Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: RB+efj76Kngae5ylY5KilBpOt/9spsT6Tf+fH3yYp3c=
Subject key identifier: BE:43:F9:E5:FF:1A:C9:59:C3:55:B0:87:6A:EC:59:8E:0E:B4:B2:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FCE7D6E571036F7EBFFB2243BB46FE4FB1AAFB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Mon 29 Sep 2025 15:40:07 +0000
ROA not before: Mon 29 Sep 2025 15:40:07 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:ce:7d:6e:57:10:36:f7:eb:ff:b2:24:3b:b4:6f:e4:fb:1a:af:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:07 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=77de8d29e449a00ed63bae5d1ad7f9b1286716e0d06bf88e29b6386ef5669d5b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2f:6d:37:c9:07:7c:2c:0d:b3:d6:1e:71:c3:
e2:85:ba:90:c3:ac:0b:75:a2:c3:1a:04:df:aa:b5:
58:a9:e2:e0:12:02:ff:40:cb:26:22:8b:f4:eb:de:
13:63:4f:ea:45:a1:b0:2d:46:3c:b1:9e:97:7d:3c:
98:e9:6b:fc:b7:d3:a9:62:be:1d:de:24:44:cf:4b:
2c:8b:13:61:d4:93:43:d6:16:ef:95:20:fd:97:c6:
8a:1f:b1:94:b9:53:a9:9f:60:fb:8a:b2:05:47:cf:
27:7f:b8:a5:9e:3b:b2:b4:d5:fa:c2:1e:6d:52:91:
4d:3f:72:a4:74:a9:e4:cc:2f:df:ba:fb:32:6c:3a:
d4:4f:a7:ac:c2:df:eb:df:29:93:3d:4a:66:4d:04:
3f:f2:fa:2e:c2:92:41:a1:17:14:ff:46:06:5e:63:
99:df:9e:ab:04:f6:20:c9:ca:2a:07:7e:70:b1:7d:
16:aa:5a:d8:c5:e5:cc:c0:ba:2d:c3:8a:06:ea:0b:
f9:3b:fa:3e:72:1f:c4:fe:15:32:3b:a0:08:36:35:
a9:30:78:69:68:9d:4c:1a:62:85:5a:e0:da:30:71:
0c:49:da:b3:25:8e:98:8c:00:93:41:c5:11:b6:f4:
2f:13:18:63:41:a4:25:b2:1b:e0:10:61:f6:89:e9:
3a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:43:F9:E5:FF:1A:C9:59:C3:55:B0:87:6A:EC:59:8E:0E:B4:B2:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
18:4d:a7:bb:f5:66:4c:ec:66:0f:5f:da:a2:8f:c9:8f:69:6e:
46:01:92:15:be:d3:a2:f2:1d:01:98:08:46:82:69:f7:ae:38:
58:f8:7c:43:8a:97:9d:e9:49:71:c4:e3:e8:10:d8:67:6b:47:
fa:eb:42:24:90:78:d1:7c:5f:2b:cc:87:3b:b6:de:ae:f7:76:
70:84:da:12:32:cc:43:2b:b1:46:67:2c:a5:64:0b:ca:3c:63:
92:1e:fb:2f:67:13:9e:41:9a:c9:5a:3b:9f:0a:cb:2a:82:51:
0b:93:6e:4c:81:18:57:12:f6:b4:71:d3:1c:17:c6:77:69:0a:
a4:f6:63:b6:81:42:72:7d:a7:89:ed:bc:52:f7:0f:60:a9:93:
b0:9c:97:bf:fd:ec:d7:a1:97:5e:93:b0:a2:55:7e:b4:50:10:
ec:b4:54:d0:87:95:a0:99:57:2e:5e:bc:6d:1d:2e:2f:0a:69:
61:be:c8:51:f9:c2:d1:9a:6b:63:13:9d:36:ec:27:1b:f8:0b:
e9:99:7b:f9:b9:5c:5f:08:70:43:43:1c:45:42:db:01:33:fa:
70:5c:d4:cc:52:0e:01:36:e3:9a:12:63:83:e7:f0:22:bd:ce:
82:79:1a:d3:31:e4:82:b7:6e:c5:32:0d:de:0f:79:0c:3e:6d:
f5:5f:8c:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUf859blcQNvfr/7IkO7Rv5Psar7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMDdaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3ZGU4ZDI5ZTQ0OWEwMGVkNjNiYWU1ZDFhZDdmOWIxMjg2NzE2ZTBkMDZi
Zjg4ZTI5YjYzODZlZjU2NjlkNWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8vbTfJB3wsDbPWHnHD4oW6kMOsC3WiwxoE36q1WKni4BIC/0DLJiKL9Ove
E2NP6kWhsC1GPLGel308mOlr/LfTqWK+Hd4kRM9LLIsTYdSTQ9YW75Ug/ZfGih+x
lLlTqZ9g+4qyBUfPJ3+4pZ47srTV+sIebVKRTT9ypHSp5Mwv37r7Mmw61E+nrMLf
698pkz1KZk0EP/L6LsKSQaEXFP9GBl5jmd+eqwT2IMnKKgd+cLF9Fqpa2MXlzMC6
LcOKBuoL+Tv6PnIfxP4VMjugCDY1qTB4aWidTBpihVrg2jBxDEnasyWOmIwAk0HF
Ebb0LxMYY0GkJbIb4BBh9onpOiMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS+Q/nl
/xrJWcNVsIdq7FmODrSyoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAGE2nu/VmTOxmD1/aoo/Jj2luRgGSFb7TovIdAZgI
RoJp9644WPh8Q4qXnelJccTj6BDYZ2tH+utCJJB40XxfK8yHO7bervd2cITaEjLM
QyuxRmcspWQLyjxjkh77L2cTnkGayVo7nwrLKoJRC5NuTIEYVxL2tHHTHBfGd2kK
pPZjtoFCcn2nie28UvcPYKmTsJyXv/3s16GXXpOwolV+tFAQ7LRU0IeVoJlXLl68
bR0uLwppYb7IUfnC0ZprYxOdNuwnG/gL6Zl7+blcXwhwQ0McRULbATP6cFzUzFIO
ATbjmhJjg+fwIr3Ognka0zHkgrduxTIN3g95DD5t9V+M/Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:45 2025 by rpki-client