Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: QqglYgs0zHQvIB1EIzp/Ha/G+9eoXBL+zigWRxa2zjA=
Subject key identifier: 53:51:D4:5A:B5:58:3F:D6:6B:74:55:C4:E3:55:5C:E7:95:01:D7:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C534194F0DB2A51BE4A9978D2EDC91C42D53705
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Mon 29 Sep 2025 15:40:06 +0000
ROA not before: Mon 29 Sep 2025 15:40:06 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:53:41:94:f0:db:2a:51:be:4a:99:78:d2:ed:c9:1c:42:d5:37:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:06 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=df19d0e2b53ab1650de2d239b4e8b066281fc06ee042623ec4cf61bbc13a449e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:1f:32:1d:63:79:6e:5d:f6:97:d3:e8:7f:dd:
be:32:60:d1:79:8b:fc:a6:08:82:f3:c5:7c:bb:ab:
13:30:fa:ee:6d:2f:6d:ab:6a:d3:cd:e9:71:cb:d6:
6a:b0:f2:bb:6b:92:35:50:85:cf:b0:8f:7b:7e:db:
dc:c7:66:a3:3b:37:a9:2e:76:65:ef:5a:94:7d:b5:
67:6a:a2:6a:fd:88:6d:2d:5a:e8:eb:c1:d9:20:f3:
77:44:bc:82:76:11:53:f1:85:f1:57:ab:bf:3f:6a:
05:9f:71:a5:43:26:b2:c3:67:18:aa:2e:a7:fd:3a:
fc:d3:9c:41:e8:32:78:23:65:e6:39:0f:50:b9:3d:
96:2b:88:ea:76:86:7d:36:d1:d1:19:3c:06:9e:95:
f8:aa:6a:a9:c0:e7:1c:f3:86:04:d0:6e:1f:47:1f:
03:d1:af:d9:7e:b7:3e:87:b1:04:93:ce:80:f8:56:
4d:dd:f1:cd:8d:40:06:15:7b:4f:1c:1e:70:ba:d0:
69:fd:fc:1a:4c:6d:ea:8f:37:84:6a:42:a7:5f:5e:
89:2b:7f:1f:50:0a:2d:a0:1a:df:14:ae:3d:19:80:
69:71:d0:34:20:7c:61:a3:67:c9:62:2f:83:b9:b4:
73:36:38:c6:26:95:fd:63:5e:e1:9d:03:df:ab:8e:
5d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:51:D4:5A:B5:58:3F:D6:6B:74:55:C4:E3:55:5C:E7:95:01:D7:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:3b:d7:ee:3b:da:75:4b:34:60:77:5d:5a:75:47:9d:f0:a5:
80:2b:4c:f1:7a:ff:81:f0:c1:9a:ee:c4:46:8f:d5:45:fc:5a:
f0:64:62:1b:bc:ca:4c:c4:f1:5a:03:d5:2b:47:15:a5:6f:0b:
dd:83:8e:f5:47:66:c8:8a:a2:cf:2f:52:82:a9:03:98:09:87:
3f:16:90:ea:93:17:b9:97:fd:fd:c7:de:a0:91:b4:ee:be:97:
2c:2c:8f:8e:a6:ea:9b:25:46:9d:04:71:25:19:0d:6b:38:ce:
9e:4e:76:f4:35:90:0a:9b:e9:7d:08:b5:09:6c:06:e2:a1:56:
b0:c2:ac:cd:e5:d8:59:15:41:41:f4:87:00:8f:d2:b5:1c:3c:
ac:94:0f:ac:46:74:42:0a:a6:7b:d2:c2:8d:7e:73:2a:04:34:
a8:1d:14:45:ba:14:c8:d3:01:61:87:87:02:7d:1b:e1:e8:c8:
f7:18:d9:10:16:cc:69:4a:8e:b7:29:1c:64:b5:5a:02:3c:4c:
de:3e:c0:74:ab:14:f2:4b:7a:31:37:40:3e:ea:49:d7:24:79:
f1:78:65:9f:ad:4c:87:2b:87:de:46:dd:1c:f6:a8:0c:03:2c:
9a:45:f5:fa:41:35:87:49:6c:dc:d8:3c:ac:a3:56:a6:25:ff:
8b:54:42:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULFNBlPDbKlG+Spl40u3JHELVNwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMDZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmMTlkMGUyYjUzYWIxNjUwZGUyZDIzOWI0ZThiMDY2MjgxZmMwNmVlMDQy
NjIzZWM0Y2Y2MWJiYzEzYTQ0OWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOcfMh1jeW5d9pfT6H/dvjJg0XmL/KYIgvPFfLurEzD67m0vbatq083pccvW
arDyu2uSNVCFz7CPe37b3Mdmozs3qS52Ze9alH21Z2qiav2IbS1a6OvB2SDzd0S8
gnYRU/GF8Vervz9qBZ9xpUMmssNnGKoup/06/NOcQegyeCNl5jkPULk9liuI6naG
fTbR0Rk8Bp6V+KpqqcDnHPOGBNBuH0cfA9Gv2X63PoexBJPOgPhWTd3xzY1ABhV7
TxwecLrQaf38Gkxt6o83hGpCp19eiSt/H1AKLaAa3xSuPRmAaXHQNCB8YaNnyWIv
g7m0czY4xiaV/WNe4Z0D36uOXaECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRTUdRa
tVg/1mt0VcTjVVznlQHXfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEApzvX7jvadUs0YHddWnVHnfClgCtM8Xr/gfDBmu7E
Ro/VRfxa8GRiG7zKTMTxWgPVK0cVpW8L3YOO9UdmyIqizy9SgqkDmAmHPxaQ6pMX
uZf9/cfeoJG07r6XLCyPjqbqmyVGnQRxJRkNazjOnk529DWQCpvpfQi1CWwG4qFW
sMKszeXYWRVBQfSHAI/StRw8rJQPrEZ0Qgqme9LCjX5zKgQ0qB0URboUyNMBYYeH
An0b4ejI9xjZEBbMaUqOtykcZLVaAjxM3j7AdKsU8kt6MTdAPupJ1yR58Xhln61M
hyuH3kbdHPaoDAMsmkX1+kE1h0ls3Ng8rKNWpiX/i1RCzQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:07 2025 by rpki-client