Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: PWxnAY6T2/QocWzwTIH9ch0bC9RkF19BtcUW1xSK690=
Subject key identifier: 10:86:A4:E6:9D:2E:B6:6B:9E:32:F2:0C:FE:55:4E:2E:6D:AB:91:EF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1062292FF9003E8963BF5A96ADE15821B4CCBBBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Mon 06 Oct 2025 18:10:33 +0000
ROA not before: Mon 06 Oct 2025 18:10:33 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:62:29:2f:f9:00:3e:89:63:bf:5a:96:ad:e1:58:21:b4:cc:bb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:33 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=343a62dfd338eeeb6cfc498658e59b67a4ceb6f8ad9f45f3fdb0fee67b9e021d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:da:88:f9:77:e4:3b:42:68:f7:37:a3:67:bf:
bb:e2:04:ec:1b:6a:49:59:13:de:e0:b5:3e:3e:08:
c7:3d:f4:4f:36:fd:4f:e9:90:72:77:d3:1d:85:18:
86:2f:0d:07:a8:3b:9f:0b:cd:d8:85:d3:ac:7b:a1:
0b:dd:9a:1c:37:b9:c3:e4:23:0e:a7:30:a2:2b:39:
3a:fb:3b:22:c6:8a:2e:6b:05:83:bf:73:2f:88:c9:
cc:b3:67:91:30:3e:ef:75:a2:21:06:0b:85:f8:65:
7f:f8:74:7b:58:09:22:a4:50:99:a1:c9:cd:82:46:
ed:e1:72:d5:b3:24:6c:f7:75:f3:e5:1b:a8:d9:7e:
d9:e3:46:14:25:d9:ea:54:2d:71:f4:93:b3:ee:33:
e1:0a:6b:e2:a0:c9:57:ea:75:17:6c:9f:78:fa:c0:
17:12:63:b7:89:b1:99:46:49:2b:aa:77:f2:44:93:
47:5a:7b:5c:4c:70:c9:35:9c:0e:90:1d:73:44:66:
e2:d2:c2:52:1f:0b:35:3d:5a:5a:9e:fc:c1:01:cb:
75:4e:14:93:9e:31:d2:09:97:63:14:00:cf:89:13:
64:1a:38:e5:e6:cc:8e:4e:d5:ed:13:c4:f4:0a:4b:
6c:7a:12:6e:ab:fc:5a:cd:28:af:9b:c8:e9:1e:37:
78:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:86:A4:E6:9D:2E:B6:6B:9E:32:F2:0C:FE:55:4E:2E:6D:AB:91:EF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:11:45:ac:70:27:73:3d:e1:b7:8e:55:13:0b:e3:d6:fb:79:
29:f1:38:48:63:1a:17:93:2c:80:c6:d9:d7:5e:b0:42:b2:11:
52:b0:9e:e7:f1:3e:37:c2:94:ca:2b:bf:d1:35:33:6e:9a:14:
9a:38:2d:56:3d:02:66:3a:97:28:d6:27:e7:12:a6:f2:87:bd:
1e:1c:0f:22:54:57:ed:7b:53:c0:db:70:6e:ee:d8:9e:dc:7b:
59:7b:e6:88:d8:97:96:a6:8f:6b:28:57:02:81:ed:03:65:42:
46:a8:f7:49:f1:8e:cc:01:e9:25:d9:01:b4:e3:6d:80:ef:f7:
2b:e7:81:e4:58:15:66:3d:e4:f0:20:04:6f:99:91:3f:7f:31:
65:47:fa:e4:29:b8:72:84:26:ab:be:a6:7e:21:9f:18:43:22:
36:f2:0e:33:7a:6b:d7:0f:51:a6:89:33:84:df:8f:72:36:6f:
6f:74:51:2d:e5:fd:51:f0:df:98:9e:83:aa:62:cd:99:72:b0:
fe:cf:b6:2d:fe:76:4f:77:e8:4b:ed:85:5e:f7:af:ec:14:8c:
fe:aa:48:19:44:49:5d:df:fb:f8:6d:6c:8e:53:36:b1:c0:c1:
b9:6c:77:e4:31:a4:13:96:d6:9a:83:30:c6:5b:95:5f:8e:88:
78:71:77:16
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEGIpL/kAPoljv1qWreFYIbTMu7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzNaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0M2E2MmRmZDMzOGVlZWI2Y2ZjNDk4NjU4ZTU5YjY3YTRjZWI2ZjhhZDlm
NDVmM2ZkYjBmZWU2N2I5ZTAyMWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHaiPl35DtCaPc3o2e/u+IE7BtqSVkT3uC1Pj4Ixz30Tzb9T+mQcnfTHYUY
hi8NB6g7nwvN2IXTrHuhC92aHDe5w+QjDqcwois5Ovs7IsaKLmsFg79zL4jJzLNn
kTA+73WiIQYLhfhlf/h0e1gJIqRQmaHJzYJG7eFy1bMkbPd18+UbqNl+2eNGFCXZ
6lQtcfSTs+4z4Qpr4qDJV+p1F2yfePrAFxJjt4mxmUZJK6p38kSTR1p7XExwyTWc
DpAdc0Rm4tLCUh8LNT1aWp78wQHLdU4Uk54x0gmXYxQAz4kTZBo45ebMjk7V7RPE
9ApLbHoSbqv8Ws0or5vI6R43eHsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQhqTm
nS62a54y8gz+VU4ubauR7zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQCSEUWscCdzPeG3jlUTC+PW+3kp8ThIYxoXkyyAxtnX
XrBCshFSsJ7n8T43wpTKK7/RNTNumhSaOC1WPQJmOpco1ifnEqbyh70eHA8iVFft
e1PA23Bu7tie3HtZe+aI2JeWpo9rKFcCge0DZUJGqPdJ8Y7MAekl2QG0422A7/cr
54HkWBVmPeTwIARvmZE/fzFlR/rkKbhyhCarvqZ+IZ8YQyI28g4zemvXD1GmiTOE
349yNm9vdFEt5f1R8N+YnoOqYs2ZcrD+z7Yt/nZPd+hL7YVe96/sFIz+qkgZREld
3/v4bWyOUzaxwMG5bHfkMaQTltaagzDGW5Vfjoh4cXcW
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:43 2025 by rpki-client