Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa
File: e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa (raw, json)
Hash identifier: GNsILTTjyFKG7vVFTHRjzfN3opLtD6sKAIBRM0N8ws4=
Subject key identifier: EA:84:A6:74:5B:D4:6C:D1:9E:84:F5:10:EE:6F:1C:FF:CC:2A:89:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15D5A2829C9EB5AA7FC2669977307AC6E18A5593
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa
Signing time: Tue 21 Oct 2025 14:40:07 +0000
ROA not before: Tue 21 Oct 2025 14:40:07 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:d5:a2:82:9c:9e:b5:aa:7f:c2:66:99:77:30:7a:c6:e1:8a:55:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:07 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=063bfdef1ccde6bfd09608e518639506da9b7a1a637775ba3e92c4e47e1836e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4d:5d:c0:5e:13:4a:2b:1e:eb:32:58:09:63:
61:1f:f6:85:a7:3e:98:98:80:cf:f4:ec:6f:5c:2a:
3a:31:f9:73:22:8a:62:ca:0b:38:10:5f:e7:ad:59:
11:67:d5:5b:dc:8b:36:00:8d:d6:cc:fb:04:d1:12:
a7:88:93:88:b2:c9:91:b5:ac:8c:2e:00:6e:5d:a5:
dd:ca:3f:e6:e6:fb:e6:99:aa:bc:33:9b:64:f1:7a:
c3:e3:21:ab:8a:03:b9:30:e9:12:4e:8c:2c:91:6c:
ca:a3:eb:e5:32:df:88:ff:07:a7:85:57:e4:92:83:
11:50:a1:89:3d:9c:32:2a:00:86:df:08:d1:df:cc:
00:e0:ef:bb:7c:be:4f:6e:d5:e4:96:52:28:c1:b9:
19:b7:cd:e1:93:45:a5:16:f1:78:fd:42:58:df:ab:
5f:cf:ef:c6:a0:22:e9:49:28:ec:d5:dc:e1:ad:50:
50:01:4d:84:9d:f3:fd:44:75:bc:c5:3a:42:a6:f9:
dc:00:e3:90:ca:af:68:c4:85:3b:be:23:8a:3f:d6:
14:51:b6:8d:f5:2f:60:2f:a6:23:ff:e5:2a:96:c9:
5e:80:fc:b7:3d:c8:2d:1a:08:39:6a:70:7a:cc:08:
cd:ed:2a:a7:83:b9:da:37:56:d4:bb:22:fe:38:a6:
38:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:84:A6:74:5B:D4:6C:D1:9E:84:F5:10:EE:6F:1C:FF:CC:2A:89:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e9b59cd2-43ef-4533-a5a5-5892471ab64c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
94:14:c2:ad:2f:b5:e4:35:d7:48:7e:cb:96:93:ad:4f:2d:c6:
07:5d:e9:ca:7c:13:1d:9e:76:ce:88:8a:23:df:ff:7c:aa:7c:
81:f5:60:98:af:0f:7e:d3:76:14:ed:58:82:6f:9f:9f:97:30:
74:e7:a0:d2:db:7a:0c:6e:83:ab:cc:c2:68:52:56:83:ba:a4:
a3:4f:44:12:96:86:01:6f:18:85:04:72:22:80:d5:e9:f9:4a:
96:4e:0c:b4:fd:e8:ad:09:04:e4:0e:24:c2:9b:ad:04:5e:77:
10:9f:e6:e6:9d:c4:dd:9d:9c:73:c8:61:8b:da:c5:aa:8b:61:
a2:80:4a:cb:e5:8e:29:05:26:18:4b:db:78:7b:f8:b9:43:04:
d1:88:03:8b:99:a7:47:67:e3:fe:aa:c8:92:41:a7:b2:76:37:
6c:63:76:ef:19:f6:7f:12:41:1b:c0:ba:71:ed:b8:db:06:fc:
ee:5a:0b:b9:32:e4:ca:b9:4e:36:96:71:54:60:e2:67:18:2d:
92:11:b2:97:24:ab:3a:e3:e4:33:45:cb:a6:f2:b5:8c:95:a9:
c9:43:3c:33:a9:bb:2e:5b:0a:c9:45:12:c8:75:7c:71:c2:b8:
97:a9:93:50:77:bf:2d:f1:5a:70:68:00:5a:b9:f5:a1:d0:fd:
da:d9:14:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFdWigpyetap/wmaZdzB6xuGKVZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2M2JmZGVmMWNjZGU2YmZkMDk2MDhlNTE4NjM5NTA2ZGE5YjdhMWE2Mzc3
NzViYTNlOTJjNGU0N2UxODM2ZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJNXcBeE0orHusyWAljYR/2hac+mJiAz/Tsb1wqOjH5cyKKYsoLOBBf561Z
EWfVW9yLNgCN1sz7BNESp4iTiLLJkbWsjC4Abl2l3co/5ub75pmqvDObZPF6w+Mh
q4oDuTDpEk6MLJFsyqPr5TLfiP8Hp4VX5JKDEVChiT2cMioAht8I0d/MAODvu3y+
T27V5JZSKMG5GbfN4ZNFpRbxeP1CWN+rX8/vxqAi6Uko7NXc4a1QUAFNhJ3z/UR1
vMU6Qqb53ADjkMqvaMSFO74jij/WFFG2jfUvYC+mI//lKpbJXoD8tz3ILRoIOWpw
eswIze0qp4O52jdW1Lsi/jimOEkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqhKZ0
W9Rs0Z6E9RDubxz/zCqJMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTliNTljZDItNDNlZi00NTMzLWE1YTUtNTg5MjQ3MWFiNjRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQCUFMKtL7XkNddIfsuWk61PLcYHXenKfBMdnnbOiIoj
3/98qnyB9WCYrw9+03YU7ViCb5+flzB056DS23oMboOrzMJoUlaDuqSjT0QSloYB
bxiFBHIigNXp+UqWTgy0/eitCQTkDiTCm60EXncQn+bmncTdnZxzyGGL2sWqi2Gi
gErL5Y4pBSYYS9t4e/i5QwTRiAOLmadHZ+P+qsiSQaeydjdsY3bvGfZ/EkEbwLpx
7bjbBvzuWgu5MuTKuU42lnFUYOJnGC2SEbKXJKs64+QzRcum8rWMlanJQzwzqbsu
WwrJRRLIdXxxwriXqZNQd78t8VpwaABaufWh0P3a2RQ6
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:12:52 2025 by rpki-client