
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
File: 87cbc454-e777-437d-a43a-911995d2a7ce.roa (raw, json)
Hash identifier: hVGbbtYr9KHbjZw7qPyILM3XHsoHBiU/5dUGn0m0GKQ=
Subject key identifier: 81:36:77:86:F0:3F:99:F0:51:87:0F:60:28:FC:21:AC:BB:BE:67:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B1DD67E5E7ACB95C0178194C7BDCBC5E51C0DEE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
Signing time: Mon 29 Sep 2025 15:40:08 +0000
ROA not before: Mon 29 Sep 2025 15:40:08 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:1d:d6:7e:5e:7a:cb:95:c0:17:81:94:c7:bd:cb:c5:e5:1c:0d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:08 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=3f4a573a3ac52c59a5cb8e4035bca406e65dd985456f0cc6d82e6c378db3ea94, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:31:44:8f:dd:5a:cd:cb:02:55:b1:9d:c9:79:
01:90:8a:72:ce:2d:dc:2b:98:64:63:c7:86:e8:2e:
39:30:98:a7:d8:57:9a:f0:12:1b:d3:38:76:db:11:
90:4e:ee:db:f4:be:a0:d7:ca:3e:b5:2a:63:46:d2:
78:b2:22:90:3b:98:72:84:02:fe:f3:85:c2:59:42:
82:14:02:92:7b:34:f0:62:ad:75:1a:bb:d4:09:bd:
28:f6:b4:ea:45:4b:e2:3e:2f:25:16:a8:d8:8a:ec:
5f:ad:ce:16:90:7f:e4:6f:0c:ca:c3:57:c0:9e:39:
3e:83:d5:bb:ce:af:05:ee:01:53:1b:80:e0:64:b2:
2a:14:68:27:a8:a1:c2:90:9a:00:59:98:ae:86:24:
71:20:51:cd:fa:1a:90:a8:09:5c:73:28:2c:a3:b5:
b3:20:81:b5:b5:8c:30:43:89:18:85:96:72:60:8c:
89:ea:58:81:9d:b6:f8:1b:d8:fd:48:ea:70:9d:9d:
b2:c4:c9:4c:41:d7:6e:b0:ce:5c:33:c5:4b:98:2c:
de:52:68:87:af:5a:da:51:ca:d8:a9:ab:de:37:9e:
e4:4e:6d:ac:3b:26:cc:fd:86:f6:df:c7:99:ea:12:
9f:c9:97:78:cf:5f:62:72:af:09:04:77:29:de:00:
f9:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:36:77:86:F0:3F:99:F0:51:87:0F:60:28:FC:21:AC:BB:BE:67:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/87cbc454-e777-437d-a43a-911995d2a7ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:59:b0:7e:f2:82:f7:98:bc:7e:c9:a5:75:21:7b:ab:36:7f:
0c:27:22:f3:9e:09:fc:c5:f5:2b:c3:7c:01:9b:a6:f7:9f:a0:
9b:10:5f:11:db:34:8d:6e:2a:2b:c7:61:61:fc:0e:6d:45:f3:
19:d8:d7:83:53:02:d4:fd:c4:c7:22:68:b2:59:ff:f2:55:c7:
ee:13:52:ac:2a:9f:0c:10:ef:80:a1:70:4b:53:5f:8c:a9:fb:
67:f7:f9:53:e9:41:8d:07:07:6c:37:82:df:14:2b:93:c6:6e:
22:c8:8f:81:1f:9a:3b:44:a1:cf:2d:4b:5a:63:b2:31:6a:7b:
4a:6f:01:d6:bb:a1:c8:49:cc:34:b5:73:c8:f6:d1:d8:39:aa:
fe:03:69:a1:eb:9b:d3:53:52:76:f7:9a:9f:1a:ac:c7:35:be:
5a:02:aa:fc:ef:7e:00:56:10:33:81:40:45:50:93:bc:6e:60:
df:5b:23:10:10:74:17:2d:86:ca:9f:70:d0:12:e8:f5:ec:39:
05:c7:6c:55:e2:2b:36:6d:00:3c:ce:06:33:eb:ef:33:2f:21:
79:13:86:9d:d6:99:1a:12:ee:d7:ff:05:03:7b:3d:2d:1f:b9:
2f:96:ea:00:d3:b1:ca:a6:69:14:ea:86:c7:1e:5e:8c:23:5f:
e1:5d:1d:81
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUax3Wfl56y5XAF4GUx73LxeUcDe4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMDhaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNmNGE1NzNhM2FjNTJjNTlhNWNiOGU0MDM1YmNhNDA2ZTY1ZGQ5ODU0NTZm
MGNjNmQ4MmU2YzM3OGRiM2VhOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMxRI/dWs3LAlWxncl5AZCKcs4t3CuYZGPHhuguOTCYp9hXmvASG9M4dtsR
kE7u2/S+oNfKPrUqY0bSeLIikDuYcoQC/vOFwllCghQCkns08GKtdRq71Am9KPa0
6kVL4j4vJRao2IrsX63OFpB/5G8MysNXwJ45PoPVu86vBe4BUxuA4GSyKhRoJ6ih
wpCaAFmYroYkcSBRzfoakKgJXHMoLKO1syCBtbWMMEOJGIWWcmCMiepYgZ22+BvY
/UjqcJ2dssTJTEHXbrDOXDPFS5gs3lJoh69a2lHK2Kmr3jee5E5trDsmzP2G9t/H
meoSn8mXeM9fYnKvCQR3Kd4A+VUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBNneG
8D+Z8FGHD2Ao/CGsu75npjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODdjYmM0NTQtZTc3Ny00MzdkLWE0M2EtOTExOTk1ZDJhN2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMVMA0G
CSqGSIb3DQEBCwUAA4IBAQDIWbB+8oL3mLx+yaV1IXurNn8MJyLzngn8xfUrw3wB
m6b3n6CbEF8R2zSNbiorx2Fh/A5tRfMZ2NeDUwLU/cTHImiyWf/yVcfuE1KsKp8M
EO+AoXBLU1+Mqftn9/lT6UGNBwdsN4LfFCuTxm4iyI+BH5o7RKHPLUtaY7IxantK
bwHWu6HIScw0tXPI9tHYOar+A2mh65vTU1J295qfGqzHNb5aAqr8734AVhAzgUBF
UJO8bmDfWyMQEHQXLYbKn3DQEuj17DkFx2xV4is2bQA8zgYz6+8zLyF5E4ad1pka
Eu7X/wUDez0tH7kvluoA07HKpmkU6obHHl6MI1/hXR2B
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:54:37 2025 by rpki-client