Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json)
Hash identifier: ZSpYSoncQtHA3NqQM/Vjzl5bT+5aul0A02C3g4eKwgg=
Subject key identifier: 62:FF:3A:5E:76:DA:88:CF:66:57:97:01:64:99:C8:09:63:F8:67:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 04E56DF20BF61021E52B8F1B2B72EF3C5B890452
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
Signing time: Fri 24 Oct 2025 00:40:25 +0000
ROA not before: Fri 24 Oct 2025 00:40:25 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:e5:6d:f2:0b:f6:10:21:e5:2b:8f:1b:2b:72:ef:3c:5b:89:04:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:25 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=4a4b0cc15c91f25d86647a539195da825c098fb943b0b14fd91e024d39a8bbd3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c6:cc:a0:62:01:5f:c1:a0:1d:f8:42:20:77:
d2:63:32:29:06:1d:01:93:5e:03:07:86:ce:ae:e6:
14:4a:6e:a8:32:74:3b:48:a3:9c:3d:62:97:00:eb:
10:b4:7c:ff:a4:2b:36:da:c7:8f:17:89:18:bf:24:
c4:fe:89:cd:3b:9f:21:14:59:de:f0:b1:00:24:e9:
60:fe:08:a8:83:41:27:8e:80:e0:b3:f1:eb:6f:6c:
5d:ca:24:88:77:a0:70:c1:22:50:80:35:d6:35:58:
a7:53:75:a1:0d:0f:64:ce:5c:6c:6b:81:95:c6:cd:
1b:cb:27:a0:b1:fb:03:23:a5:ac:a4:91:6b:56:c4:
27:13:2e:4f:62:30:58:a2:da:8c:73:3e:9c:80:d4:
fc:58:7e:97:58:ee:52:f4:89:70:c6:77:87:11:7a:
cb:e3:c0:16:20:e4:3e:f4:3d:74:d7:b2:5a:85:cb:
31:c2:3b:e1:31:8b:6e:c4:b8:02:ce:14:b2:5d:8f:
84:37:34:b4:05:06:ed:41:99:d2:3a:0f:54:ec:d8:
13:d7:83:0d:a7:a1:4a:12:6f:8f:14:dc:51:2d:cb:
64:d1:0a:f0:ca:a8:19:30:81:d1:61:f6:77:66:ee:
ac:19:b3:6f:ef:17:f2:c8:d3:bb:3b:51:a7:5b:97:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FF:3A:5E:76:DA:88:CF:66:57:97:01:64:99:C8:09:63:F8:67:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8b:36:76:01:a4:3d:fb:ad:79:a3:de:00:96:ea:14:51:ef:8b:
d4:8a:28:77:74:ec:49:6b:76:1c:a4:b5:b6:7c:66:cd:f9:d4:
09:97:3c:0d:ad:68:28:1d:b1:36:39:22:eb:f6:6d:a9:1a:bd:
27:c6:52:d7:99:af:8b:68:59:b9:05:53:a8:f0:b1:28:cc:1a:
6d:0f:8e:d4:74:e7:c6:13:78:23:75:7b:f6:32:9a:d4:d8:b8:
76:c2:59:0d:0a:12:01:bc:4c:e5:df:1b:85:05:cd:48:8b:92:
1c:ac:f9:fa:32:e5:bb:14:be:ff:0a:8d:ca:44:4c:e6:af:34:
b2:df:c0:90:ca:e8:ca:2f:5c:e9:9e:60:6a:e7:be:bd:4b:f6:
22:db:8e:33:df:47:47:6d:29:9d:75:3e:2f:72:a9:fa:9d:0b:
c9:84:47:35:68:01:c5:62:de:56:ad:98:57:d5:04:5f:9f:15:
0c:d8:09:d5:f7:3f:23:b6:88:48:94:36:a4:fc:d9:e6:8d:87:
39:69:1e:65:a7:b3:cb:6f:b7:5e:f5:ae:69:6f:a4:1a:36:e6:
d9:5c:c4:cc:70:bb:3b:14:92:6a:75:9e:c1:47:a7:00:28:dd:
2c:4c:11:e0:5e:1c:fa:22:01:d9:dd:68:26:d1:31:20:c2:81:
59:01:88:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBOVt8gv2ECHlK48bK3LvPFuJBFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjVaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNGIwY2MxNWM5MWYyNWQ4NjY0N2E1MzkxOTVkYTgyNWMwOThmYjk0M2Iw
YjE0ZmQ5MWUwMjRkMzlhOGJiZDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXGzKBiAV/BoB34QiB30mMyKQYdAZNeAweGzq7mFEpuqDJ0O0ijnD1ilwDr
ELR8/6QrNtrHjxeJGL8kxP6JzTufIRRZ3vCxACTpYP4IqINBJ46A4LPx629sXcok
iHegcMEiUIA11jVYp1N1oQ0PZM5cbGuBlcbNG8snoLH7AyOlrKSRa1bEJxMuT2Iw
WKLajHM+nIDU/Fh+l1juUvSJcMZ3hxF6y+PAFiDkPvQ9dNeyWoXLMcI74TGLbsS4
As4Usl2PhDc0tAUG7UGZ0joPVOzYE9eDDaehShJvjxTcUS3LZNEK8MqoGTCB0WH2
d2burBmzb+8X8sjTuztRp1uXHc0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRi/zpe
dtqIz2ZXlwFkmcgJY/hnEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCLNnYBpD37rXmj3gCW6hRR74vUiih3dOxJa3YcpLW2
fGbN+dQJlzwNrWgoHbE2OSLr9m2pGr0nxlLXma+LaFm5BVOo8LEozBptD47UdOfG
E3gjdXv2MprU2Lh2wlkNChIBvEzl3xuFBc1Ii5IcrPn6MuW7FL7/Co3KREzmrzSy
38CQyujKL1zpnmBq5769S/Yi244z30dHbSmddT4vcqn6nQvJhEc1aAHFYt5WrZhX
1QRfnxUM2AnV9z8jtohIlDak/NnmjYc5aR5lp7PLb7de9a5pb6QaNubZXMTMcLs7
FJJqdZ7BR6cAKN0sTBHgXhz6IgHZ3Wgm0TEgwoFZAYia
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:32:05 2025 by rpki-client