Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: 5JEqY2u96ozwG35ek8YrIXpyLZUILWT8Qk3050NU0AU=
Subject key identifier: 52:76:16:B4:75:6F:AB:1F:00:FF:1C:7D:40:84:C0:39:EC:B7:5E:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30110F66EAB325EA2BBB875716C450F3FBF0F845
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Mon 29 Sep 2025 15:40:22 +0000
ROA not before: Mon 29 Sep 2025 15:40:22 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:11:0f:66:ea:b3:25:ea:2b:bb:87:57:16:c4:50:f3:fb:f0:f8:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:22 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=6f693a2f7891a1cf490db673740e79fbb8414db68da58d6b0d1595f7565fe136, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:be:88:d6:8d:c6:25:92:44:74:1c:1f:d1:a3:
82:76:d1:3b:9c:78:f5:8c:23:ad:db:7d:3e:7a:b5:
1d:11:6c:64:95:ce:df:04:47:25:c5:52:aa:e5:13:
d8:e2:76:52:3b:70:6d:e7:6f:61:3e:3b:19:e8:8d:
f2:51:85:ec:c1:46:6c:5b:c1:4e:f2:71:b9:f4:b3:
c7:6f:15:99:42:a2:ef:d7:a2:7d:75:58:d8:c0:fa:
ae:bd:85:a9:50:0f:26:98:c6:2a:1f:a5:7f:b2:af:
1f:8c:08:cb:ba:b7:c2:ec:62:ec:a5:38:b3:3e:06:
9e:8a:54:49:0c:f0:38:20:da:5e:bb:de:1a:de:e8:
67:38:2f:64:fb:72:c9:cf:b8:33:3e:b8:26:01:12:
05:2d:b8:96:84:f3:13:a9:d8:d7:67:55:4b:f9:31:
cb:86:4b:3b:f1:07:dd:bb:02:85:2d:7c:f1:53:63:
78:04:a2:04:7f:58:5a:c8:6e:c5:ce:1a:1e:fc:b4:
2e:16:e1:ef:69:fa:19:ac:6f:15:a0:e2:94:dc:e8:
3c:3d:46:02:44:7c:8d:31:19:2a:81:03:a0:77:62:
df:94:cd:7f:e4:cf:ad:64:27:55:b0:bd:ab:1e:54:
99:82:9f:38:59:80:a1:39:0f:a8:61:0a:fa:a2:f8:
72:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:76:16:B4:75:6F:AB:1F:00:FF:1C:7D:40:84:C0:39:EC:B7:5E:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:7e:fd:08:4d:5a:42:9e:84:53:0d:eb:f0:ce:a0:19:b0:2d:
e9:ef:ff:ab:b3:c1:6b:6a:15:c3:29:93:e8:ca:2f:e5:e5:bf:
93:5c:ee:1b:25:a5:46:86:a5:ff:34:70:01:ce:ca:f3:91:be:
5c:15:b5:50:08:ca:55:b6:97:ef:b7:b8:33:7a:44:ce:ae:19:
47:c0:92:53:2f:a8:d3:6f:50:db:74:b6:07:d0:2f:30:d0:27:
a9:db:29:76:5e:05:95:15:3f:6a:d5:d9:35:f3:b4:3a:8b:35:
1c:ce:6b:57:6c:46:5a:96:3b:15:db:e1:c7:d9:fa:70:1c:b4:
f5:35:64:13:d3:af:b8:f7:ef:9b:8a:c4:c3:f7:ea:87:e1:e9:
ad:f0:e7:10:20:52:3c:83:78:c9:42:4d:18:30:4e:1a:3a:7d:
68:25:4d:e1:24:2d:af:88:db:11:81:3f:92:d1:77:fb:20:4a:
97:1b:2f:e0:f8:d0:97:ca:c8:9f:4a:0e:aa:ba:7f:4a:16:d9:
c9:ea:cf:e7:1f:6c:9a:42:a3:1d:a4:01:34:62:bc:10:b1:34:
d7:a5:b7:f7:c2:75:3e:41:30:f6:5e:0f:2c:69:b9:bd:fc:0c:
9b:4d:29:8d:9c:5f:18:9f:fb:ad:30:03:0f:26:e7:6d:11:55:
24:fb:c6:79
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMBEPZuqzJeoru4dXFsRQ8/vw+EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMjJaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmNjkzYTJmNzg5MWExY2Y0OTBkYjY3Mzc0MGU3OWZiYjg0MTRkYjY4ZGE1
OGQ2YjBkMTU5NWY3NTY1ZmUxMzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ++iNaNxiWSRHQcH9GjgnbRO5x49Ywjrdt9Pnq1HRFsZJXO3wRHJcVSquUT
2OJ2UjtwbedvYT47GeiN8lGF7MFGbFvBTvJxufSzx28VmUKi79eifXVY2MD6rr2F
qVAPJpjGKh+lf7KvH4wIy7q3wuxi7KU4sz4GnopUSQzwOCDaXrveGt7oZzgvZPty
yc+4Mz64JgESBS24loTzE6nY12dVS/kxy4ZLO/EH3bsChS188VNjeASiBH9YWshu
xc4aHvy0Lhbh72n6GaxvFaDilNzoPD1GAkR8jTEZKoEDoHdi35TNf+TPrWQnVbC9
qx5UmYKfOFmAoTkPqGEK+qL4ch0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRSdha0
dW+rHwD/HH1AhMA57LdepzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQCRfv0ITVpCnoRTDevwzqAZsC3p7/+rs8FrahXDKZPo
yi/l5b+TXO4bJaVGhqX/NHABzsrzkb5cFbVQCMpVtpfvt7gzekTOrhlHwJJTL6jT
b1DbdLYH0C8w0Cep2yl2XgWVFT9q1dk187Q6izUczmtXbEZaljsV2+HH2fpwHLT1
NWQT06+49++bisTD9+qH4emt8OcQIFI8g3jJQk0YME4aOn1oJU3hJC2viNsRgT+S
0Xf7IEqXGy/g+NCXysifSg6qun9KFtnJ6s/nH2yaQqMdpAE0YrwQsTTXpbf3wnU+
QTD2Xg8sabm9/AybTSmNnF8Yn/utMAMPJudtEVUk+8Z5
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:00:25 2025 by rpki-client