Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
File: 81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa (raw, json)
Hash identifier: k60I55aLIHtgaZ8iVvKhpm2ycw7VDPHLcyF5YDcI2d8=
Subject key identifier: E2:00:9D:2D:56:89:84:29:37:0D:89:C7:C8:0E:D1:8C:7E:67:82:CB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02BB004598CA5BD60DD8C58187EA7666F2C424D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
Signing time: Wed 22 Oct 2025 00:50:19 +0000
ROA not before: Wed 22 Oct 2025 00:50:19 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:bb:00:45:98:ca:5b:d6:0d:d8:c5:81:87:ea:76:66:f2:c4:24:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:19 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=5eec2aece1a3e9daff717fbb3124adbc76c48f2fcc05c217bccc796bedfb69d3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f9:56:2f:09:a8:79:ee:a4:07:7e:1e:84:f6:
ff:05:c0:48:e6:90:f0:24:55:b2:a5:c6:7a:01:82:
13:f0:33:7e:2b:e9:c8:62:8b:29:98:f3:a1:1e:14:
59:93:82:c6:f1:11:f9:50:75:aa:2d:fe:8a:6c:d6:
bf:48:c2:69:d4:60:62:47:65:1c:48:a6:85:c2:f5:
02:76:34:39:c9:30:c8:6f:f9:3d:e0:72:d6:48:ea:
df:a0:74:6a:c0:a6:46:0f:93:f9:e5:a1:ff:02:33:
3a:43:bd:b3:52:aa:35:38:de:f6:fd:04:40:c6:16:
c6:f6:5a:92:81:48:80:80:28:5d:4e:c0:96:19:ad:
1f:a9:38:a2:e3:82:a6:bb:28:d0:17:2a:7b:08:b7:
cb:32:fe:38:b6:f1:08:bd:4c:8f:3b:a9:dc:29:c4:
c2:f8:8e:4e:76:7a:ca:11:5a:36:c3:ce:25:66:ab:
f6:c4:aa:e7:37:93:b0:f8:aa:b5:a6:d6:f6:92:2f:
19:c2:b6:17:4e:e4:1b:64:0e:92:cb:12:48:bf:f7:
86:e5:0e:cc:a9:53:b7:2d:14:72:4d:db:f2:c8:3e:
96:e0:41:80:80:e6:29:ba:68:50:a5:b4:23:9d:ee:
37:45:5e:0c:10:e8:b1:44:25:eb:56:36:b5:46:2c:
f2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:00:9D:2D:56:89:84:29:37:0D:89:C7:C8:0E:D1:8C:7E:67:82:CB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81e19e5f-8cac-4cc7-8c10-c589c96920d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.1.0/24
Signature Algorithm: sha256WithRSAEncryption
01:3e:2a:21:4a:b6:f4:66:f9:d4:4d:b1:a3:20:ff:6b:a4:66:
f3:0b:49:ea:40:3f:94:e3:40:e7:88:c1:39:80:a7:57:9e:4f:
8c:b8:ea:6d:74:ee:c4:99:f3:19:5a:c1:88:d7:3f:cf:aa:ca:
63:88:c4:34:29:83:2a:c1:4c:cb:69:f1:ae:24:9d:0c:8e:d2:
2b:3f:bf:7e:19:9e:dc:62:89:0c:b1:b3:2f:94:ce:bd:57:a5:
14:d0:37:d5:71:93:6c:ee:1c:f8:e2:85:f3:8b:60:3a:88:80:
3e:75:09:d2:93:c1:16:2a:70:67:b5:20:35:b9:0f:fb:cb:89:
a8:0f:3e:a0:c3:94:d3:f7:d7:4d:5c:94:69:f2:ba:bf:4e:fd:
86:3c:2b:83:41:31:d3:64:55:7c:1a:eb:75:1b:34:e1:3f:f6:
45:b5:94:88:65:85:76:05:4f:c2:9f:b5:0b:fb:40:61:7d:a2:
cc:69:2c:17:45:da:07:53:40:92:a2:f6:84:a6:80:be:e9:d8:
70:ee:9f:d8:c2:3c:4a:8a:e5:b0:81:11:41:9c:b5:7d:10:7a:
39:bd:18:a8:a5:fb:1d:03:90:9e:30:56:50:82:ad:9f:a9:ce:
64:fe:cb:f2:71:d7:ce:bb:96:7c:a9:dd:22:70:85:fb:dc:e9:
1f:4f:cd:a5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUArsARZjKW9YN2MWBh+p2ZvLEJNYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTlaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlZWMyYWVjZTFhM2U5ZGFmZjcxN2ZiYjMxMjRhZGJjNzZjNDhmMmZjYzA1
YzIxN2JjY2M3OTZiZWRmYjY5ZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOP5Vi8JqHnupAd+HoT2/wXASOaQ8CRVsqXGegGCE/AzfivpyGKLKZjzoR4U
WZOCxvER+VB1qi3+imzWv0jCadRgYkdlHEimhcL1AnY0OckwyG/5PeBy1kjq36B0
asCmRg+T+eWh/wIzOkO9s1KqNTje9v0EQMYWxvZakoFIgIAoXU7AlhmtH6k4ouOC
prso0Bcqewi3yzL+OLbxCL1Mjzup3CnEwviOTnZ6yhFaNsPOJWar9sSq5zeTsPiq
tabW9pIvGcK2F07kG2QOkssSSL/3huUOzKlTty0Uck3b8sg+luBBgIDmKbpoUKW0
I53uN0VeDBDosUQl61Y2tUYs8rECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTiAJ0t
VomEKTcNicfIDtGMfmeCyzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFlMTllNWYtOGNhYy00Y2M3LThjMTAtYzU4OWM5NjkyMGQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRATAN
BgkqhkiG9w0BAQsFAAOCAQEAAT4qIUq29Gb51E2xoyD/a6Rm8wtJ6kA/lONA54jB
OYCnV55PjLjqbXTuxJnzGVrBiNc/z6rKY4jENCmDKsFMy2nxriSdDI7SKz+/fhme
3GKJDLGzL5TOvVelFNA31XGTbO4c+OKF84tgOoiAPnUJ0pPBFipwZ7UgNbkP+8uJ
qA8+oMOU0/fXTVyUafK6v079hjwrg0Ex02RVfBrrdRs04T/2RbWUiGWFdgVPwp+1
C/tAYX2izGksF0XaB1NAkqL2hKaAvunYcO6f2MI8SorlsIERQZy1fRB6Ob0YqKX7
HQOQnjBWUIKtn6nOZP7L8nHXzruWfKndInCF+9zpH0/NpQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:40 2025 by rpki-client