Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
File: 2d24b638-b951-4333-ac88-4886c7af230f.roa (raw, json)
Hash identifier: gu3YbdLoQlJexCYozuhoZH1yxp4cZeZ4JmP4S0OPLgU=
Subject key identifier: 02:94:0A:5F:CC:0A:9E:0E:7C:46:5C:5D:04:56:44:19:33:50:D6:54
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 738E03197EA5C9087088E63D66628733F079864A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
Signing time: Tue 21 Oct 2025 14:50:44 +0000
ROA not before: Tue 21 Oct 2025 14:50:44 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.82.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:8e:03:19:7e:a5:c9:08:70:88:e6:3d:66:62:87:33:f0:79:86:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:44 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=d09dfe1e4a4eec340a637ed9f6c9819e38f68c718536d25a5aa3e0bdf3ad6199, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1a:c5:14:e1:fc:44:99:44:01:e4:69:9c:92:
b3:fa:7f:aa:60:cd:ad:92:f6:ad:29:eb:0f:73:99:
0e:a0:f9:46:8f:34:86:d1:0d:47:01:1a:58:01:9b:
7a:83:7f:ba:f0:0f:a1:33:79:d3:c4:0f:5e:1c:9e:
f1:49:af:9d:3e:15:71:31:29:2b:73:99:0f:65:01:
55:52:be:37:77:a7:e9:83:8b:6e:22:fd:44:f2:f5:
98:e4:06:ac:27:57:11:89:ba:a8:df:00:38:e9:4c:
10:0b:13:9c:8a:31:af:be:fe:77:f7:74:98:87:76:
0c:82:fe:17:8e:dd:f4:1f:6f:f7:ab:e4:1e:03:1a:
2f:2b:eb:55:c9:bb:94:dc:8a:da:94:fd:04:79:e2:
d1:2a:95:91:de:1d:eb:11:bd:7a:dd:bd:d4:9d:d5:
87:1b:a1:6e:03:32:57:e6:8f:52:74:7b:f8:4a:78:
0b:da:93:93:03:08:6e:20:cb:c7:38:90:9a:36:fa:
a9:8e:20:81:0a:93:0e:69:37:43:97:2d:c5:ef:f9:
26:cb:d6:96:e3:75:dd:67:9d:83:e7:a0:a1:50:b6:
41:25:38:fd:ba:ba:68:49:fc:49:60:90:8b:73:55:
81:0d:0f:e6:c6:8a:ea:79:bf:77:64:77:2f:5a:06:
db:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:94:0A:5F:CC:0A:9E:0E:7C:46:5C:5D:04:56:44:19:33:50:D6:54
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2d24b638-b951-4333-ac88-4886c7af230f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:8b:79:85:c7:8b:0f:83:a3:0e:e3:57:97:ce:03:af:0f:b1:
12:0d:49:e6:04:d4:67:dd:1b:0a:00:a1:c6:58:ac:2a:ed:ad:
41:77:78:f9:4d:e7:18:2e:73:e8:49:6d:29:e7:39:00:eb:73:
e9:a8:a2:c1:4c:4d:87:70:e0:a5:4a:27:4f:a5:0b:a5:03:77:
7c:20:39:41:f0:bc:4c:f2:6a:84:a9:9d:4f:b0:c7:07:ea:a4:
c4:df:81:3b:a8:50:0f:c4:97:ef:a3:43:70:6e:a5:79:1d:7d:
53:f9:03:73:12:40:e3:bd:a0:5b:61:21:3e:70:cb:50:c3:e9:
fe:34:9b:3e:e0:34:0f:c2:3f:41:16:c1:6a:f8:03:10:ee:ac:
22:a2:9e:33:86:15:e8:5e:90:32:e9:c8:6d:45:83:68:e8:be:
7b:35:74:6f:5f:08:0a:d4:6e:d7:d5:bb:f6:0b:52:37:21:8d:
57:c1:11:13:13:fc:b8:b1:23:1e:8e:f4:b8:15:67:98:92:ec:
a9:4f:d4:ef:a4:4e:9d:5d:77:c3:10:64:86:b5:e7:c2:57:0c:
f0:05:fb:a7:2d:89:8e:d3:83:f2:54:fe:6e:14:39:60:82:b9:
e7:d1:46:36:b8:37:e1:5c:74:bf:2f:6c:98:0d:e9:4c:7a:3b:
24:20:8c:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc44DGX6lyQhwiOY9ZmKHM/B5hkowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwNDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwOWRmZTFlNGE0ZWVjMzQwYTYzN2VkOWY2Yzk4MTllMzhmNjhjNzE4NTM2
ZDI1YTVhYTNlMGJkZjNhZDYxOTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKgaxRTh/ESZRAHkaZySs/p/qmDNrZL2rSnrD3OZDqD5Ro80htENRwEaWAGb
eoN/uvAPoTN508QPXhye8UmvnT4VcTEpK3OZD2UBVVK+N3en6YOLbiL9RPL1mOQG
rCdXEYm6qN8AOOlMEAsTnIoxr77+d/d0mId2DIL+F47d9B9v96vkHgMaLyvrVcm7
lNyK2pT9BHni0SqVkd4d6xG9et291J3VhxuhbgMyV+aPUnR7+Ep4C9qTkwMIbiDL
xziQmjb6qY4ggQqTDmk3Q5ctxe/5JsvWluN13Wedg+egoVC2QSU4/bq6aEn8SWCQ
i3NVgQ0P5saK6nm/d2R3L1oG20kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQClApf
zAqeDnxGXF0EVkQZM1DWVDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmQyNGI2MzgtYjk1MS00MzMzLWFjODgtNDg4NmM3YWYyMzBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNSMA0G
CSqGSIb3DQEBCwUAA4IBAQBEi3mFx4sPg6MO41eXzgOvD7ESDUnmBNRn3RsKAKHG
WKwq7a1Bd3j5TecYLnPoSW0p5zkA63PpqKLBTE2HcOClSidPpQulA3d8IDlB8LxM
8mqEqZ1PsMcH6qTE34E7qFAPxJfvo0NwbqV5HX1T+QNzEkDjvaBbYSE+cMtQw+n+
NJs+4DQPwj9BFsFq+AMQ7qwiop4zhhXoXpAy6chtRYNo6L57NXRvXwgK1G7X1bv2
C1I3IY1XwRETE/y4sSMejvS4FWeYkuypT9TvpE6dXXfDEGSGtefCVwzwBfunLYmO
04PyVP5uFDlggrnn0UY2uDfhXHS/L2yYDelMejskIIz7
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:31:10 2025 by rpki-client