Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: NsZlgnCm/QPVMo/IK+1FB1J1WzeuJclaDrMyIassAIk=
Subject key identifier: 1F:1D:44:EC:C2:F2:E6:11:0A:86:BB:26:9C:EA:33:FB:35:E0:6E:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 04B45EA9E08C31A67097716E7C77324FDD02AF27
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Sat 27 Sep 2025 00:52:41 +0000
ROA not before: Sat 27 Sep 2025 00:52:41 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:b4:5e:a9:e0:8c:31:a6:70:97:71:6e:7c:77:32:4f:dd:02:af:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:41 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=bde3ad275f2d02661b50a81310a1927791b6235b24ed8248d5ae382f74cae0a0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:93:a9:69:bc:71:c0:51:6d:85:53:87:cd:9b:
b9:21:d8:22:05:1f:e2:5a:d9:ef:64:e9:70:3a:d2:
f7:fe:fb:85:2b:41:cb:b1:8d:f5:88:eb:07:27:ff:
af:b5:c0:c2:9e:c1:79:31:c0:cc:7b:c4:25:9a:eb:
9b:b4:de:62:ed:3f:af:90:8c:d7:82:a9:e5:6a:a6:
7d:67:30:7f:05:d4:5a:b5:41:6c:c2:71:23:45:85:
5c:52:82:cd:f2:ba:37:1e:43:33:1d:13:31:03:5f:
11:d7:55:e0:8d:e3:df:75:49:0d:49:00:c0:39:ce:
d2:8b:4d:03:61:1a:91:2c:9f:c8:d9:ce:07:20:90:
77:1d:2e:03:0a:85:b9:81:86:70:cb:b0:46:77:ea:
64:88:69:14:f1:66:83:77:f3:1d:78:80:5a:be:b1:
40:0c:42:33:c9:85:d4:28:69:7a:e8:17:55:03:db:
f2:47:91:84:f7:52:ba:b2:32:29:0d:57:d8:ed:bf:
d1:03:e5:72:cf:e5:6e:89:1d:32:e4:55:e0:98:36:
13:41:29:89:44:dd:b1:35:06:0f:14:74:59:06:ce:
d9:b8:9e:45:55:d7:e1:ce:40:ee:ef:29:12:95:35:
90:25:a0:d2:8d:f3:85:b5:e7:b9:b7:48:c6:4d:57:
4a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1D:44:EC:C2:F2:E6:11:0A:86:BB:26:9C:EA:33:FB:35:E0:6E:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:ac:b6:b5:02:75:44:8f:f1:85:31:64:b0:af:09:77:71:03:
34:b2:31:09:c4:e4:1e:b3:8a:ea:7e:d0:13:84:f3:f5:31:c1:
1c:e0:a8:1d:3e:17:2b:0c:48:2f:9d:13:03:37:92:8f:78:ce:
a9:49:bb:1a:f0:ff:cc:29:4f:bf:34:27:38:b6:c3:bb:55:ca:
23:98:59:37:59:e9:e3:c3:b4:f8:b6:14:03:cc:7c:de:64:d8:
8a:96:d7:4b:94:2b:e4:35:4e:a1:2c:05:38:69:e5:28:52:6e:
0d:fc:e1:f0:0f:8d:1a:52:be:eb:e3:05:2a:72:a2:24:3b:16:
ad:40:aa:59:c9:c4:5f:d9:3c:e2:50:d1:38:f4:81:00:dc:27:
ca:7d:de:1d:70:fc:f0:a7:28:0a:e1:ce:ea:60:19:3c:1d:04:
24:70:40:0f:bb:51:e8:f0:a0:bf:19:bb:21:70:3c:fe:07:41:
d7:8c:82:42:c9:45:60:63:1a:b0:d3:7c:e3:33:75:49:d4:1b:
63:47:c2:34:8a:d4:db:6e:d9:9b:21:1a:d4:7e:28:3e:30:12:
a0:81:3a:2b:91:7e:c1:d8:7b:1f:d7:90:dc:82:bf:00:25:1a:
a1:72:3b:78:f1:51:59:d0:28:61:0c:bd:58:75:b8:49:8c:af:
cf:cc:e8:68
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBLReqeCMMaZwl3FufHcyT90CrycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyNDFaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJkZTNhZDI3NWYyZDAyNjYxYjUwYTgxMzEwYTE5Mjc3OTFiNjIzNWIyNGVk
ODI0OGQ1YWUzODJmNzRjYWUwYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCTqWm8ccBRbYVTh82buSHYIgUf4lrZ72TpcDrS9/77hStBy7GN9YjrByf/
r7XAwp7BeTHAzHvEJZrrm7TeYu0/r5CM14Kp5WqmfWcwfwXUWrVBbMJxI0WFXFKC
zfK6Nx5DMx0TMQNfEddV4I3j33VJDUkAwDnO0otNA2EakSyfyNnOByCQdx0uAwqF
uYGGcMuwRnfqZIhpFPFmg3fzHXiAWr6xQAxCM8mF1ChpeugXVQPb8keRhPdSurIy
KQ1X2O2/0QPlcs/lbokdMuRV4Jg2E0EpiUTdsTUGDxR0WQbO2bieRVXX4c5A7u8p
EpU1kCWg0o3zhbXnubdIxk1XSk0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQfHUTs
wvLmEQqGuyac6jP7NeBusDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAsay2tQJ1RI/xhTFksK8Jd3EDNLIxCcTkHrOK6n7Q
E4Tz9THBHOCoHT4XKwxIL50TAzeSj3jOqUm7GvD/zClPvzQnOLbDu1XKI5hZN1np
48O0+LYUA8x83mTYipbXS5Qr5DVOoSwFOGnlKFJuDfzh8A+NGlK+6+MFKnKiJDsW
rUCqWcnEX9k84lDROPSBANwnyn3eHXD88KcoCuHO6mAZPB0EJHBAD7tR6PCgvxm7
IXA8/gdB14yCQslFYGMasNN84zN1SdQbY0fCNIrU227ZmyEa1H4oPjASoIE6K5F+
wdh7H9eQ3IK/ACUaoXI7ePFRWdAoYQy9WHW4SYyvz8zoaA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:41:26 2025 by rpki-client