Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: w37TVZSCvYtPUBbv3G3GAtaGRZuk4nhnlP5Ls0rJmH4=
Subject key identifier: 96:0E:60:1A:2F:95:D1:34:34:BE:D1:16:05:13:1F:B3:B5:9D:5A:E8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E5B3B5DCF9E46B08011BFDA1554E6A87D659492
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Mon 29 Sep 2025 15:40:07 +0000
ROA not before: Mon 29 Sep 2025 15:40:07 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:5b:3b:5d:cf:9e:46:b0:80:11:bf:da:15:54:e6:a8:7d:65:94:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:07 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=c5f3f58f9f61efd2369d0f9804f464ab0156585a8469455d0b440f915ee47c0e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:70:67:d7:e6:29:43:85:ad:1b:f2:a1:58:fb:
07:02:4f:b7:56:da:5b:52:3a:ab:24:c1:95:ab:c5:
a4:de:1c:a3:ab:6c:fa:77:f5:f0:dc:18:38:10:9b:
aa:0d:34:b6:f5:7e:6a:8a:18:d5:68:67:7a:4d:4c:
e2:63:01:c5:84:cf:e0:e6:c9:47:dc:9a:a7:27:dc:
56:0d:72:4c:67:24:64:82:05:fd:b3:85:80:85:7a:
a5:99:f8:7c:ff:10:61:70:41:6e:44:c3:23:4f:14:
f2:f7:04:eb:82:f1:0c:5a:2a:08:ca:ca:21:84:2d:
55:c9:d6:4e:fd:8e:99:cf:b4:54:5e:d7:1a:93:f9:
83:97:49:0e:ea:29:1d:ae:67:33:23:0d:b3:44:76:
2a:a9:b0:e7:40:2b:c8:cc:5f:40:7d:cd:80:46:3a:
42:db:6e:08:0e:72:77:1c:52:37:b5:26:2d:13:da:
7e:86:25:50:18:d6:d8:22:ac:03:ae:84:4f:12:ff:
42:b8:14:56:a3:eb:4f:20:b1:29:d4:1a:62:0d:32:
ee:5d:56:fb:8d:55:f4:a3:94:00:8e:92:f9:28:53:
8d:b1:c2:e5:cc:55:8c:fc:10:af:a5:14:2d:74:fe:
41:2c:e0:8a:50:f4:c8:08:4d:6f:3a:50:fd:a0:b3:
0e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0E:60:1A:2F:95:D1:34:34:BE:D1:16:05:13:1F:B3:B5:9D:5A:E8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5c:9c:d6:a7:54:e5:07:44:84:a3:3c:f5:de:72:5f:5a:63:67:
57:f9:56:c4:39:d4:d5:32:8b:e5:a1:92:98:73:10:03:c4:1f:
b5:ce:b1:1c:f0:69:da:20:f4:34:3a:b2:55:76:67:63:0b:36:
bc:63:96:64:4f:33:d2:7e:e4:76:32:4d:a5:d4:01:1d:c6:15:
0a:c5:0a:0e:30:f9:ce:77:4a:af:93:0f:41:85:40:2d:9e:58:
b4:b0:59:82:da:7f:2e:ca:29:aa:e8:54:c5:aa:f6:49:e7:04:
73:8f:24:00:e3:77:a3:79:05:58:88:56:ca:84:50:80:7b:4b:
2e:80:b2:53:33:0d:89:a2:22:10:f5:26:6f:03:1f:52:47:42:
8c:33:1f:b7:8f:58:5f:32:79:52:92:61:2a:09:e8:72:ec:9f:
73:05:0f:69:9b:5f:59:73:c4:57:ef:83:3a:f7:98:70:cd:e0:
6b:8f:08:3a:13:e6:95:af:7f:17:76:7d:8f:11:f2:05:ac:16:
06:6a:e1:20:be:5d:03:56:02:2f:76:17:ce:e5:58:92:c5:11:
1e:e6:fd:13:3b:12:ba:f1:4c:5d:6b:64:ae:69:3a:a8:08:e9:
38:48:ff:20:84:a8:8c:86:76:20:89:be:17:e5:40:bb:3f:54:
1b:44:f4:01
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDls7Xc+eRrCAEb/aFVTmqH1llJIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMDdaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1ZjNmNThmOWY2MWVmZDIzNjlkMGY5ODA0ZjQ2NGFiMDE1NjU4NWE4NDY5
NDU1ZDBiNDQwZjkxNWVlNDdjMGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlwZ9fmKUOFrRvyoVj7BwJPt1baW1I6qyTBlavFpN4co6ts+nf18NwYOBCb
qg00tvV+aooY1Whnek1M4mMBxYTP4ObJR9yapyfcVg1yTGckZIIF/bOFgIV6pZn4
fP8QYXBBbkTDI08U8vcE64LxDFoqCMrKIYQtVcnWTv2Omc+0VF7XGpP5g5dJDuop
Ha5nMyMNs0R2Kqmw50AryMxfQH3NgEY6QttuCA5ydxxSN7UmLRPafoYlUBjW2CKs
A66ETxL/QrgUVqPrTyCxKdQaYg0y7l1W+41V9KOUAI6S+ShTjbHC5cxVjPwQr6UU
LXT+QSzgilD0yAhNbzpQ/aCzDn0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWDmAa
L5XRNDS+0RYFEx+ztZ1a6DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBcnNanVOUHRISjPPXecl9aY2dX+VbEOdTVMovloZKY
cxADxB+1zrEc8GnaIPQ0OrJVdmdjCza8Y5ZkTzPSfuR2Mk2l1AEdxhUKxQoOMPnO
d0qvkw9BhUAtnli0sFmC2n8uyimq6FTFqvZJ5wRzjyQA43ejeQVYiFbKhFCAe0su
gLJTMw2JoiIQ9SZvAx9SR0KMMx+3j1hfMnlSkmEqCehy7J9zBQ9pm19Zc8RX74M6
95hwzeBrjwg6E+aVr38Xdn2PEfIFrBYGauEgvl0DVgIvdhfO5ViSxREe5v0TOxK6
8Uxda2SuaTqoCOk4SP8ghKiMhnYgib4X5UC7P1QbRPQB
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:06:32 2025 by rpki-client