Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
File: 41816f61-5ce3-406a-8d78-37c4eafa6915.roa (raw, json)
Hash identifier: W5ERgPJoDCY01FVemzUCJZg5VfdYGXem1pQjPrJcA1A=
Subject key identifier: E9:25:3F:A6:5A:94:0E:91:F4:13:02:25:E4:05:CB:1E:21:24:70:7B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1984AE079E4A55BD58D91867CF0421D9C6F6C977
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
Signing time: Tue 21 Oct 2025 14:40:32 +0000
ROA not before: Tue 21 Oct 2025 14:40:32 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:84:ae:07:9e:4a:55:bd:58:d9:18:67:cf:04:21:d9:c6:f6:c9:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:32 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cf1014d3e7da685f0a3538578c38d130afc0097bcb8709e6bad1f59312cc6efc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8f:fd:26:58:b6:ee:04:9a:53:7a:66:0f:cb:
e4:fc:4d:e7:14:23:46:0e:94:7b:9d:f6:9e:8d:c7:
fa:da:89:c1:94:15:28:ff:af:05:c0:0a:45:15:8b:
98:37:70:8f:dd:e6:6f:7b:e6:de:01:de:a2:7e:21:
0e:1b:c3:74:e6:ae:87:e8:c9:33:2d:a6:c3:14:e5:
e0:75:24:6a:eb:e8:3e:f2:71:fc:68:98:63:0c:e8:
60:1c:f9:f8:fb:35:3a:ad:ac:d9:08:9a:e6:fb:b9:
8a:a5:83:27:51:92:3e:7f:3e:9a:46:72:d4:b9:11:
24:36:b6:9b:6e:ff:74:f2:12:4c:30:4e:a8:29:f3:
05:6b:44:b7:df:7d:ab:49:3b:9c:08:dc:a6:48:41:
e4:d9:51:81:9a:7a:19:92:b2:a8:e9:d0:60:57:31:
ee:b3:c0:24:0c:47:9f:78:a0:fb:04:64:17:ae:21:
5f:be:4f:fc:ae:61:ae:24:2c:37:9e:fe:5f:6b:d7:
8b:35:94:98:ff:62:e1:52:ab:2b:90:b5:f1:aa:66:
af:1c:39:a6:36:8e:76:af:9d:e5:a3:8b:57:9d:9e:
8a:07:a2:9b:68:9e:d8:59:18:ff:88:5b:89:03:50:
da:fc:d8:65:8c:d1:2b:c4:5d:4f:af:99:2d:69:48:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:25:3F:A6:5A:94:0E:91:F4:13:02:25:E4:05:CB:1E:21:24:70:7B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/41816f61-5ce3-406a-8d78-37c4eafa6915.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.32.0/19
Signature Algorithm: sha256WithRSAEncryption
93:5f:9d:7c:65:29:7b:d4:5e:75:79:5c:7c:9a:eb:d8:90:64:
9f:d5:5b:d0:e2:2f:35:0f:0a:0b:f7:42:70:15:06:dd:9e:27:
f4:d8:00:f5:70:24:89:9b:68:2b:a6:b1:61:b3:db:54:80:ed:
94:f0:a1:91:42:5e:e5:71:46:c6:3b:c7:b6:01:b2:48:1f:73:
6c:c0:03:25:b6:fa:fa:9a:67:94:ee:14:92:4d:23:ae:f9:43:
c0:1f:d0:3f:a2:5a:9c:9a:c8:fc:47:9a:58:29:b8:23:e2:ed:
8e:54:fd:a2:2d:c8:12:01:bc:e0:49:a5:1f:c6:c6:6d:66:f3:
99:d1:e2:44:fb:e7:13:46:4f:0c:b4:28:62:5c:c6:24:19:64:
f7:24:0f:1c:2e:e3:f3:e0:1e:d9:4c:22:88:7e:80:1f:a9:90:
70:a9:a0:d5:98:0c:a5:da:75:5a:75:f3:6e:c6:d6:7f:e8:3b:
0d:dc:c6:38:fa:d7:4f:95:cd:78:b1:01:46:dd:5e:56:17:6f:
8b:71:3e:28:a3:58:5b:43:60:2b:8a:64:73:9d:d3:7f:e9:08:
76:6f:e6:3a:9c:46:76:4a:d7:95:11:f4:20:0e:eb:22:2e:9e:
2f:b8:2c:cc:a2:7b:61:8a:51:5a:b8:9a:12:45:7a:fe:e9:ae:
21:c9:55:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGYSuB55KVb1Y2RhnzwQh2cb2yXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmMTAxNGQzZTdkYTY4NWYwYTM1Mzg1NzhjMzhkMTMwYWZjMDA5N2JjYjg3
MDllNmJhZDFmNTkzMTJjYzZlZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuP/SZYtu4EmlN6Zg/L5PxN5xQjRg6Ue532no3H+tqJwZQVKP+vBcAKRRWL
mDdwj93mb3vm3gHeon4hDhvDdOauh+jJMy2mwxTl4HUkauvoPvJx/GiYYwzoYBz5
+Ps1Oq2s2Qia5vu5iqWDJ1GSPn8+mkZy1LkRJDa2m27/dPISTDBOqCnzBWtEt999
q0k7nAjcpkhB5NlRgZp6GZKyqOnQYFcx7rPAJAxHn3ig+wRkF64hX75P/K5hriQs
N57+X2vXizWUmP9i4VKrK5C18apmrxw5pjaOdq+d5aOLV52eigeim2ie2FkY/4hb
iQNQ2vzYZYzRK8RdT6+ZLWlIxykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTpJT+m
WpQOkfQTAiXkBcseISRwezAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE4MTZmNjEtNWNlMy00MDZhLThkNzgtMzdjNGVhZmE2OTE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBTMAIDAN
BgkqhkiG9w0BAQsFAAOCAQEAk1+dfGUpe9RedXlcfJrr2JBkn9Vb0OIvNQ8KC/dC
cBUG3Z4n9NgA9XAkiZtoK6axYbPbVIDtlPChkUJe5XFGxjvHtgGySB9zbMADJbb6
+ppnlO4Ukk0jrvlDwB/QP6JanJrI/EeaWCm4I+LtjlT9oi3IEgG84EmlH8bGbWbz
mdHiRPvnE0ZPDLQoYlzGJBlk9yQPHC7j8+Ae2UwiiH6AH6mQcKmg1ZgMpdp1WnXz
bsbWf+g7DdzGOPrXT5XNeLEBRt1eVhdvi3E+KKNYW0NgK4pkc53Tf+kIdm/mOpxG
dkrXlRH0IA7rIi6eL7gszKJ7YYpRWriaEkV6/umuIclVhw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:32:00 2025 by rpki-client