Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
File: 60c89335-41cc-407d-8ffe-34cda7e66bb7.roa (raw, json)
Hash identifier: +AIf50h36IiFbIxl1hiRDbJWBb4ay7yaZMCP3LtgAN8=
Subject key identifier: F3:0B:B5:5F:C9:08:4B:DC:44:4E:15:2F:5F:50:70:8D:A4:3E:AF:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BEDB4272161CE2BE1604A9190773A2DB911B3F6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
Signing time: Mon 29 Sep 2025 15:40:26 +0000
ROA not before: Mon 29 Sep 2025 15:40:26 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:ed:b4:27:21:61:ce:2b:e1:60:4a:91:90:77:3a:2d:b9:11:b3:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:26 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=96680d38b51ac5385224d861f6e7d6f26d29ef222df21f57f4958234f51073ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:91:56:f3:56:25:6e:fb:aa:8e:2f:b5:31:87:
6d:81:ad:c3:49:ca:4b:94:14:c7:1c:0a:78:61:9f:
50:59:bf:83:bd:93:5b:73:ea:5d:d5:66:32:b4:0b:
82:73:9c:cb:34:08:7e:4f:6c:37:5b:98:22:c0:2b:
8b:2b:77:27:24:91:3b:1a:3c:af:6e:c5:3f:59:06:
de:dd:b2:c1:c2:da:82:f3:0e:ed:a5:17:c1:5b:15:
c1:c9:b1:04:cd:95:8f:91:c1:4d:76:47:b5:ea:df:
ba:84:5c:90:db:d2:39:82:61:8c:5e:f7:9b:ef:2f:
95:78:a7:01:bf:24:b8:5b:78:99:8b:46:56:98:d1:
75:88:aa:92:e9:5f:f3:f2:c1:ac:e6:f2:7a:02:8b:
37:7a:f5:14:9b:d0:46:d8:84:44:7a:b6:15:63:61:
a8:35:0c:29:fd:c0:95:d6:ef:05:c7:fd:34:d5:a8:
8a:dd:8c:10:31:c8:f0:86:72:ae:af:f8:ca:41:68:
83:46:57:b6:09:12:0d:36:be:ba:b5:e7:9d:57:dd:
45:50:45:3d:58:1b:21:bd:89:47:88:8f:58:96:24:
34:cd:83:f3:d3:62:9c:a6:e1:ef:50:33:9b:e3:90:
99:4d:e2:fe:21:4f:ea:0e:c4:8f:ef:f6:39:cf:fa:
3f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0B:B5:5F:C9:08:4B:DC:44:4E:15:2F:5F:50:70:8D:A4:3E:AF:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60c89335-41cc-407d-8ffe-34cda7e66bb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
6e:5d:ff:03:f8:16:80:d0:3f:2c:96:f6:86:ec:d1:05:ff:9d:
99:61:92:db:41:b7:f4:68:1b:18:e9:94:5a:15:79:91:78:80:
9e:05:f3:21:98:d3:73:b7:f4:5d:29:46:a8:59:6a:8c:2a:71:
ee:50:96:ed:00:bf:80:9d:b2:91:e3:bc:88:25:2b:b4:c2:af:
ba:f3:37:dc:eb:e3:06:67:58:78:ad:ff:a2:4f:55:ed:22:09:
51:12:4a:6a:e0:39:ef:62:e5:8a:c8:c6:ee:e4:b8:59:fa:1f:
d4:f3:a7:03:62:69:1f:87:4d:0a:09:ca:e4:6a:25:58:1f:8f:
70:53:eb:21:d3:75:c4:33:46:72:67:be:4b:76:19:75:e2:f3:
0b:ae:05:0c:d0:90:54:a8:02:fd:84:33:63:29:2e:26:c4:ce:
09:0b:b8:43:2b:16:a7:97:af:9e:51:d1:1c:42:06:ae:82:26:
91:c3:de:8f:f8:a1:db:2f:2d:be:32:21:2e:e3:bc:db:93:47:
b1:f4:2d:ea:a4:b1:bf:c3:45:86:78:e3:f9:74:97:24:c6:c4:
f3:35:9b:75:6b:2e:47:b6:dc:46:7c:76:8a:48:e2:98:52:61:
5f:b1:52:f7:23:c0:96:b4:4c:07:f5:61:a2:93:bc:06:17:67:
5b:19:2a:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa+20JyFhzivhYEqRkHc6LbkRs/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMjZaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2NjgwZDM4YjUxYWM1Mzg1MjI0ZDg2MWY2ZTdkNmYyNmQyOWVmMjIyZGYy
MWY1N2Y0OTU4MjM0ZjUxMDczZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCRVvNWJW77qo4vtTGHbYGtw0nKS5QUxxwKeGGfUFm/g72TW3PqXdVmMrQL
gnOcyzQIfk9sN1uYIsAriyt3JySROxo8r27FP1kG3t2ywcLagvMO7aUXwVsVwcmx
BM2Vj5HBTXZHterfuoRckNvSOYJhjF73m+8vlXinAb8kuFt4mYtGVpjRdYiqkulf
8/LBrObyegKLN3r1FJvQRtiERHq2FWNhqDUMKf3AldbvBcf9NNWoit2MEDHI8IZy
rq/4ykFog0ZXtgkSDTa+urXnnVfdRVBFPVgbIb2JR4iPWJYkNM2D89NinKbh71Az
m+OQmU3i/iFP6g7Ej+/2Oc/6P48CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTzC7Vf
yQhL3EROFS9fUHCNpD6v3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBjODkzMzUtNDFjYy00MDdkLThmZmUtMzRjZGE3ZTY2YmI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQBuXf8D+BaA0D8slvaG7NEF/52ZYZLbQbf0aBsY6ZRa
FXmReICeBfMhmNNzt/RdKUaoWWqMKnHuUJbtAL+AnbKR47yIJSu0wq+68zfc6+MG
Z1h4rf+iT1XtIglREkpq4DnvYuWKyMbu5LhZ+h/U86cDYmkfh00KCcrkaiVYH49w
U+sh03XEM0ZyZ75Ldhl14vMLrgUM0JBUqAL9hDNjKS4mxM4JC7hDKxanl6+eUdEc
QgaugiaRw96P+KHbLy2+MiEu47zbk0ex9C3qpLG/w0WGeOP5dJckxsTzNZt1ay5H
ttxGfHaKSOKYUmFfsVL3I8CWtEwH9WGik7wGF2dbGSo1
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:40 2025 by rpki-client