Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
File: 07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa (raw, json)
Hash identifier: hxTHgB3tSkWDeSiggKF90FS8CGxuJSBfISh90xIh2UU=
Subject key identifier: 7C:18:86:56:1C:0A:16:BF:BE:A9:78:6D:8C:CD:3B:0C:4A:AB:F0:33
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 73E6D6AC8400C597A972364B5D88673D9DC7A23F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
Signing time: Tue 21 Oct 2025 14:40:36 +0000
ROA not before: Tue 21 Oct 2025 14:40:36 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.35.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:e6:d6:ac:84:00:c5:97:a9:72:36:4b:5d:88:67:3d:9d:c7:a2:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:36 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a377f0b79b10cb4784d311fc8b6604f6bcd0c90fc8d67b776eeb40e8b440ed02, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a7:7a:d2:4a:0f:62:79:a4:0b:24:ad:46:94:
ac:83:fc:39:76:5e:e4:2b:ce:eb:56:10:03:e4:2d:
c5:70:e7:5f:c3:ff:6b:c5:18:57:20:8c:f3:2d:7a:
e6:28:0f:e6:4f:ad:02:01:29:e4:a9:d5:20:56:04:
36:f8:90:53:a0:71:28:5a:45:f6:02:f3:e9:13:4a:
34:3c:6b:a9:ff:fe:8b:50:c5:16:da:81:07:c5:86:
a3:96:80:bf:aa:7f:53:cf:65:a2:22:b3:fc:18:bc:
31:f6:bd:fd:75:1c:93:e3:89:f7:45:fd:36:b5:f1:
b9:4e:89:68:66:48:03:25:6b:c6:6a:5f:69:b4:36:
c4:96:a9:06:76:ed:57:8f:cd:e5:b8:78:04:dd:03:
00:9b:9b:dd:5e:ef:b4:9d:5c:7e:4e:eb:bc:41:ed:
c6:66:aa:2b:c4:02:32:7c:6d:16:1c:1c:67:4b:d4:
96:07:cb:f6:61:ca:58:95:38:f7:e9:c0:71:5d:f6:
ee:71:1a:12:94:85:b7:25:7d:aa:e3:40:09:61:46:
84:8a:b4:6d:2c:08:2e:35:af:18:76:c2:82:db:8b:
ad:d4:25:2e:f5:ea:91:9d:6a:1b:9f:cc:04:01:b0:
60:df:ff:e5:66:05:76:04:86:7c:af:92:7a:2a:b3:
28:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:18:86:56:1C:0A:16:BF:BE:A9:78:6D:8C:CD:3B:0C:4A:AB:F0:33
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/07a0a2d7-7de7-4807-863f-fcbe7f8106e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:f2:ed:d2:e0:e6:ad:ca:e3:2f:74:36:01:01:0d:dc:0a:ee:
1e:42:1e:20:84:94:32:a6:07:25:9e:e9:a9:b5:0a:6e:87:05:
2f:79:8a:83:cf:37:2b:11:8d:e2:e2:4c:6c:c3:4a:49:32:1b:
14:25:b1:87:69:41:e5:3f:04:c3:e8:5c:61:23:10:d0:f5:91:
d0:45:71:f5:69:5b:7e:cf:63:6c:af:8c:99:5b:fe:13:15:5d:
e7:03:d6:e4:8d:54:a7:50:02:17:16:41:2b:02:9a:c4:68:18:
c7:99:35:94:79:84:27:69:de:7c:11:6f:d5:ff:a3:cb:ae:fd:
b3:91:82:5d:81:a4:52:ad:a6:1d:25:e9:2b:e8:a9:40:97:e2:
47:af:b8:af:a8:47:5f:73:13:ef:6d:74:94:ee:1f:85:6b:dc:
ab:21:ea:8e:37:8d:66:98:e6:dc:bb:bb:a6:89:69:57:15:2c:
4e:41:0d:4e:eb:d7:bd:dc:b7:b0:11:7e:ad:3f:40:2d:4b:a7:
5d:ff:77:8b:4d:b8:37:da:96:6c:16:f1:4c:eb:56:b4:d6:af:
6f:03:21:b3:e7:a3:15:fc:bb:b5:2d:94:8c:89:61:0d:88:4f:
74:ed:9b:81:37:05:04:e0:24:5c:d6:cc:76:70:c2:a1:03:07:
e3:90:69:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc+bWrIQAxZepcjZLXYhnPZ3Hoj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzNzdmMGI3OWIxMGNiNDc4NGQzMTFmYzhiNjYwNGY2YmNkMGM5MGZjOGQ2
N2I3NzZlZWI0MGU4YjQ0MGVkMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALenetJKD2J5pAskrUaUrIP8OXZe5CvO61YQA+QtxXDnX8P/a8UYVyCM8y16
5igP5k+tAgEp5KnVIFYENviQU6BxKFpF9gLz6RNKNDxrqf/+i1DFFtqBB8WGo5aA
v6p/U89loiKz/Bi8Mfa9/XUck+OJ90X9NrXxuU6JaGZIAyVrxmpfabQ2xJapBnbt
V4/N5bh4BN0DAJub3V7vtJ1cfk7rvEHtxmaqK8QCMnxtFhwcZ0vUlgfL9mHKWJU4
9+nAcV327nEaEpSFtyV9quNACWFGhIq0bSwILjWvGHbCgtuLrdQlLvXqkZ1qG5/M
BAGwYN//5WYFdgSGfK+SeiqzKEMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR8GIZW
HAoWv76peG2MzTsMSqvwMzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDdhMGEyZDctN2RlNy00ODA3LTg2M2YtZmNiZTdmODEwNmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMjMA0G
CSqGSIb3DQEBCwUAA4IBAQAq8u3S4OatyuMvdDYBAQ3cCu4eQh4ghJQypgclnump
tQpuhwUveYqDzzcrEY3i4kxsw0pJMhsUJbGHaUHlPwTD6FxhIxDQ9ZHQRXH1aVt+
z2Nsr4yZW/4TFV3nA9bkjVSnUAIXFkErAprEaBjHmTWUeYQnad58EW/V/6PLrv2z
kYJdgaRSraYdJekr6KlAl+JHr7ivqEdfcxPvbXSU7h+Fa9yrIeqON41mmObcu7um
iWlXFSxOQQ1O69e93LewEX6tP0AtS6dd/3eLTbg32pZsFvFM61a01q9vAyGz56MV
/Lu1LZSMiWENiE907ZuBNwUE4CRc1sx2cMKhAwfjkGlj
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:29:54 2025 by rpki-client