Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: wlMQk4Dc8RwZSvqX2ZnNp4ZY2dWYnBqW4CsbJu6SXgE=
Subject key identifier: 15:78:28:D4:9E:98:DF:E9:3F:10:6B:94:0E:EC:FB:F2:01:3C:36:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B6ACA2E0E62E81190CB2E8AA1C26228D6EF8544
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Tue 21 Oct 2025 15:00:34 +0000
ROA not before: Tue 21 Oct 2025 15:00:34 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:6a:ca:2e:0e:62:e8:11:90:cb:2e:8a:a1:c2:62:28:d6:ef:85:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:34 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4e031ab2a32fecf08be7479d831c48598575caa76a39d9662f414152308ed69a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6d:50:e9:9d:3b:ef:c6:28:66:ec:e3:ed:9a:
44:62:25:5e:a2:ab:1e:0e:58:7e:c6:d7:9f:fb:46:
07:82:32:15:cd:1d:e9:4a:7b:e5:ae:dd:95:32:d4:
6d:9e:8e:81:7e:9d:da:ee:96:9c:09:05:2e:f5:7a:
46:17:40:30:66:48:75:d5:de:ed:c0:54:84:3c:d2:
50:09:54:fe:ad:04:58:fb:11:e8:5f:c3:5b:4e:1d:
40:90:52:8f:6c:cf:e0:a4:93:c3:08:ed:b9:fd:99:
a2:f2:ee:71:de:2e:03:f6:cb:c8:70:b7:c7:30:d8:
53:94:43:82:14:ea:c4:1d:42:29:64:de:e1:bb:ba:
49:14:ec:f0:66:aa:98:79:51:b8:c0:65:5e:5c:a0:
c0:7e:0e:5d:75:e2:e9:e7:ee:20:f8:f5:c7:35:63:
71:e0:a2:b2:2d:2c:30:2c:80:03:6f:ef:13:0e:9d:
63:a8:da:3d:a8:1a:a5:82:d5:d8:35:57:b6:01:70:
16:7f:14:77:00:76:81:66:c6:88:25:11:02:04:0a:
d0:34:e0:0e:f3:ec:87:d0:ad:ad:a2:92:cf:60:1b:
75:92:70:ae:fa:04:e2:8e:6d:da:02:e2:81:e5:5c:
f1:1e:6e:52:1c:3a:c7:68:39:70:19:5b:cb:df:20:
a3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:78:28:D4:9E:98:DF:E9:3F:10:6B:94:0E:EC:FB:F2:01:3C:36:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8f:33:a5:11:2c:51:ce:41:31:eb:0c:7a:63:94:b1:a2:2f:61:
da:a1:9f:bb:4c:4e:af:51:7c:41:df:62:8f:ba:36:4c:1a:cb:
20:54:49:cf:e5:d3:4d:7e:39:d6:fd:a9:7a:97:16:73:84:e1:
0d:09:c0:3a:4a:8d:c8:03:7f:c0:ed:23:3c:e3:9e:09:a6:d8:
fa:7e:86:b6:f8:83:22:b5:a4:1c:44:9c:7a:08:c3:28:39:f4:
be:6e:ae:fa:69:e1:bd:c7:93:ea:12:22:b9:a3:a0:b4:90:63:
dc:1a:9f:47:f5:3e:59:6a:04:02:a3:04:08:53:f5:7d:89:c4:
c5:bf:d8:4e:2f:7b:71:73:45:a8:5a:36:f8:7c:c4:27:e2:5f:
74:de:c5:3d:80:c2:5c:95:f1:cb:f1:d1:88:ab:61:99:6f:70:
f5:34:05:55:42:76:e7:10:b3:1c:21:16:5b:ea:38:60:31:7f:
fc:73:97:cf:99:42:d5:59:0b:e2:8e:fa:e9:db:f0:9f:44:a5:
4b:c6:60:3d:e7:e3:e7:d0:1d:ca:1f:ee:4a:16:1d:0a:74:f2:
0c:6e:54:f2:3f:ed:1f:61:a4:0c:a7:04:08:3b:f9:25:db:a3:
31:e7:36:01:60:5b:b6:86:4b:f4:f6:15:fb:e3:b6:f8:ce:5e:
91:a2:e3:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG2rKLg5i6BGQyy6KocJiKNbvhUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMzRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMDMxYWIyYTMyZmVjZjA4YmU3NDc5ZDgzMWM0ODU5ODU3NWNhYTc2YTM5
ZDk2NjJmNDE0MTUyMzA4ZWQ2OWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMltUOmdO+/GKGbs4+2aRGIlXqKrHg5YfsbXn/tGB4IyFc0d6Up75a7dlTLU
bZ6OgX6d2u6WnAkFLvV6RhdAMGZIddXe7cBUhDzSUAlU/q0EWPsR6F/DW04dQJBS
j2zP4KSTwwjtuf2ZovLucd4uA/bLyHC3xzDYU5RDghTqxB1CKWTe4bu6SRTs8Gaq
mHlRuMBlXlygwH4OXXXi6efuIPj1xzVjceCisi0sMCyAA2/vEw6dY6jaPagapYLV
2DVXtgFwFn8UdwB2gWbGiCURAgQK0DTgDvPsh9CtraKSz2AbdZJwrvoE4o5t2gLi
geVc8R5uUhw6x2g5cBlby98go30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVeCjU
npjf6T8Qa5QO7PvyATw2pzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCPM6URLFHOQTHrDHpjlLGiL2HaoZ+7TE6vUXxB32KP
ujZMGssgVEnP5dNNfjnW/al6lxZzhOENCcA6So3IA3/A7SM8454Jptj6foa2+IMi
taQcRJx6CMMoOfS+bq76aeG9x5PqEiK5o6C0kGPcGp9H9T5ZagQCowQIU/V9icTF
v9hOL3txc0WoWjb4fMQn4l903sU9gMJclfHL8dGIq2GZb3D1NAVVQnbnELMcIRZb
6jhgMX/8c5fPmULVWQvijvrp2/CfRKVLxmA95+Pn0B3KH+5KFh0KdPIMblTyP+0f
YaQMpwQIO/kl26Mx5zYBYFu2hkv09hX747b4zl6RouML
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:27 2025 by rpki-client