Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
File: e2093baf-9227-4159-b7ff-180369fe3bda.roa (raw, json)
Hash identifier: wtMY4WzFAeRB3egx9YnRy+EFRL8JPi+584dy0sAbK2g=
Subject key identifier: B8:46:13:47:E2:0F:44:72:A1:8E:8F:26:4B:2F:74:9D:30:A2:2E:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B7D205743D37EAD808A100FA917A455066CEE75
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
Signing time: Tue 21 Oct 2025 14:40:09 +0000
ROA not before: Tue 21 Oct 2025 14:40:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.88.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:7d:20:57:43:d3:7e:ad:80:8a:10:0f:a9:17:a4:55:06:6c:ee:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8138b0b41156c549cb018dce2a845c4476c4979ef03cb7d65454d7ae4da46a71, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f1:7c:b7:4c:e4:70:5b:7e:e2:96:6a:01:74:
d3:07:fb:ed:f4:58:3a:91:9a:29:72:38:f9:be:c9:
b3:a3:56:3b:41:3a:8a:e9:d8:10:ce:67:38:31:02:
ca:3e:8b:75:89:5a:8e:04:56:07:bf:21:e6:45:e1:
0c:e8:ff:4f:e1:2a:09:78:c9:3e:c0:37:9a:2a:41:
20:98:cd:19:39:5b:ed:dd:d9:62:81:6b:0c:a0:36:
f9:fd:9c:7a:a3:4b:bc:d3:1c:b4:f0:73:3b:f2:ff:
e0:9b:78:08:4f:55:0a:bb:42:8f:f3:4e:80:86:18:
58:1d:95:52:a8:c2:b1:fd:a4:90:68:e3:59:39:aa:
47:a4:08:19:72:30:53:53:4f:ea:12:2c:75:a6:55:
9b:66:a0:be:3a:cd:79:e6:12:18:e2:bd:2a:f5:87:
91:32:28:c0:2f:8e:83:31:be:30:fd:e3:40:26:6c:
1f:44:42:71:f6:a1:fc:72:d0:de:e3:65:20:40:34:
70:01:e9:31:ff:e6:75:5b:c7:ab:fc:d5:70:f6:8e:
94:20:7e:6c:db:b8:0e:8d:38:8b:55:79:1e:fc:35:
d8:d8:e5:23:48:02:30:82:0b:87:4a:66:45:dc:74:
4b:7b:4a:67:4f:8a:d6:2a:a8:c5:51:d9:35:04:43:
e9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:46:13:47:E2:0F:44:72:A1:8E:8F:26:4B:2F:74:9D:30:A2:2E:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e2093baf-9227-4159-b7ff-180369fe3bda.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.88.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:63:90:c9:c4:d8:2e:bc:11:2b:ae:78:fb:34:b0:4b:bf:28:
ef:c7:a8:b8:af:48:a9:4d:9a:24:4c:37:61:9e:a7:c9:47:7a:
97:4c:e4:9f:a8:f9:0e:01:cf:a1:b4:6a:c1:f1:d6:ab:97:f7:
db:42:25:05:9c:cd:9c:28:78:dd:48:e7:f6:99:c8:17:c5:08:
32:70:95:d2:0d:6d:09:25:fb:96:7b:76:92:0b:3a:db:f5:19:
d8:14:eb:b2:93:e3:13:64:b4:c8:c1:3f:87:6f:ca:f1:26:f1:
e7:dc:e8:8d:77:c8:2b:43:34:f2:87:23:88:0b:ab:83:f0:0a:
09:03:a8:6c:40:47:77:6a:60:c2:7e:3f:2e:2d:e8:98:4d:4e:
2b:0b:d4:b4:12:b3:aa:95:b7:4f:9e:b3:69:da:f4:1e:ce:e5:
f1:3a:a7:5d:61:60:47:40:ae:fb:34:58:38:b1:1e:f4:12:60:
b7:a2:c7:74:71:55:ef:3e:4c:e0:0b:7d:47:73:f0:ab:d9:ca:
1c:c2:96:72:c4:ae:b4:4c:e6:73:08:f9:d5:6b:b2:3f:f2:32:
bf:04:4e:7b:21:1c:7c:72:c0:23:89:51:8e:d3:a4:3f:98:d2:
7f:6d:e7:2e:d6:9d:01:43:40:eb:13:72:5b:f7:18:ba:83:41:
3c:fd:90:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa30gV0PTfq2AihAPqRekVQZs7nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxMzhiMGI0MTE1NmM1NDljYjAxOGRjZTJhODQ1YzQ0NzZjNDk3OWVmMDNj
YjdkNjU0NTRkN2FlNGRhNDZhNzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANHxfLdM5HBbfuKWagF00wf77fRYOpGaKXI4+b7Js6NWO0E6iunYEM5nODEC
yj6LdYlajgRWB78h5kXhDOj/T+EqCXjJPsA3mipBIJjNGTlb7d3ZYoFrDKA2+f2c
eqNLvNMctPBzO/L/4Jt4CE9VCrtCj/NOgIYYWB2VUqjCsf2kkGjjWTmqR6QIGXIw
U1NP6hIsdaZVm2agvjrNeeYSGOK9KvWHkTIowC+OgzG+MP3jQCZsH0RCcfah/HLQ
3uNlIEA0cAHpMf/mdVvHq/zVcPaOlCB+bNu4Do04i1V5Hvw12NjlI0gCMIILh0pm
Rdx0S3tKZ0+K1iqoxVHZNQRD6WsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4RhNH
4g9EcqGOjyZLL3SdMKIuBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTIwOTNiYWYtOTIyNy00MTU5LWI3ZmYtMTgwMzY5ZmUzYmRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNYMA0G
CSqGSIb3DQEBCwUAA4IBAQAbY5DJxNguvBErrnj7NLBLvyjvx6i4r0ipTZokTDdh
nqfJR3qXTOSfqPkOAc+htGrB8darl/fbQiUFnM2cKHjdSOf2mcgXxQgycJXSDW0J
JfuWe3aSCzrb9RnYFOuyk+MTZLTIwT+Hb8rxJvHn3OiNd8grQzTyhyOIC6uD8AoJ
A6hsQEd3amDCfj8uLeiYTU4rC9S0ErOqlbdPnrNp2vQezuXxOqddYWBHQK77NFg4
sR70EmC3osd0cVXvPkzgC31Hc/Cr2cocwpZyxK60TOZzCPnVa7I/8jK/BE57IRx8
csAjiVGO06Q/mNJ/becu1p0BQ0DrE3Jb9xi6g0E8/ZDm
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:33:00 2025 by rpki-client