Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
File: ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa (raw, json)
Hash identifier: 9TpLbDXLQw+y7jqk1IpTKjUKrw5hBD/oLyY/1eSqaXY=
Subject key identifier: 25:35:67:47:EE:FB:03:59:50:61:46:D5:5E:53:A0:79:56:87:7C:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A100BC6E6C56879E4D90C94089CADB26187047F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
Signing time: Fri 26 Sep 2025 20:20:37 +0000
ROA not before: Fri 26 Sep 2025 20:20:37 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:10:0b:c6:e6:c5:68:79:e4:d9:0c:94:08:9c:ad:b2:61:87:04:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:37 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=6f35b65f01086bfa3930841ed8221754981d7a9f550489f609ea124a3e9dc284, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:22:85:b3:31:79:5d:a8:49:f9:27:89:16:db:
fb:f6:8a:b1:2e:8d:36:f5:a8:4e:64:bd:b9:ed:f6:
e5:97:b9:f3:e4:25:37:34:a7:be:bc:91:e4:ac:7d:
6e:1a:44:42:1a:3c:9e:63:e0:15:a5:b6:e6:8e:12:
0b:2f:46:70:74:b7:63:e4:5e:da:4f:49:b1:43:3f:
89:42:88:84:d6:ea:d4:e4:0b:d8:b3:e3:f5:60:bd:
de:f0:2c:73:21:1d:15:d9:98:2b:34:9d:5e:9d:d6:
85:31:36:e6:a4:21:d2:72:61:72:6b:9f:9f:e1:66:
02:21:7b:ed:df:7a:6b:de:64:47:ea:db:de:36:a0:
4e:b6:34:9c:bd:d0:aa:d2:a0:20:16:0c:a7:6f:b1:
4e:83:99:ef:39:eb:6c:24:4a:14:8e:ce:0c:08:bf:
c9:18:3e:d7:41:02:7b:f7:fe:98:f9:39:da:b1:83:
81:25:f6:12:87:39:7f:a0:ab:cc:bc:bb:be:97:89:
fc:1f:49:3e:50:ca:b1:15:2a:fe:60:32:a0:3c:4c:
b7:c8:18:2e:6f:cc:62:c1:22:84:32:1c:c4:80:10:
fa:bc:fa:8b:93:9e:77:6e:af:f7:83:15:28:87:fc:
66:8d:60:0a:dc:1b:4b:76:3e:55:e9:0c:1a:43:ee:
71:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:35:67:47:EE:FB:03:59:50:61:46:D5:5E:53:A0:79:56:87:7C:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecfa3c13-cba9-4529-84cf-7b6bf8e5cd4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a2:9b:b6:4f:77:32:0d:66:ab:ff:f0:93:02:d6:22:fe:89:75:
dc:80:26:6a:d9:a7:39:8b:72:3c:53:50:b3:e6:4e:38:8e:00:
c5:3b:8f:2d:ad:d9:53:d8:e3:e0:2e:b9:ca:60:1d:74:70:51:
ed:37:24:dc:65:f5:1d:c2:85:eb:19:72:28:74:9a:e6:a8:ad:
96:b6:55:15:8f:64:59:b8:a2:00:4a:93:8c:36:44:3e:91:58:
f5:09:52:ab:6a:3f:0b:01:e0:b0:a7:c6:d3:d4:53:97:a1:c1:
0d:a2:55:62:f0:6e:2d:fe:b4:bb:57:f1:b6:9e:33:85:d9:13:
65:1b:0a:60:cd:71:5f:2a:fb:3a:91:8a:27:d4:dc:d8:f2:f9:
29:bc:e7:63:d1:99:04:7b:d0:4c:be:44:fc:d2:92:25:d2:73:
55:f1:85:cb:8b:87:19:0f:51:3e:70:6b:b6:5e:c8:69:dd:a0:
0a:60:41:c0:7a:0b:c8:6f:43:b9:58:2d:40:22:e2:db:22:ca:
1f:40:b9:a1:8c:d6:4a:34:0e:84:b8:ec:b6:d9:bd:64:72:4c:
14:e1:af:ad:4e:89:a5:0f:4b:8c:e3:dc:71:b7:a0:7f:83:bf:
ff:38:52:ae:c9:dd:fe:1b:9e:da:b1:a1:c1:c8:51:bd:ae:ec:
da:a9:ff:97
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUShALxubFaHnk2QyUCJytsmGHBH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMzdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmMzViNjVmMDEwODZiZmEzOTMwODQxZWQ4MjIxNzU0OTgxZDdhOWY1NTA0
ODlmNjA5ZWExMjRhM2U5ZGMyODQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgihbMxeV2oSfkniRbb+/aKsS6NNvWoTmS9ue325Ze58+QlNzSnvryR5Kx9
bhpEQho8nmPgFaW25o4SCy9GcHS3Y+Re2k9JsUM/iUKIhNbq1OQL2LPj9WC93vAs
cyEdFdmYKzSdXp3WhTE25qQh0nJhcmufn+FmAiF77d96a95kR+rb3jagTrY0nL3Q
qtKgIBYMp2+xToOZ7znrbCRKFI7ODAi/yRg+10ECe/f+mPk52rGDgSX2Eoc5f6Cr
zLy7vpeJ/B9JPlDKsRUq/mAyoDxMt8gYLm/MYsEihDIcxIAQ+rz6i5Oed26v94MV
KIf8Zo1gCtwbS3Y+VekMGkPucakCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQlNWdH
7vsDWVBhRtVeU6B5Vod8MzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmYTNjMTMtY2JhOS00NTI5LTg0Y2YtN2I2YmY4ZTVjZDRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQCim7ZPdzINZqv/8JMC1iL+iXXcgCZq2ac5i3I8U1Cz
5k44jgDFO48trdlT2OPgLrnKYB10cFHtNyTcZfUdwoXrGXIodJrmqK2WtlUVj2RZ
uKIASpOMNkQ+kVj1CVKraj8LAeCwp8bT1FOXocENolVi8G4t/rS7V/G2njOF2RNl
GwpgzXFfKvs6kYon1NzY8vkpvOdj0ZkEe9BMvkT80pIl0nNV8YXLi4cZD1E+cGu2
Xshp3aAKYEHAegvIb0O5WC1AIuLbIsofQLmhjNZKNA6EuOy22b1kckwU4a+tToml
D0uM49xxt6B/g7//OFKuyd3+G57asaHByFG9ruzaqf+X
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:01 2025 by rpki-client