Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
File: a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa (raw, json)
Hash identifier: e7wZf7B81MyQecWjS5JIwBQ9HefJlQedmiF9SYLo/4c=
Subject key identifier: 41:44:34:84:7D:45:C4:89:57:32:DC:32:E4:BF:C2:43:A5:D4:74:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 077005A06323F18DAE66011862FB7CE2A8BFCBF9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
Signing time: Wed 22 Oct 2025 00:50:16 +0000
ROA not before: Wed 22 Oct 2025 00:50:16 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:70:05:a0:63:23:f1:8d:ae:66:01:18:62:fb:7c:e2:a8:bf:cb:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:16 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=346ef8db4a8fef3a633688bc718488aa196d5940b64f8bde22612b7c9f1081e0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:bc:e0:5e:4a:1d:1f:eb:bb:a4:58:ba:63:
d4:81:9c:f7:33:04:f7:83:f6:33:50:39:5f:cd:ae:
42:98:97:d4:da:a8:60:aa:58:bd:2d:aa:7a:8b:7b:
25:40:79:21:85:cd:32:60:6d:95:c5:3c:e0:b7:f6:
1a:53:30:62:88:5f:07:e4:84:c3:14:01:76:d5:79:
6f:c5:54:bf:a7:a6:31:0c:00:51:fa:d3:b8:dc:82:
0e:1e:72:26:13:af:83:c2:e9:46:dc:4f:00:b4:75:
1e:6c:01:87:62:bb:64:7c:e2:b4:5b:c4:b0:47:ef:
53:70:6d:95:35:ee:35:b1:3c:02:f0:59:a2:a1:1b:
8c:c9:f1:a4:42:96:a3:74:f5:3a:e6:e7:ec:05:4c:
e4:52:d3:e4:46:6b:79:b3:4b:d8:1d:42:92:97:db:
6c:8a:d4:27:cd:a9:83:09:8d:75:9a:38:65:c6:6b:
c2:6e:8b:73:6d:7a:79:6e:13:b4:01:62:6d:f6:0a:
03:e1:0c:a9:9c:cb:10:1e:0c:69:d1:3a:04:13:7b:
d9:56:88:cd:43:62:b1:18:8c:78:66:7c:f6:c7:ff:
df:3f:9c:c6:34:cc:30:68:e4:81:ad:c1:0c:5d:2a:
e5:4b:c1:9b:61:d3:66:30:d6:2f:02:d1:b6:56:d5:
e9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:44:34:84:7D:45:C4:89:57:32:DC:32:E4:BF:C2:43:A5:D4:74:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1b27e87-801f-4c9e-98a2-f81b54e8b8d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
66:19:fd:78:fa:df:45:11:9b:71:46:3c:31:09:52:a4:7a:66:
79:54:a9:74:11:c5:d6:c4:32:b7:76:29:60:73:a1:b6:7c:f0:
04:5c:20:bd:71:28:7a:65:93:23:5b:3c:54:f6:2f:db:21:0a:
1d:fe:4a:3e:56:8b:90:f4:84:83:52:74:32:b5:dc:0c:9c:f7:
86:9d:e2:85:10:70:7f:17:0e:1c:05:b2:6d:10:ed:31:1d:70:
d8:3e:d0:5d:a5:f8:b8:5c:38:0e:df:af:31:73:fd:55:e2:34:
a8:27:b5:56:9f:59:31:1c:08:5f:a6:ab:0f:c3:0f:a4:3b:2c:
09:3e:88:74:5a:76:f5:dc:0f:a9:51:0b:af:35:de:46:16:6c:
66:22:ca:7d:c5:02:44:76:15:08:ac:4f:05:12:36:62:1b:60:
26:c7:a9:c9:3f:7e:01:35:1b:ea:6a:5d:a7:06:ba:ee:f1:75:
31:1c:f7:57:56:b9:b9:80:28:14:72:55:e7:b6:92:96:cf:d6:
52:59:41:76:12:3a:28:ed:18:61:af:87:6d:0c:32:a1:3b:32:
22:6b:1d:f6:a1:6a:8a:86:a8:d2:82:a4:21:71:91:4c:b7:2e:
32:12:d7:34:ae:4e:58:fc:46:bb:1f:e7:c4:dd:b6:14:85:0d:
95:d7:53:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB3AFoGMj8Y2uZgEYYvt84qi/y/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTZaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NmVmOGRiNGE4ZmVmM2E2MzM2ODhiYzcxODQ4OGFhMTk2ZDU5NDBiNjRm
OGJkZTIyNjEyYjdjOWYxMDgxZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMh2vOBeSh0f67ukWLpj1IGc9zME94P2M1A5X82uQpiX1NqoYKpYvS2qeot7
JUB5IYXNMmBtlcU84Lf2GlMwYohfB+SEwxQBdtV5b8VUv6emMQwAUfrTuNyCDh5y
JhOvg8LpRtxPALR1HmwBh2K7ZHzitFvEsEfvU3BtlTXuNbE8AvBZoqEbjMnxpEKW
o3T1Oubn7AVM5FLT5EZrebNL2B1CkpfbbIrUJ82pgwmNdZo4ZcZrwm6Lc216eW4T
tAFibfYKA+EMqZzLEB4MadE6BBN72VaIzUNisRiMeGZ89sf/3z+cxjTMMGjkga3B
DF0q5UvBm2HTZjDWLwLRtlbV6eUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRBRDSE
fUXEiVcy3DLkv8JDpdR0XTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFiMjdlODctODAxZi00YzllLTk4YTItZjgxYjU0ZThiOGQ5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBmGf14+t9FEZtxRjwxCVKkemZ5VKl0EcXWxDK3dilg
c6G2fPAEXCC9cSh6ZZMjWzxU9i/bIQod/ko+VouQ9ISDUnQytdwMnPeGneKFEHB/
Fw4cBbJtEO0xHXDYPtBdpfi4XDgO368xc/1V4jSoJ7VWn1kxHAhfpqsPww+kOywJ
Poh0Wnb13A+pUQuvNd5GFmxmIsp9xQJEdhUIrE8FEjZiG2Amx6nJP34BNRvqal2n
Brru8XUxHPdXVrm5gCgUclXntpKWz9ZSWUF2Ejoo7Rhhr4dtDDKhOzIiax32oWqK
hqjSgqQhcZFMty4yEtc0rk5Y/Ea7H+fE3bYUhQ2V11No
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:40 2025 by rpki-client