Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: 2vgS2d+qB9Z/GqhH9zTRZOFfxHFSUCbb8K6D9PuKcEU=
Subject key identifier: E0:A2:51:58:E2:83:77:AA:F8:51:66:17:1B:58:6B:A0:71:34:D8:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 188B82A0B3E93C12A3DDBBEEB7387BAFB570365D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Fri 31 Oct 2025 02:00:19 +0000
ROA not before: Fri 31 Oct 2025 02:00:19 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:8b:82:a0:b3:e9:3c:12:a3:dd:bb:ee:b7:38:7b:af:b5:70:36:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:19 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=8e1ddb3d329d5769aa1eb08ef48299c4e53960f7ce11e19894b9a5a438eb6b56, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:a4:7d:c3:83:db:c9:ec:17:8b:d9:28:cb:8c:
73:e8:18:5d:2a:f3:85:15:eb:b1:9e:41:20:83:9f:
d3:19:61:99:bc:aa:dc:60:63:0c:d0:54:8d:da:c7:
aa:14:71:3a:bf:a3:ba:e6:6a:57:f3:9b:ca:84:57:
7d:6c:5d:bc:bd:34:c3:8e:57:d0:d8:06:61:d6:c6:
71:3d:8a:7e:53:1d:49:97:de:ef:83:f4:fb:68:bf:
21:21:7b:e7:50:38:2a:df:3b:a9:53:f6:4d:5d:a8:
3e:07:75:92:a6:78:f9:fe:5f:d3:91:77:03:f0:61:
de:94:1f:62:bd:1f:67:05:b4:a9:db:84:9a:71:99:
c8:81:8d:9b:ce:06:7b:24:7a:35:73:43:13:76:89:
a4:55:58:09:31:3e:ce:1f:7c:08:77:22:d7:d9:d4:
79:20:9d:a1:53:58:12:88:48:8f:bc:0d:55:8c:7e:
1e:dd:2c:a4:e1:9a:43:0a:1c:a4:97:4c:9b:00:40:
ac:b9:87:79:f3:93:b5:2d:0a:e1:63:09:a7:74:27:
59:73:ea:5a:d6:3d:d2:1e:56:6b:00:d0:c6:d7:16:
1d:4a:bf:d6:b5:aa:41:14:4f:2e:d3:8e:f4:4b:fd:
4a:d3:6a:a1:2c:1f:10:94:5c:c5:dd:d4:92:8a:55:
05:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A2:51:58:E2:83:77:AA:F8:51:66:17:1B:58:6B:A0:71:34:D8:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b8:be:50:5b:df:0a:bd:84:9b:c6:cf:6b:66:85:d7:57:b3:5d:
b2:66:ae:79:01:44:34:53:ad:52:73:03:56:5e:27:1c:b4:3e:
31:3b:46:3a:53:7f:ea:bb:10:98:3f:b7:63:3b:9d:18:91:19:
53:35:7b:62:bf:06:a8:51:48:f3:7d:b7:4c:d4:4f:bd:c6:48:
89:de:c6:bb:34:82:9f:fc:f0:91:2c:cc:c4:c2:d6:d9:38:d3:
a8:d9:74:8f:89:63:20:b8:d8:d4:4d:25:84:54:e7:b8:f2:e5:
2a:a7:2b:4e:c0:2d:cb:71:9a:f3:59:19:3c:1e:e1:d8:42:96:
2b:bf:3f:16:97:31:35:75:cc:94:91:5c:7a:94:74:56:df:1e:
72:9c:b9:37:b3:7a:8b:b8:72:52:a3:ab:28:5f:2b:25:b2:13:
75:0d:59:bf:94:13:12:e1:26:29:57:e3:f2:25:aa:91:02:41:
00:6d:0c:58:07:de:e2:47:65:77:bf:97:1e:59:83:d0:18:18:
2f:8e:c3:c3:ce:e7:4d:13:fc:8a:b9:28:e4:35:5d:32:ce:55:
bb:36:0e:41:d5:7f:28:c1:84:76:9d:bb:da:2a:d3:8b:60:e5:
6d:bc:3c:b0:37:83:74:31:41:51:c0:0c:ea:85:0b:b1:51:b6:
7e:2e:e5:4d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGIuCoLPpPBKj3bvutzh7r7VwNl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMTlaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMWRkYjNkMzI5ZDU3NjlhYTFlYjA4ZWY0ODI5OWM0ZTUzOTYwZjdjZTEx
ZTE5ODk0YjlhNWE0MzhlYjZiNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPykfcOD28nsF4vZKMuMc+gYXSrzhRXrsZ5BIIOf0xlhmbyq3GBjDNBUjdrH
qhRxOr+juuZqV/ObyoRXfWxdvL00w45X0NgGYdbGcT2KflMdSZfe74P0+2i/ISF7
51A4Kt87qVP2TV2oPgd1kqZ4+f5f05F3A/Bh3pQfYr0fZwW0qduEmnGZyIGNm84G
eyR6NXNDE3aJpFVYCTE+zh98CHci19nUeSCdoVNYEohIj7wNVYx+Ht0spOGaQwoc
pJdMmwBArLmHefOTtS0K4WMJp3QnWXPqWtY90h5WawDQxtcWHUq/1rWqQRRPLtOO
9Ev9StNqoSwfEJRcxd3UkopVBVUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgolFY
4oN3qvhRZhcbWGugcTTYMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQC4vlBb3wq9hJvGz2tmhddXs12yZq55AUQ0U61ScwNW
XicctD4xO0Y6U3/quxCYP7djO50YkRlTNXtivwaoUUjzfbdM1E+9xkiJ3sa7NIKf
/PCRLMzEwtbZONOo2XSPiWMguNjUTSWEVOe48uUqpytOwC3LcZrzWRk8HuHYQpYr
vz8WlzE1dcyUkVx6lHRW3x5ynLk3s3qLuHJSo6soXyslshN1DVm/lBMS4SYpV+Py
JaqRAkEAbQxYB97iR2V3v5ceWYPQGBgvjsPDzudNE/yKuSjkNV0yzlW7Ng5B1X8o
wYR2nbvaKtOLYOVtvDywN4N0MUFRwAzqhQuxUbZ+LuVN
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:28 2025 by rpki-client