Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
File: 1daf6597-c039-470d-a015-f42507e1afef.roa (raw, json)
Hash identifier: e7lPdKM8H3PSWVhxDbsBK0rhKARYezRcTw85PSuLit4=
Subject key identifier: BA:96:F8:19:C7:BE:4E:1E:B2:09:8C:33:92:BE:4E:63:B2:FB:51:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 51959E2FCD3E66F2EF68C0B9E917F516859391D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
Signing time: Tue 21 Oct 2025 15:00:33 +0000
ROA not before: Tue 21 Oct 2025 15:00:33 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.172.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:95:9e:2f:cd:3e:66:f2:ef:68:c0:b9:e9:17:f5:16:85:93:91:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:33 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9d42035ebe91bdde11b3e63b0221a732b0a1f7b492ac223086b7fb590ec9ed26, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:75:90:bf:9a:4b:5e:d0:b9:f7:8e:af:dc:
63:17:bd:a1:11:aa:79:70:67:5f:34:9b:4c:ff:e9:
e6:68:f8:6b:26:04:5d:69:d7:2c:07:e6:93:a4:c4:
8e:f3:18:cc:00:2d:1d:16:81:20:63:a6:24:16:5b:
e4:9a:13:19:b3:1b:1d:cf:b3:dd:41:bf:96:e3:22:
e2:71:d5:3b:99:84:78:35:de:89:bd:40:0c:53:d5:
db:5d:a3:15:93:1a:a2:db:53:6b:85:c3:7a:87:5a:
7d:2b:b8:73:7d:37:f2:99:2c:90:22:d3:f6:6a:4f:
73:b9:ab:c2:d7:ca:38:e3:d2:c8:80:ed:b4:a4:72:
cc:a6:b9:a7:52:11:f3:5c:94:d2:49:18:03:1d:96:
07:b1:23:3c:f3:5a:ae:f3:ac:47:cb:f0:3c:46:17:
d3:bc:3b:db:e5:02:e7:b2:81:23:00:e9:5f:aa:33:
e3:1a:7b:49:1d:91:08:33:8a:90:65:0a:d3:be:eb:
34:cd:ea:f2:8e:0b:3b:5e:87:d6:ee:b5:ec:2b:19:
98:7c:b2:25:31:9d:1b:ed:ac:34:78:1a:4a:c5:40:
05:f2:b7:d3:dd:56:d5:4b:5d:34:b1:91:0e:2a:d3:
da:58:c6:6b:77:82:18:2e:40:8b:74:f7:b2:f5:35:
1b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:96:F8:19:C7:BE:4E:1E:B2:09:8C:33:92:BE:4E:63:B2:FB:51:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1daf6597-c039-470d-a015-f42507e1afef.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.172.0.0/15
Signature Algorithm: sha256WithRSAEncryption
19:fb:1e:d0:19:89:f1:6a:5b:6c:78:f8:3e:6b:20:d5:75:31:
c1:77:e3:30:68:b6:56:02:0a:70:20:62:c3:82:c0:f9:90:e6:
cb:c8:44:27:ed:8f:1f:7a:41:ec:1a:d3:a4:10:7b:7f:72:42:
6a:ad:b1:0e:52:d5:77:16:23:f1:71:3e:8d:6a:6a:c0:f7:61:
b2:00:0b:5c:40:54:00:ff:5d:7c:8c:33:cd:44:12:1a:20:30:
75:3b:fd:0a:df:5a:b7:e2:78:a6:d2:bf:03:67:dd:48:35:b5:
7f:c9:e4:f7:4e:4e:ef:25:4d:73:ee:14:71:d0:6f:73:cf:bb:
52:c1:3f:90:54:1e:ae:e6:02:9d:a6:04:23:15:06:25:f2:46:
c7:81:75:0e:1f:ae:3c:86:4c:a9:f2:3f:6c:5e:17:40:82:00:
6a:22:56:b9:38:41:7c:56:5b:36:86:97:6c:93:30:4c:ef:5d:
f4:86:e4:3c:ca:d1:9f:dc:ce:c3:e2:82:28:20:6b:31:ad:f1:
54:d9:4e:d4:dd:fe:ab:e1:ca:9a:06:b2:e9:9b:fb:28:9e:bc:
49:14:7f:c1:95:ed:86:5d:30:07:fa:a9:5e:dc:0c:b0:0d:f1:
16:dd:42:ac:36:51:06:dc:ff:b9:2d:63:6e:94:cf:ba:18:07:
4a:6a:29:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUZWeL80+ZvLvaMC56Rf1FoWTkdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMzNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkNDIwMzVlYmU5MWJkZGUxMWIzZTYzYjAyMjFhNzMyYjBhMWY3YjQ5MmFj
MjIzMDg2YjdmYjU5MGVjOWVkMjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUXdZC/mkte0Ln3jq/cYxe9oRGqeXBnXzSbTP/p5mj4ayYEXWnXLAfmk6TE
jvMYzAAtHRaBIGOmJBZb5JoTGbMbHc+z3UG/luMi4nHVO5mEeDXeib1ADFPV212j
FZMaottTa4XDeodafSu4c3038pkskCLT9mpPc7mrwtfKOOPSyIDttKRyzKa5p1IR
81yU0kkYAx2WB7EjPPNarvOsR8vwPEYX07w72+UC57KBIwDpX6oz4xp7SR2RCDOK
kGUK077rNM3q8o4LO16H1u617CsZmHyyJTGdG+2sNHgaSsVABfK3091W1UtdNLGR
DirT2ljGa3eCGC5Ai3T3svU1GyUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6lvgZ
x75OHrIJjDOSvk5jsvtR4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWRhZjY1OTctYzAzOS00NzBkLWEwMTUtZjQyNTA3ZTFhZmVmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOsMA0G
CSqGSIb3DQEBCwUAA4IBAQAZ+x7QGYnxaltsePg+ayDVdTHBd+MwaLZWAgpwIGLD
gsD5kObLyEQn7Y8fekHsGtOkEHt/ckJqrbEOUtV3FiPxcT6NamrA92GyAAtcQFQA
/118jDPNRBIaIDB1O/0K31q34nim0r8DZ91INbV/yeT3Tk7vJU1z7hRx0G9zz7tS
wT+QVB6u5gKdpgQjFQYl8kbHgXUOH648hkyp8j9sXhdAggBqIla5OEF8Vls2hpds
kzBM7130huQ8ytGf3M7D4oIoIGsxrfFU2U7U3f6r4cqaBrLpm/sonrxJFH/Ble2G
XTAH+qle3AywDfEW3UKsNlEG3P+5LWNulM+6GAdKaimE
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:17:43 2025 by rpki-client