Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
File: cf51afdd-468d-4999-b2cd-4c6517505aee.roa (raw, json)
Hash identifier: C0EPy6m1UlFhNY7rrsmLzBeibdmtrBJC2PpqWupwqUs=
Subject key identifier: 07:64:80:B7:C8:DC:50:C8:CD:04:D2:5E:D7:8B:9D:54:71:73:3C:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44AC56852D805381F69AE9B87BF537107F23ABDE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
Signing time: Tue 21 Oct 2025 14:50:07 +0000
ROA not before: Tue 21 Oct 2025 14:50:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.202.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ac:56:85:2d:80:53:81:f6:9a:e9:b8:7b:f5:37:10:7f:23:ab:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6764137618b631035ea40fa6617021601c34121c117421c706ce7a0bc20a0c7a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:aa:fe:c6:08:b5:1e:ea:be:63:bf:ee:5f:2e:
2b:66:af:9d:9f:f4:91:47:ba:b7:64:e7:b9:81:57:
ec:ea:1a:96:1d:86:75:b0:01:bb:1d:59:5f:76:dc:
5a:9f:15:6a:2c:e1:73:24:ef:08:51:12:2e:da:91:
3a:cb:73:a9:8b:16:ad:b6:4d:f9:31:e2:56:bf:75:
af:31:59:da:a5:5b:34:04:bc:46:d6:8f:4d:1b:e4:
5d:01:a9:d5:21:77:06:a2:56:ea:08:17:49:a0:b8:
03:1d:5c:bb:28:08:df:8a:cd:e7:b2:88:08:73:c6:
00:33:b9:3e:52:2e:5d:dd:05:41:47:d0:73:52:c1:
7c:53:db:6e:d9:91:fa:46:4f:b3:b6:34:45:27:e4:
b0:37:62:ea:ea:dd:2d:5a:56:2e:14:e0:23:f1:7f:
43:d6:aa:38:e4:d0:fd:a9:c3:4c:43:9d:ad:d6:ba:
f7:be:5e:34:05:cb:d5:7c:e1:21:5b:fa:f8:51:27:
20:60:51:a8:1d:e5:9a:e6:ec:d9:32:6d:87:12:16:
5b:31:69:d4:ba:f1:2a:2e:8d:00:d0:4a:84:d8:6c:
1b:7c:11:29:3d:16:bf:74:84:75:8f:0a:a3:5f:ab:
2e:12:02:3f:86:e3:22:38:77:44:81:a9:93:35:da:
48:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:64:80:B7:C8:DC:50:C8:CD:04:D2:5E:D7:8B:9D:54:71:73:3C:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cf51afdd-468d-4999-b2cd-4c6517505aee.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.202.0.0/15
Signature Algorithm: sha256WithRSAEncryption
0f:fe:98:c4:7c:97:9c:50:6d:2e:63:07:4f:e4:65:3d:1c:a4:
e6:36:df:02:f0:82:1c:9e:02:69:70:ed:7d:cf:83:0e:ff:c0:
c2:a4:5b:42:25:b5:03:c5:43:d1:e2:5e:2e:b3:b1:dc:19:62:
05:d8:62:70:b2:88:af:aa:ad:f0:be:7f:b1:b6:59:4c:3b:cd:
fe:ad:9f:35:20:13:80:54:1e:c1:14:a0:17:c1:0a:c0:86:0c:
81:7b:18:b1:0e:5b:35:42:d2:1d:b4:08:00:d7:cb:17:12:5c:
06:a0:7a:1c:07:87:9a:83:bf:c7:c6:82:78:32:11:d0:69:6b:
2f:06:a1:1d:4b:4b:4e:94:07:a6:9b:5e:c3:5b:2d:66:45:cb:
f4:8a:49:e1:2b:d1:c3:14:aa:7b:94:24:ec:67:48:0d:51:6d:
b0:c8:a9:ba:84:7e:12:c4:fe:0c:b5:bb:78:b7:ad:30:43:08:
98:0b:fb:c2:9d:1e:2e:24:68:f4:9f:84:2b:d8:13:04:0d:de:
26:89:f8:42:6a:d3:e2:ed:3e:16:17:39:4a:23:34:d0:a1:9e:
c4:c7:c0:00:b0:d2:72:ce:6a:e0:3f:c2:29:91:54:9e:c6:22:
8f:6a:0f:3b:c8:00:5f:1a:91:82:54:87:b8:52:fe:ee:9e:4a:
95:a6:6e:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURKxWhS2AU4H2mum4e/U3EH8jq94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY3NjQxMzc2MThiNjMxMDM1ZWE0MGZhNjYxNzAyMTYwMWMzNDEyMWMxMTc0
MjFjNzA2Y2U3YTBiYzIwYTBjN2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOiq/sYItR7qvmO/7l8uK2avnZ/0kUe6t2TnuYFX7Ooalh2GdbABux1ZX3bc
Wp8VaizhcyTvCFESLtqROstzqYsWrbZN+THiVr91rzFZ2qVbNAS8RtaPTRvkXQGp
1SF3BqJW6ggXSaC4Ax1cuygI34rN57KICHPGADO5PlIuXd0FQUfQc1LBfFPbbtmR
+kZPs7Y0RSfksDdi6urdLVpWLhTgI/F/Q9aqOOTQ/anDTEOdrda6975eNAXL1Xzh
IVv6+FEnIGBRqB3lmubs2TJthxIWWzFp1LrxKi6NANBKhNhsG3wRKT0Wv3SEdY8K
o1+rLhICP4bjIjh3RIGpkzXaSH0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHZIC3
yNxQyM0E0l7Xi51UcXM8GzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2Y1MWFmZGQtNDY4ZC00OTk5LWIyY2QtNGM2NTE3NTA1YWVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPKMA0G
CSqGSIb3DQEBCwUAA4IBAQAP/pjEfJecUG0uYwdP5GU9HKTmNt8C8IIcngJpcO19
z4MO/8DCpFtCJbUDxUPR4l4us7HcGWIF2GJwsoivqq3wvn+xtllMO83+rZ81IBOA
VB7BFKAXwQrAhgyBexixDls1QtIdtAgA18sXElwGoHocB4eag7/HxoJ4MhHQaWsv
BqEdS0tOlAemm17DWy1mRcv0iknhK9HDFKp7lCTsZ0gNUW2wyKm6hH4SxP4Mtbt4
t60wQwiYC/vCnR4uJGj0n4Qr2BMEDd4mifhCatPi7T4WFzlKIzTQoZ7Ex8AAsNJy
zmrgP8IpkVSexiKPag87yABfGpGCVIe4Uv7unkqVpm4u
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:39:22 2025 by rpki-client