Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: sxQL7Kc55LbQkogkWUWjYtYvZFVFhQS4EKzH0qA/CBQ=
Subject key identifier: 5E:76:E9:91:31:C2:35:6B:29:11:8B:97:19:5D:73:FD:24:17:AF:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21C557A1BA6F738BC8D8C42C6B587F30DD99FC57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Fri 26 Sep 2025 20:20:01 +0000
ROA not before: Fri 26 Sep 2025 20:20:01 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c5:57:a1:ba:6f:73:8b:c8:d8:c4:2c:6b:58:7f:30:dd:99:fc:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:01 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=9055f0a7a62bdfddd1b4a5f8575abb7c1b07f91f14b86d997359b4104e554bae, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:37:bc:63:bb:52:cf:99:fe:89:1c:26:97:0c:
b9:25:c3:68:56:ab:85:75:63:c4:fe:d2:1c:9e:28:
a3:7c:59:4c:65:ff:1d:41:58:27:87:60:aa:53:8a:
32:47:79:93:55:6b:7a:bd:72:f1:a9:3d:a7:11:81:
cc:88:92:43:21:76:31:32:fc:15:d2:79:5b:2e:c7:
e2:22:39:35:6e:da:cd:3f:54:be:2c:33:9b:a0:0a:
3b:7c:3c:1c:5d:13:ea:28:81:cf:96:14:14:ab:38:
35:9a:46:10:d1:9c:a2:56:09:cf:df:4d:03:4d:3e:
22:fa:fd:3c:c4:2e:5c:9d:bb:71:1a:34:1e:96:ae:
9c:da:fe:62:34:90:b9:ac:9b:dd:c3:45:3d:bf:63:
ce:c6:21:f5:3c:7e:bd:5f:ba:65:30:a6:af:c6:00:
1d:3d:be:ef:0d:66:f8:db:02:53:26:5c:04:6c:a9:
ea:2d:ec:00:8f:21:be:a1:7f:ed:8b:44:a4:48:f9:
b6:f6:2d:b3:2e:54:82:76:8f:dd:45:a2:f7:50:81:
11:7d:a9:fc:f1:a8:0a:62:25:63:e9:76:d1:57:32:
2e:d9:46:fe:8e:a7:13:dd:34:b6:74:3d:94:b4:61:
1f:d8:dd:b2:1b:06:f4:1b:d9:a4:f9:bf:47:74:9b:
22:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:76:E9:91:31:C2:35:6B:29:11:8B:97:19:5D:73:FD:24:17:AF:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:62:81:52:f3:a2:83:23:87:f5:e4:17:7c:6a:ee:f6:76:a4:
81:8c:9c:cc:5b:f5:0d:2e:7b:23:d6:d9:53:3d:82:4b:80:16:
eb:06:23:50:3c:37:24:61:3a:b6:09:8f:81:86:96:d2:39:89:
81:c1:b3:e4:aa:3e:9f:e3:ac:59:59:3c:66:2d:52:76:59:c9:
a4:9c:e3:ba:b7:67:92:a3:e2:aa:d0:05:ad:5f:3c:1f:1d:5e:
53:5d:3d:78:f2:09:d0:40:74:41:c6:e4:38:59:49:0e:b1:de:
ef:42:c7:20:0a:28:e2:27:5d:b1:c4:41:1b:69:ca:e7:9b:bb:
73:2f:4a:3b:a3:82:08:32:81:a6:05:cd:5e:8a:e6:6a:29:7e:
87:0d:3f:4c:b8:b3:47:30:60:8e:98:d8:94:a9:a4:a2:0a:14:
3b:f4:55:2c:bf:46:f6:ed:e7:cb:3f:49:95:e7:04:18:5a:21:
22:0a:49:86:81:fe:2a:60:eb:c1:10:d4:ee:43:69:92:24:a0:
62:05:a2:72:bd:3d:b0:fd:0a:e4:39:04:b2:ab:e5:7d:33:ec:
9e:17:4c:44:02:b8:6d:f1:10:35:c3:1d:19:1f:33:ff:28:04:
c1:4c:43:ae:62:0a:1b:1e:54:9e:fe:b0:73:38:e1:9f:ff:1d:
21:68:5a:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIcVXobpvc4vI2MQsa1h/MN2Z/FcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkwNTVmMGE3YTYyYmRmZGRkMWI0YTVmODU3NWFiYjdjMWIwN2Y5MWYxNGI4
NmQ5OTczNTliNDEwNGU1NTRiYWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKA3vGO7Us+Z/okcJpcMuSXDaFarhXVjxP7SHJ4oo3xZTGX/HUFYJ4dgqlOK
Mkd5k1Vrer1y8ak9pxGBzIiSQyF2MTL8FdJ5Wy7H4iI5NW7azT9Uviwzm6AKO3w8
HF0T6iiBz5YUFKs4NZpGENGcolYJz99NA00+Ivr9PMQuXJ27cRo0HpaunNr+YjSQ
uayb3cNFPb9jzsYh9Tx+vV+6ZTCmr8YAHT2+7w1m+NsCUyZcBGyp6i3sAI8hvqF/
7YtEpEj5tvYtsy5UgnaP3UWi91CBEX2p/PGoCmIlY+l20VcyLtlG/o6nE900tnQ9
lLRhH9jdshsG9BvZpPm/R3SbIq0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRedumR
McI1aykRi5cZXXP9JBevEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQAZYoFS86KDI4f15Bd8au72dqSBjJzMW/UNLnsj1tlT
PYJLgBbrBiNQPDckYTq2CY+BhpbSOYmBwbPkqj6f46xZWTxmLVJ2WcmknOO6t2eS
o+Kq0AWtXzwfHV5TXT148gnQQHRBxuQ4WUkOsd7vQscgCijiJ12xxEEbacrnm7tz
L0o7o4IIMoGmBc1eiuZqKX6HDT9MuLNHMGCOmNiUqaSiChQ79FUsv0b27efLP0mV
5wQYWiEiCkmGgf4qYOvBENTuQ2mSJKBiBaJyvT2w/QrkOQSyq+V9M+yeF0xEArht
8RA1wx0ZHzP/KATBTEOuYgobHlSe/rBzOOGf/x0haFqQ
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:00:26 2025 by rpki-client