Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
File: 70bc7703-020e-4153-b340-cced3a436951.roa (raw, json)
Hash identifier: sjb9Y/tAxid7xJtW8OhAClNUYiu2vzOSrEivbEU8XAg=
Subject key identifier: D0:4B:E9:32:2C:DB:C9:C1:05:E3:D0:D9:C2:80:21:35:DE:18:6C:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13CABCBA64C07AB6FDD675350D35979A3EC360C4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
Signing time: Mon 29 Sep 2025 15:40:25 +0000
ROA not before: Mon 29 Sep 2025 15:40:25 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.96.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ca:bc:ba:64:c0:7a:b6:fd:d6:75:35:0d:35:97:9a:3e:c3:60:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:25 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=460ed8aa430f5a4de1667d27604f318a15a88e4f587c9bd756a2a2d980abbe19, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7d:67:64:9a:31:ef:b2:21:d6:d4:5c:9a:6c:
e5:8b:c4:e8:d2:c9:cf:6b:d4:c5:c4:bd:0c:50:de:
56:5b:67:56:5a:cb:a7:7d:ad:fd:e3:61:27:e7:e3:
d7:b7:ad:d6:d0:7b:fa:5b:b0:6a:30:2b:16:5d:7d:
23:90:2d:6e:2f:9f:e5:e9:67:53:b2:ef:fd:49:d2:
dd:e8:d0:93:2e:c0:89:0f:92:28:04:d8:0e:42:d8:
90:ce:49:38:7a:9f:85:61:a2:3c:ed:4f:8e:26:65:
b9:83:cc:e0:6c:3c:cb:dd:5f:29:27:e6:18:47:2f:
04:4d:df:bd:b7:6b:be:01:2d:03:59:37:7b:99:0f:
c0:ec:fc:a2:4b:a2:ba:40:c8:06:5f:f3:d4:87:eb:
b5:98:60:2e:1f:eb:b6:3a:ed:c8:d3:b4:22:ab:19:
f2:35:25:2c:2e:ab:6b:df:df:6b:9f:1c:c1:60:fb:
28:2c:ba:86:96:d5:1d:e0:bb:7c:80:48:0b:fe:50:
9f:46:7a:8d:4e:0a:17:6f:c9:2b:da:4b:dc:cf:b2:
92:ca:4e:85:f0:8e:83:54:bc:47:7a:43:59:d4:d7:
72:80:21:fb:95:f9:69:15:81:0c:7d:3a:dc:dc:26:
43:f7:3f:43:d0:a2:1d:67:01:48:b7:7c:b7:37:71:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4B:E9:32:2C:DB:C9:C1:05:E3:D0:D9:C2:80:21:35:DE:18:6C:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/70bc7703-020e-4153-b340-cced3a436951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:bd:fe:7b:9e:33:80:09:b0:3b:df:42:f5:bc:b9:54:cb:a6:
0a:02:b1:4f:7d:53:f3:0e:fb:24:d9:e5:b0:ed:4b:30:d5:05:
46:46:df:96:65:ab:00:82:bd:9d:12:05:91:c1:df:bf:e4:d5:
b2:0e:1e:cc:47:45:32:73:a5:85:e1:09:9f:16:01:d0:2c:ec:
d4:f1:c0:09:58:5f:dd:f4:c2:85:94:22:c0:ef:d6:49:8a:07:
81:ee:30:26:83:47:56:35:e7:0d:83:2d:1a:d1:05:10:e5:d9:
45:ac:c2:80:e0:4f:da:03:71:b8:13:cd:e1:fc:27:62:36:67:
57:0f:7a:fa:84:ab:23:60:c9:52:d0:69:2d:96:de:20:60:88:
5c:e0:5d:0e:64:4d:a3:fc:c9:1f:70:d9:bd:ed:29:c6:97:c7:
55:47:f8:74:c6:ed:ac:0d:b2:57:eb:3c:b4:08:60:0d:2d:d2:
34:46:d4:dd:1e:bf:67:2c:2c:7f:c4:57:43:9e:d0:ce:07:27:
e1:61:a2:16:d1:2e:38:6b:9a:5e:c9:d8:63:74:37:d9:bd:08:
9e:fd:4d:a1:62:3a:01:e2:8c:dd:f6:31:43:ab:06:c8:c8:e3:
d2:a5:32:81:30:d4:ce:0d:8b:b2:3a:af:20:27:03:d0:ed:1c:
d1:f3:5d:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE8q8umTAerb91nU1DTWXmj7DYMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMjVaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MGVkOGFhNDMwZjVhNGRlMTY2N2QyNzYwNGYzMThhMTVhODhlNGY1ODdj
OWJkNzU2YTJhMmQ5ODBhYmJlMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKh9Z2SaMe+yIdbUXJps5YvE6NLJz2vUxcS9DFDeVltnVlrLp32t/eNhJ+fj
17et1tB7+luwajArFl19I5Atbi+f5elnU7Lv/UnS3ejQky7AiQ+SKATYDkLYkM5J
OHqfhWGiPO1PjiZluYPM4Gw8y91fKSfmGEcvBE3fvbdrvgEtA1k3e5kPwOz8okui
ukDIBl/z1IfrtZhgLh/rtjrtyNO0IqsZ8jUlLC6ra9/fa58cwWD7KCy6hpbVHeC7
fIBIC/5Qn0Z6jU4KF2/JK9pL3M+ykspOhfCOg1S8R3pDWdTXcoAh+5X5aRWBDH06
3NwmQ/c/Q9CiHWcBSLd8tzdxvk0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQS+ky
LNvJwQXj0NnCgCE13hhsgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzBiYzc3MDMtMDIwZS00MTUzLWIzNDAtY2NlZDNhNDM2OTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNgMA0G
CSqGSIb3DQEBCwUAA4IBAQAwvf57njOACbA730L1vLlUy6YKArFPfVPzDvsk2eWw
7Usw1QVGRt+WZasAgr2dEgWRwd+/5NWyDh7MR0Uyc6WF4QmfFgHQLOzU8cAJWF/d
9MKFlCLA79ZJigeB7jAmg0dWNecNgy0a0QUQ5dlFrMKA4E/aA3G4E83h/CdiNmdX
D3r6hKsjYMlS0Gktlt4gYIhc4F0OZE2j/MkfcNm97SnGl8dVR/h0xu2sDbJX6zy0
CGANLdI0RtTdHr9nLCx/xFdDntDOByfhYaIW0S44a5peydhjdDfZvQie/U2hYjoB
4ozd9jFDqwbIyOPSpTKBMNTODYuyOq8gJwPQ7RzR811+
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:44:39 2025 by rpki-client