73:90:cb:e1:a6:14:
b7:61:db:1e:3a:21:d2:53:58:11:74:a1:42:65:89:
b9:31:7c:8f:e3:12:ad:d7:55:f5:4e:31:b2:b8:48:
18:e6:f8:60:14:8d:98:2e:76:7f:0e:d9:0c:33:1c:
2d:1c:9f:d8:88:20:cc:fa:da:a8:8d:da:e4:94:1f:
09:51:33:8b:22:cb:13:ea:e2:ad:2b:83:6f:fa:ac:
aa:3a:82:4c:c0:9e:cc:3d:20:29:d7:6c:92:22:6a:
f3:a2:65:b1:95:13:ea:38:87:4f:29:64:14:8c:5f:
9e:ad:ac:d2:0c:d2:08:4a:b7:2b:51:2b:1a:47:e7:
9c:39:19:16:87:1a:10:fe:e2:25:90:ae:59:06:78:
84:d3:68:ee:7e:43:cb:83:ee:b6:aa:fd:5a:03:8c:
3c:f2:ef:d8:dc:1c:a9:37:42:07:9a:5d:e1:3f:16:
e4:c6:61:2f:a4:61:6e:fc:59:f3:eb:d6:ab:51:1c:
98:76:e1:94:f6:83:9a:38:18:67:45:5c:a5:43:ab:
2c:e7:5e:dc:15:be:7e:8a:78:37:72:84:08:4f:03:
7d:c6:f5:ff:e7:94:d7:b8:59:7e:d6:48:db:c1:b1:
64:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4E:1A:AF:83:C9:A2:25:6B:0A:6A:0C:79:FE:9E:B3:FE:3B:7C:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d51a4935-8601-4ebd-a099-1d61b0a661b3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:c2:c0:b0:48:36:c1:4e:79:54:3e:64:30:d3:df:8a:c1:78:
de:68:ec:70:0d:0b:11:f9:b8:25:02:a4:82:b7:12:4b:e7:46:
dd:3d:3f:4f:ba:1d:76:0a:24:ef:0a:28:99:23:06:25:a3:ce:
39:04:8d:92:33:af:b0:af:c5:93:a5:20:a2:bd:05:db:9e:1c:
78:50:36:90:6d:5d:14:16:80:fb:17:d0:f4:90:24:c0:12:99:
3b:06:54:ba:1e:00:a8:db:1b:d0:32:fe:da:46:50:28:bc:24:
99:fe:09:36:19:6b:89:95:01:f8:21:a3:30:b2:02:5c:e9:d0:
53:14:3a:fb:02:a0:62:38:34:f1:35:19:45:e4:a7:6a:5b:e6:
c2:cc:83:97:2a:c1:08:c5:3c:25:0b:b1:43:23:14:4c:4a:2b:
1a:5f:57:2e:a1:9e:59:3b:18:58:68:21:77:49:ae:fc:0f:54:
90:e3:dc:ad:81:ae:4d:f0:16:e2:e1:61:97:6c:85:4d:1e:82:
9b:71:60:cc:23:8e:27:47:00:1b:f7:c3:29:f8:00:cf:7a:62:
88:44:ee:53:79:72:96:0a:59:ff:57:b6:b9:48:a0:58:69:9f:
83:bd:3a:7b:51:78:06:47:06:55:ea:57:be:64:b3:22:32:24:
f6:0b:e0:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAjqcLTm/qD/m888KuOqlz2RP9qUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxOGU0MjUxMGIwZDMyMzdiZDgyNGVmZTBiZGFmNDI1YmVjZDExMjdlMGZh
Yzc3ZDRjZGI2N2I5ZDZkYWM4MTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJFUwvhbEo79FpLpYZDDVa/MW4eEKYjGc5DL4aYUt2HbHjoh0lNYEXShQmWJ
uTF8j+MSrddV9U4xsrhIGOb4YBSNmC52fw7ZDDMcLRyf2IggzPraqI3a5JQfCVEz
iyLLE+rirSuDb/qsqjqCTMCezD0gKddskiJq86JlsZUT6jiHTylkFIxfnq2s0gzS
CEq3K1ErGkfnnDkZFocaEP7iJZCuWQZ4hNNo7n5Dy4Putqr9WgOMPPLv2NwcqTdC
B5pd4T8W5MZhL6RhbvxZ8+vWq1EcmHbhlPaDmjgYZ0VcpUOrLOde3BW+fop4N3KE
CE8Dfcb1/+eU17hZftZI28GxZFcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKThqv
g8miJWsKagx5/p6z/jt81TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDUxYTQ5MzUtODYwMS00ZWJkLWEwOTktMWQ2MWIwYTY2MWIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQBBwsCwSDbBTnlUPmQw09+KwXjeaOxwDQsR+bglAqSC
txJL50bdPT9Puh12CiTvCiiZIwYlo845BI2SM6+wr8WTpSCivQXbnhx4UDaQbV0U
FoD7F9D0kCTAEpk7BlS6HgCo2xvQMv7aRlAovCSZ/gk2GWuJlQH4IaMwsgJc6dBT
FDr7AqBiODTxNRlF5KdqW+bCzIOXKsEIxTwlC7FDIxRMSisaX1cuoZ5ZOxhYaCF3
Sa78D1SQ49ytga5N8Bbi4WGXbIVNHoKbcWDMI44nRwAb98Mp+ADPemKIRO5TeXKW
Cln/V7a5SKBYaZ+DvTp7UXgGRwZV6le+ZLMiMiT2C+Cx
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:39 2025 by rpki-client