Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
File: 9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa (raw, json)
Hash identifier: LRmkp9sspY9fcnYEBTAmSwFwncwfZlW0/6RczGosycU=
Subject key identifier: F7:C8:26:1F:66:98:4C:36:AB:5C:FF:B9:DF:1B:B1:2E:41:CF:A5:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71769028698A377C3AAD2941A263DECD6BE6B6F6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
Signing time: Tue 21 Oct 2025 14:50:43 +0000
ROA not before: Tue 21 Oct 2025 14:50:43 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.50.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:76:90:28:69:8a:37:7c:3a:ad:29:41:a2:63:de:cd:6b:e6:b6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:43 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=7d50ab5915b67cada227f7107383dc52a5c37f4648922ecb5b8c8ae631c642e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:df:1c:a0:2c:fe:69:f1:6d:85:42:fd:52:61:
34:e5:37:a7:b3:fd:e4:54:35:72:a3:d1:78:e9:bd:
af:d4:0e:c3:56:26:26:63:c5:fb:70:c1:08:14:fa:
39:ad:19:a1:e6:1c:cf:79:85:bb:a5:8c:d8:bd:c5:
2f:d5:37:4a:18:88:9b:13:dd:f1:be:cf:5c:08:3f:
4e:6e:91:4f:62:43:be:47:47:d0:d8:4c:0c:9f:82:
71:12:41:7b:0d:c8:6e:36:c1:3c:ce:62:f2:83:e8:
3d:74:6c:45:4e:49:03:08:84:b1:10:cb:ca:0f:ad:
71:e4:1e:4d:8c:3f:36:c7:ea:11:e3:9c:3a:49:a0:
4e:e9:a1:e8:43:da:6a:b6:e3:0f:d6:4d:97:d6:0f:
49:ae:eb:9d:dc:8d:35:76:5b:75:4a:7e:32:bd:76:
78:2f:36:5d:5e:f2:e5:9e:8c:6c:28:80:9d:62:df:
2f:2f:cd:4a:12:5b:e2:7a:79:4a:8a:1a:0c:f3:95:
1d:80:1f:fd:fb:72:c3:30:23:79:74:01:3e:aa:05:
e5:83:b7:bf:8f:1e:50:c3:3b:ae:9e:e5:f0:95:c7:
42:bd:fa:25:1f:b1:46:48:9f:66:bc:39:66:a7:6b:
ea:14:02:71:f3:64:08:54:7b:92:94:6c:c5:d8:4a:
ef:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C8:26:1F:66:98:4C:36:AB:5C:FF:B9:DF:1B:B1:2E:41:CF:A5:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9eb7dfb3-5cb3-484a-b550-418fc540ea28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.50.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:21:11:11:45:92:bc:19:a3:60:dc:fb:1d:52:9e:59:fe:f9:
6c:db:9f:83:c1:5f:e0:33:31:b9:32:49:e9:06:75:9a:df:79:
9d:3e:f7:91:2a:2a:42:6b:47:a0:90:db:01:63:dd:f9:af:ea:
b4:67:d0:86:53:67:f9:da:6d:f5:18:57:33:91:a6:5b:66:2f:
f0:f5:b3:3b:70:d4:8b:d3:a6:49:b6:1a:d2:bc:cd:69:54:70:
82:ab:f8:da:7f:a5:14:37:4d:9d:b0:af:9d:7b:a7:ec:ee:85:
f9:e6:94:22:7d:fa:f2:58:6e:d8:5e:3f:ad:7f:e4:e9:9e:ef:
e9:4a:e5:f8:2a:9b:9d:45:ce:65:d9:f4:df:8f:2d:76:3e:66:
b4:ab:13:b0:1c:92:46:b6:46:f6:b4:96:56:d3:a9:d1:21:df:
ec:aa:8e:c6:69:ce:38:ad:74:e5:6b:29:a1:f1:e6:ba:02:23:
5a:8d:f1:95:d6:7b:cb:d2:c9:2a:e4:9d:2e:75:48:3e:dd:40:
5d:8b:c0:35:c9:08:d6:76:55:b2:2a:ea:63:87:fb:d8:9a:a2:
a2:ba:db:0a:90:07:42:ac:82:2f:e5:89:51:a3:5d:d4:4c:9f:
0e:7e:5c:af:46:65:ff:b2:63:11:88:51:da:ca:4a:be:f2:f9:
08:3f:4d:2a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcXaQKGmKN3w6rSlBomPezWvmtvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwNDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdkNTBhYjU5MTViNjdjYWRhMjI3ZjcxMDczODNkYzUyYTVjMzdmNDY0ODky
MmVjYjViOGM4YWU2MzFjNjQyZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnfHKAs/mnxbYVC/VJhNOU3p7P95FQ1cqPReOm9r9QOw1YmJmPF+3DBCBT6
Oa0ZoeYcz3mFu6WM2L3FL9U3ShiImxPd8b7PXAg/Tm6RT2JDvkdH0NhMDJ+CcRJB
ew3IbjbBPM5i8oPoPXRsRU5JAwiEsRDLyg+tceQeTYw/NsfqEeOcOkmgTumh6EPa
arbjD9ZNl9YPSa7rndyNNXZbdUp+Mr12eC82XV7y5Z6MbCiAnWLfLy/NShJb4np5
SooaDPOVHYAf/ftywzAjeXQBPqoF5YO3v48eUMM7rp7l8JXHQr36JR+xRkifZrw5
Zqdr6hQCcfNkCFR7kpRsxdhK76kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT3yCYf
ZphMNqtc/7nfG7EuQc+l4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWViN2RmYjMtNWNiMy00ODRhLWI1NTAtNDE4ZmM1NDBlYTI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMyMA0G
CSqGSIb3DQEBCwUAA4IBAQCxIRERRZK8GaNg3PsdUp5Z/vls25+DwV/gMzG5Mknp
BnWa33mdPveRKipCa0egkNsBY935r+q0Z9CGU2f52m31GFczkaZbZi/w9bM7cNSL
06ZJthrSvM1pVHCCq/jaf6UUN02dsK+de6fs7oX55pQiffryWG7YXj+tf+Tpnu/p
SuX4KpudRc5l2fTfjy12Pma0qxOwHJJGtkb2tJZW06nRId/sqo7Gac44rXTlaymh
8ea6AiNajfGV1nvL0skq5J0udUg+3UBdi8A1yQjWdlWyKupjh/vYmqKiutsKkAdC
rIIv5YlRo13UTJ8OflyvRmX/smMRiFHaykq+8vkIP00q
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:32:08 2025 by rpki-client