Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: yVd5+Gz3i03P0hmxJn4sB6S+C/cGkgTOloh9R1Ej53Y=
Subject key identifier: 77:0E:2B:CD:4B:4B:4C:FE:0F:47:9D:6E:67:EE:F8:6A:FE:D8:B5:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71CB3F0CBAD7649E5F6A339781C18CD0817CB6DC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Fri 31 Oct 2025 02:00:20 +0000
ROA not before: Fri 31 Oct 2025 02:00:20 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:cb:3f:0c:ba:d7:64:9e:5f:6a:33:97:81:c1:8c:d0:81:7c:b6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:20 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=cde17dde5ea4266e9ebba8106ce03a7004eda7acc18e96f8d4dad733f62aa683, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:cb:8d:4d:b5:9f:e7:29:31:48:8e:cc:19:c0:
fe:a3:bf:39:9c:49:20:7a:43:49:54:a3:73:9a:ea:
0d:38:bc:48:d5:27:a5:68:04:96:59:b9:a7:ad:70:
3f:9a:02:ce:f5:48:37:9f:bb:9a:bd:14:84:d0:5b:
37:dc:66:54:28:e5:24:54:e2:6c:18:33:de:ed:0f:
ba:49:5b:89:22:f8:6d:4f:a8:20:a4:55:8e:15:e6:
23:c8:c2:6b:7e:40:db:9f:e8:17:66:35:9e:b0:e4:
a8:0f:67:4e:ce:b0:e8:eb:f7:eb:ac:77:2b:91:71:
c2:3d:0e:ad:bf:4f:9e:14:bf:da:c1:60:10:bf:69:
0a:fd:81:08:a2:92:e3:19:15:35:28:96:92:a2:28:
cb:83:8f:a4:bd:b1:59:c8:54:ea:09:da:ba:24:77:
8e:ee:65:a0:d8:cd:7e:f8:c3:6d:e3:46:e0:2e:5b:
58:bb:29:66:ad:a7:d7:a0:da:31:29:41:e3:6e:1d:
6c:ff:7b:ff:06:ea:b6:f8:16:d8:90:ed:2f:27:fb:
11:be:ba:ca:de:68:10:61:35:36:c0:bb:fb:a8:57:
4b:78:ff:b4:39:ee:78:aa:bb:f3:c5:1a:0d:ee:1a:
96:40:ba:ea:42:60:3f:db:73:4e:94:48:e8:3c:75:
80:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:0E:2B:CD:4B:4B:4C:FE:0F:47:9D:6E:67:EE:F8:6A:FE:D8:B5:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
19:98:3e:53:a9:22:7f:21:85:4c:30:ec:58:f5:bf:70:6b:ed:
1a:47:16:a6:85:5a:d7:7a:71:78:e7:0c:27:31:4f:f0:e1:4f:
6e:f7:93:06:8b:ae:d9:91:6f:74:12:b1:d9:05:81:49:6f:d9:
e2:b6:ac:21:e2:36:13:ab:02:41:94:95:2f:17:76:3d:cd:67:
60:25:97:23:ea:c6:a5:6a:dc:0b:1f:2f:3d:bf:fe:81:4f:16:
a2:37:f9:00:13:09:15:cc:82:b8:8f:1c:37:b9:4f:7b:0b:63:
58:c5:d2:e8:bd:ef:07:55:40:5c:02:50:de:12:7b:a5:de:62:
06:e2:2c:28:2e:be:75:1e:bf:1d:61:7a:3a:00:96:80:48:5c:
6e:27:ac:64:71:ba:b0:8c:82:2b:76:8d:2b:c4:5e:4a:73:f5:
27:d0:69:05:41:62:bd:f5:80:1a:69:50:db:85:d4:de:a8:6d:
81:21:60:28:72:01:24:e1:77:fb:8b:26:cf:86:d1:36:da:52:
5a:63:e7:0c:47:50:71:3d:c7:8d:dc:e8:0a:a0:bb:7d:11:1e:
1a:93:b3:86:76:49:83:83:52:95:1a:a6:c0:e8:5a:7d:38:1e:
65:c9:35:17:d7:1a:7e:09:b9:3f:66:34:4d:8c:32:92:9e:dc:
55:23:ff:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUccs/DLrXZJ5fajOXgcGM0IF8ttwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMjBaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNkZTE3ZGRlNWVhNDI2NmU5ZWJiYTgxMDZjZTAzYTcwMDRlZGE3YWNjMThl
OTZmOGQ0ZGFkNzMzZjYyYWE2ODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXLjU21n+cpMUiOzBnA/qO/OZxJIHpDSVSjc5rqDTi8SNUnpWgEllm5p61w
P5oCzvVIN5+7mr0UhNBbN9xmVCjlJFTibBgz3u0PuklbiSL4bU+oIKRVjhXmI8jC
a35A25/oF2Y1nrDkqA9nTs6w6Ov366x3K5Fxwj0Orb9PnhS/2sFgEL9pCv2BCKKS
4xkVNSiWkqIoy4OPpL2xWchU6gnauiR3ju5loNjNfvjDbeNG4C5bWLspZq2n16Da
MSlB424dbP97/wbqtvgW2JDtLyf7Eb66yt5oEGE1NsC7+6hXS3j/tDnueKq788Ua
De4alkC66kJgP9tzTpRI6Dx1gGcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3DivN
S0tM/g9HnW5n7vhq/ti11TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQAZmD5TqSJ/IYVMMOxY9b9wa+0aRxamhVrXenF45wwn
MU/w4U9u95MGi67ZkW90ErHZBYFJb9nitqwh4jYTqwJBlJUvF3Y9zWdgJZcj6sal
atwLHy89v/6BTxaiN/kAEwkVzIK4jxw3uU97C2NYxdLove8HVUBcAlDeEnul3mIG
4iwoLr51Hr8dYXo6AJaASFxuJ6xkcbqwjIIrdo0rxF5Kc/Un0GkFQWK99YAaaVDb
hdTeqG2BIWAocgEk4Xf7iybPhtE22lJaY+cMR1BxPceN3OgKoLt9ER4ak7OGdkmD
g1KVGqbA6Fp9OB5lyTUX1xp+Cbk/ZjRNjDKSntxVI//d
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:18 2025 by rpki-client