Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
File: 226b8c83-9647-47e2-847b-1787f3d54040.roa (raw, json)
Hash identifier: HhQ7bHVI07sgVgXsDAwfi6ubN87m86F6KB8T7iltmlE=
Subject key identifier: 8F:29:4A:B5:6A:A7:7A:95:61:49:BD:C1:E4:78:2C:21:47:9B:AB:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60E9C1C4742FF24CA46708D705A68A8EA75F53E2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
Signing time: Fri 24 Oct 2025 00:40:27 +0000
ROA not before: Fri 24 Oct 2025 00:40:27 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.94.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:e9:c1:c4:74:2f:f2:4c:a4:67:08:d7:05:a6:8a:8e:a7:5f:53:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:27 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=dba85ee22fdf19729a678fb8e6420c6c48dadaaa332201def393b43640aa4d71, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:01:52:63:2a:d7:6c:83:65:d8:aa:4a:59:50:
8d:fe:0f:eb:00:8c:51:96:eb:b6:da:09:b8:1e:d2:
76:1a:96:80:3d:d5:ce:c0:d9:9e:7a:45:9d:1d:1b:
4b:6a:f2:be:92:fb:1d:44:13:33:c6:87:86:84:c5:
e8:12:db:2e:01:26:fb:ab:c6:08:0a:bf:be:9f:51:
43:76:aa:0d:72:c6:ab:ae:69:0d:90:5f:18:3f:b1:
b5:e8:57:54:cd:45:4d:0a:ff:4a:3d:46:a1:4a:bb:
d7:1b:0f:b6:dd:70:4d:ea:3d:76:91:e4:7d:ae:04:
60:46:22:79:ec:15:6c:ee:86:3d:4d:5d:ea:01:11:
25:51:76:51:f8:e2:be:23:d4:d9:29:34:2a:d1:86:
00:74:05:68:26:9d:6c:60:06:7c:89:81:b3:cf:8b:
cf:37:01:bf:9c:0f:b2:90:5b:33:b1:d7:d4:23:45:
39:53:d6:60:67:5b:ae:f9:7b:3f:9c:4d:94:c4:2f:
68:1d:a1:e9:65:e7:a1:72:c0:6d:15:f6:b0:65:c2:
9f:d3:bc:06:5b:14:9e:50:18:57:fd:4c:71:9d:6c:
21:2d:04:a9:63:44:c0:a5:39:a7:e8:6b:2f:ac:8f:
a3:e6:f0:10:26:1f:ad:f8:9d:b5:fa:3e:47:ca:7c:
6b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:29:4A:B5:6A:A7:7A:95:61:49:BD:C1:E4:78:2C:21:47:9B:AB:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/226b8c83-9647-47e2-847b-1787f3d54040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.94.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2f:1e:9e:36:bb:9e:e1:2e:c0:81:8f:a7:74:55:4b:a4:18:4e:
b5:32:46:34:35:6b:03:b7:d0:35:e2:a6:66:6f:2b:1f:73:bc:
e5:6e:47:da:0a:37:ef:c7:93:39:2b:23:34:11:a3:d0:9d:18:
b6:2d:db:1d:63:4e:9f:52:02:18:c4:7c:c0:bd:b5:a5:36:bf:
36:70:58:b6:a3:16:ff:dc:7b:fb:b4:36:bc:49:c8:1e:47:df:
cb:fb:51:38:9d:19:14:8e:a8:8e:16:fa:3e:d7:48:7e:3e:ba:
66:d5:bd:2c:a2:1b:e5:f6:2d:11:4b:12:6d:91:63:d8:8f:36:
e0:79:3f:30:f6:aa:2f:ef:e5:df:85:5a:cb:03:73:8a:49:ed:
bc:3a:2c:4d:b4:fe:ae:30:94:aa:35:24:29:ea:e7:aa:0a:27:
3b:91:9a:60:44:ca:96:c8:42:f1:4e:61:98:65:18:ed:1e:4b:
2d:e6:40:d0:0e:6c:21:85:eb:c7:59:d0:8a:c8:81:a5:81:27:
c2:af:2c:4f:21:57:5b:66:c5:99:9e:20:b9:8c:f3:7e:58:a8:
d8:bb:bd:98:36:a5:52:97:01:24:4c:ab:71:d9:2e:63:a7:28:
fe:56:6c:c9:21:b4:ab:76:41:95:80:c9:ca:5e:b0:70:98:95:
74:84:16:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYOnBxHQv8kykZwjXBaaKjqdfU+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjdaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiYTg1ZWUyMmZkZjE5NzI5YTY3OGZiOGU2NDIwYzZjNDhkYWRhYWEzMzIy
MDFkZWYzOTNiNDM2NDBhYTRkNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4BUmMq12yDZdiqSllQjf4P6wCMUZbrttoJuB7SdhqWgD3VzsDZnnpFnR0b
S2ryvpL7HUQTM8aHhoTF6BLbLgEm+6vGCAq/vp9RQ3aqDXLGq65pDZBfGD+xtehX
VM1FTQr/Sj1GoUq71xsPtt1wTeo9dpHkfa4EYEYieewVbO6GPU1d6gERJVF2Ufji
viPU2Sk0KtGGAHQFaCadbGAGfImBs8+LzzcBv5wPspBbM7HX1CNFOVPWYGdbrvl7
P5xNlMQvaB2h6WXnoXLAbRX2sGXCn9O8BlsUnlAYV/1McZ1sIS0EqWNEwKU5p+hr
L6yPo+bwECYfrfidtfo+R8p8ayECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSPKUq1
aqd6lWFJvcHkeCwhR5urATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2YjhjODMtOTY0Ny00N2UyLTg0N2ItMTc4N2YzZDU0MDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNeMA0G
CSqGSIb3DQEBCwUAA4IBAQAvHp42u57hLsCBj6d0VUukGE61MkY0NWsDt9A14qZm
bysfc7zlbkfaCjfvx5M5KyM0EaPQnRi2LdsdY06fUgIYxHzAvbWlNr82cFi2oxb/
3Hv7tDa8ScgeR9/L+1E4nRkUjqiOFvo+10h+Prpm1b0sohvl9i0RSxJtkWPYjzbg
eT8w9qov7+XfhVrLA3OKSe28OixNtP6uMJSqNSQp6ueqCic7kZpgRMqWyELxTmGY
ZRjtHkst5kDQDmwhhevHWdCKyIGlgSfCryxPIVdbZsWZniC5jPN+WKjYu72YNqVS
lwEkTKtx2S5jpyj+VmzJIbSrdkGVgMnKXrBwmJV0hBbI
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:32:53 2025 by rpki-client