Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: m/ArQYe4uhINuFJvWbezrN+ppGGD7wEgiXPGze9XEvU=
Subject key identifier: 28:BB:3D:FB:94:38:22:CB:FF:77:18:91:E9:73:3C:81:B0:20:15:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C34F063A805E994F7D88C0D277438DF3321C6E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Tue 21 Oct 2025 14:40:06 +0000
ROA not before: Tue 21 Oct 2025 14:40:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:34:f0:63:a8:05:e9:94:f7:d8:8c:0d:27:74:38:df:33:21:c6:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=42fd979fe6cf1bc1f31afce86602da72c3dad96a6ec0666a20e88f9cbd738462, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3d:61:50:de:e0:3d:b5:51:32:40:3a:e2:7c:
e8:54:a6:5e:58:d3:15:d3:95:d4:1a:c1:7b:cf:08:
c4:51:ae:00:5a:9c:4b:7c:65:62:16:0f:f0:dd:3d:
96:3d:61:cd:a1:ba:b5:68:6d:9f:2d:25:de:ec:d6:
41:4a:12:12:27:06:7d:bd:47:c6:a3:2e:bd:89:7f:
6e:a6:44:86:2f:2f:15:a0:9e:f4:ee:10:0b:93:a8:
1b:18:5b:12:f8:46:b3:a8:ac:1c:d3:1a:f4:34:48:
55:5f:13:40:52:d1:e8:b7:2e:c4:b4:14:7a:21:56:
48:25:0d:6b:7b:29:9e:6a:32:6e:08:ca:64:11:81:
df:e8:4e:a0:f3:e1:b4:0b:15:1e:5b:b4:93:d4:99:
da:97:f4:8f:ac:8f:4e:6d:1b:f5:2f:46:4c:b0:3b:
13:51:bc:17:cc:8d:89:0f:9a:1c:7a:74:e8:ea:07:
a8:a0:69:9a:ea:b6:27:f4:2b:4d:ac:58:cf:81:a8:
83:9b:7c:ab:b4:60:fd:86:56:3d:95:f3:be:95:8c:
c1:86:26:d2:3d:29:ee:67:20:87:ba:67:7d:37:6a:
55:6e:db:bb:93:51:e5:32:5c:71:19:25:2d:75:2f:
96:45:49:42:e0:a8:d8:64:36:d4:6e:d3:28:2f:02:
ec:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BB:3D:FB:94:38:22:CB:FF:77:18:91:E9:73:3C:81:B0:20:15:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:a5:9b:88:0a:d8:e9:5d:2a:87:32:f2:7c:05:44:24:49:13:
43:67:ec:c5:da:93:06:81:6c:d4:6c:2e:58:41:4b:fe:b8:d7:
e8:8c:ba:43:51:a7:b3:8d:82:e4:5f:05:16:5e:b5:81:e5:8c:
e9:4e:c3:cf:c4:86:a2:8e:e8:08:ad:a0:8f:92:1b:e6:d4:89:
b5:0e:e6:5c:68:eb:c7:da:90:d1:2a:4f:8a:e6:f2:54:24:56:
d4:9b:a1:a1:73:37:2d:b1:d4:5a:a4:7b:9e:e2:8d:b4:65:85:
fe:37:c1:3e:5a:73:06:ad:56:19:8a:93:fa:71:f6:9a:9b:ea:
bf:45:01:06:a8:60:f1:5b:bf:3c:fa:b7:43:5b:a6:16:2e:ea:
56:f4:c4:c7:dc:55:46:ff:22:d9:80:95:e4:82:e2:0f:19:ea:
1a:a0:dc:3c:f1:7a:ff:f2:4b:d2:43:5e:0a:74:2a:9a:49:c3:
59:54:4f:ab:31:56:b0:e8:dd:02:a4:ba:66:6d:18:e1:40:bb:
34:1d:53:1f:2c:4e:75:2c:0a:2d:e9:65:1b:3b:dd:7c:b3:90:
5a:bf:5f:66:6b:3d:a0:d5:c5:d9:c1:ac:a2:69:2a:c5:af:e6:
d5:be:b0:78:15:3e:82:0b:3b:3f:47:94:2e:2a:92:44:74:c5:
82:10:83:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULDTwY6gF6ZT32IwNJ3Q43zMhxuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyZmQ5NzlmZTZjZjFiYzFmMzFhZmNlODY2MDJkYTcyYzNkYWQ5NmE2ZWMw
NjY2YTIwZTg4ZjljYmQ3Mzg0NjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIY9YVDe4D21UTJAOuJ86FSmXljTFdOV1BrBe88IxFGuAFqcS3xlYhYP8N09
lj1hzaG6tWhtny0l3uzWQUoSEicGfb1HxqMuvYl/bqZEhi8vFaCe9O4QC5OoGxhb
EvhGs6isHNMa9DRIVV8TQFLR6LcuxLQUeiFWSCUNa3spnmoybgjKZBGB3+hOoPPh
tAsVHlu0k9SZ2pf0j6yPTm0b9S9GTLA7E1G8F8yNiQ+aHHp06OoHqKBpmuq2J/Qr
TaxYz4Gog5t8q7Rg/YZWPZXzvpWMwYYm0j0p7mcgh7pnfTdqVW7bu5NR5TJccRkl
LXUvlkVJQuCo2GQ21G7TKC8C7NcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQouz37
lDgiy/93GJHpczyBsCAVITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAlpZuICtjpXSqHMvJ8BUQkSRNDZ+zF2pMGgWzUbC5Y
QUv+uNfojLpDUaezjYLkXwUWXrWB5YzpTsPPxIaijugIraCPkhvm1Im1DuZcaOvH
2pDRKk+K5vJUJFbUm6GhczctsdRapHue4o20ZYX+N8E+WnMGrVYZipP6cfaam+q/
RQEGqGDxW788+rdDW6YWLupW9MTH3FVG/yLZgJXkguIPGeoaoNw88Xr/8kvSQ14K
dCqaScNZVE+rMVaw6N0CpLpmbRjhQLs0HVMfLE51LAot6WUbO918s5Bav19maz2g
1cXZwayiaSrFr+bVvrB4FT6CCzs/R5QuKpJEdMWCEINe
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:32:48 2025 by rpki-client