Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
File: de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa (raw, json)
Hash identifier: lyNfLRHlHrw2zbCWWAmxARIzpHsXccdImPwmyMP3FOo=
Subject key identifier: 41:6F:A3:31:5F:0D:26:D0:AD:D9:55:27:BF:0F:98:D9:26:45:37:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3307EDD2F375AD7C4D1C1E04A0843053384D70D0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
Signing time: Fri 26 Sep 2025 20:39:47 +0000
ROA not before: Fri 26 Sep 2025 20:39:47 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:07:ed:d2:f3:75:ad:7c:4d:1c:1e:04:a0:84:30:53:38:4d:70:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:47 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=01888f69a61ddaeb71a1ba13e114971a7f56838b10d366f309769b8c56a184aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:92:91:60:7e:80:ea:6a:cd:a2:d7:97:72:24:
5f:56:51:7a:95:92:b9:94:b9:3a:09:80:69:59:cb:
66:7c:0c:c0:e8:7c:38:38:fd:e8:9f:3e:fd:70:c8:
c2:c6:a4:97:b3:f0:95:33:18:62:90:7f:09:55:5a:
c7:13:a0:1f:4f:85:1a:2c:c4:18:2c:fd:ee:0a:32:
1d:26:ca:fe:27:cd:d7:e9:07:81:56:32:16:4d:d6:
a3:0a:f7:49:4f:09:11:d5:ad:ca:f0:76:ec:b2:1b:
65:f5:7c:87:1f:04:14:c0:b1:67:04:3e:84:85:a1:
87:fa:8e:17:87:69:ed:f3:54:3b:dd:7f:53:92:87:
b3:4c:04:ac:2b:70:54:46:d7:8f:43:0a:e7:3f:46:
6d:d5:fd:9a:9e:c1:86:43:1c:ed:be:c3:f1:06:cb:
e1:ae:23:18:a4:5a:a6:dd:61:98:4c:82:af:75:e7:
2b:55:d9:65:eb:5f:b2:0d:e6:ea:cc:d9:41:ec:ee:
bc:11:41:ac:07:cc:e8:7c:c9:5d:44:eb:d4:00:d2:
ff:90:97:53:cd:49:12:d1:e4:a2:eb:94:5f:b6:c7:
2c:bf:f7:18:a4:dc:85:26:4d:fe:bb:b8:1b:80:46:
1a:f6:10:8c:44:a4:90:d1:0b:d8:f9:7b:ec:b9:86:
79:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:6F:A3:31:5F:0D:26:D0:AD:D9:55:27:BF:0F:98:D9:26:45:37:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de83ab0d-730e-4ba0-9d22-af2c8b7fd8f7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:48:51:0b:3e:5a:a7:0a:55:db:e0:cd:a3:47:79:d8:3c:61:
f7:c7:a7:44:40:32:53:6d:63:43:0f:df:6b:dc:47:5c:51:8b:
72:51:06:3a:6a:92:ae:67:ea:66:46:7d:cb:48:a5:ed:05:27:
76:2f:b4:eb:2b:fd:44:b8:76:31:ec:98:cd:70:1d:86:c6:d3:
67:8e:8b:ee:0b:f6:92:22:42:e1:08:68:fe:74:19:ab:ca:5c:
c4:90:82:60:2e:a5:0d:c5:4f:c0:d3:f2:62:c7:ab:d6:71:5f:
da:f4:45:d4:10:0a:40:66:97:a7:b1:5a:38:a7:02:33:ba:72:
c3:bf:ec:a5:af:df:af:9b:40:73:89:ef:13:7d:2a:ff:b9:23:
9c:6c:86:62:84:3c:ae:88:46:73:ee:ee:ce:83:e7:3b:85:93:
a3:ae:4c:c2:75:c8:73:6e:26:1f:9a:f6:92:5e:70:1b:5a:e3:
f5:24:8f:88:20:6f:13:03:7b:96:ea:97:86:67:e3:23:7c:91:
e5:45:1e:1b:28:4b:f6:ae:35:7a:17:f7:ee:e7:8b:e5:20:d5:
7e:3b:2e:a5:90:ee:95:71:6e:79:6b:aa:09:19:1b:ff:b1:4d:
16:9d:e5:eb:da:4f:43:51:7a:19:fe:61:5c:61:70:df:fc:ce:
e5:aa:89:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMwft0vN1rXxNHB4EoIQwUzhNcNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxODg4ZjY5YTYxZGRhZWI3MWExYmExM2UxMTQ5NzFhN2Y1NjgzOGIxMGQz
NjZmMzA5NzY5YjhjNTZhMTg0YWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSSkWB+gOpqzaLXl3IkX1ZRepWSuZS5OgmAaVnLZnwMwOh8ODj96J8+/XDI
wsakl7PwlTMYYpB/CVVaxxOgH0+FGizEGCz97goyHSbK/ifN1+kHgVYyFk3Wowr3
SU8JEdWtyvB27LIbZfV8hx8EFMCxZwQ+hIWhh/qOF4dp7fNUO91/U5KHs0wErCtw
VEbXj0MK5z9GbdX9mp7BhkMc7b7D8QbL4a4jGKRapt1hmEyCr3XnK1XZZetfsg3m
6szZQezuvBFBrAfM6HzJXUTr1ADS/5CXU81JEtHkouuUX7bHLL/3GKTchSZN/ru4
G4BGGvYQjESkkNEL2Pl77LmGeWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRBb6Mx
Xw0m0K3ZVSe/D5jZJkU3qDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGU4M2FiMGQtNzMwZS00YmEwLTlkMjItYWYyYzhiN2ZkOGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQBHSFELPlqnClXb4M2jR3nYPGH3x6dEQDJTbWNDD99r
3EdcUYtyUQY6apKuZ+pmRn3LSKXtBSd2L7TrK/1EuHYx7JjNcB2GxtNnjovuC/aS
IkLhCGj+dBmrylzEkIJgLqUNxU/A0/Jix6vWcV/a9EXUEApAZpensVo4pwIzunLD
v+ylr9+vm0Bzie8TfSr/uSOcbIZihDyuiEZz7u7Og+c7hZOjrkzCdchzbiYfmvaS
XnAbWuP1JI+IIG8TA3uW6peGZ+MjfJHlRR4bKEv2rjV6F/fu54vlINV+Oy6lkO6V
cW55a6oJGRv/sU0WneXr2k9DUXoZ/mFcYXDf/M7lqonC
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:34:47 2025 by rpki-client