Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
File: 0a36b38b-9bd1-4014-823d-9204a303350e.roa (raw, json)
Hash identifier: fZNLaoh4+PTL+gsDxtFcrQ+9dh7t/g32IujkR1K2WYs=
Subject key identifier: 6B:1E:BA:6C:38:E5:16:1F:76:27:59:27:19:EA:97:94:A4:6D:AB:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F1A9315CB37443B8C247264CAFA05FEE502EDE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
Signing time: Fri 24 Oct 2025 00:40:23 +0000
ROA not before: Fri 24 Oct 2025 00:40:23 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.21.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:1a:93:15:cb:37:44:3b:8c:24:72:64:ca:fa:05:fe:e5:02:ed:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:23 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=0971db9f6d61b54eac1ee66288d5c85f291af2401edb54d3dfc848472d6ca919, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:18:16:10:bd:af:de:aa:3f:77:07:b8:a9:4c:
36:b2:7a:a3:79:36:99:d6:20:bf:ef:5e:03:5c:cb:
ac:9c:44:9d:c5:c6:6d:1a:e6:9e:f2:87:fd:da:f8:
5b:3f:52:0d:13:4e:27:f6:64:a2:03:0d:4d:4a:c0:
3a:85:73:a5:15:be:1c:ae:33:4c:0e:b6:67:53:be:
fc:83:fe:04:c8:43:1b:f4:94:bc:27:95:cc:6c:42:
54:4a:7e:4e:13:af:aa:e6:55:74:16:b2:b0:79:99:
de:64:c9:90:2e:e3:a8:0b:32:47:2e:c6:1f:47:67:
09:40:d2:7f:9c:f8:21:e8:69:e4:e2:a1:50:0d:02:
fe:c3:8b:33:3f:f2:8c:b0:8d:52:a3:de:18:dd:e5:
5d:23:0d:73:79:19:b9:c2:f6:cf:84:ad:89:59:a1:
90:12:35:6f:fd:a2:f5:60:f9:31:f9:cb:61:51:0a:
a6:6a:ed:f6:a3:6d:70:66:51:7d:81:7e:f2:3c:15:
04:0b:b5:56:a3:72:42:e3:4d:33:a6:6c:3f:8e:d4:
a9:0c:51:c2:cc:89:83:a0:92:83:36:a2:1e:2f:ec:
c7:55:92:e5:f7:8e:56:6e:d9:16:e5:26:16:61:75:
d0:ec:c6:14:82:3c:66:cd:2f:e2:38:eb:a5:3c:57:
28:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1E:BA:6C:38:E5:16:1F:76:27:59:27:19:EA:97:94:A4:6D:AB:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0a36b38b-9bd1-4014-823d-9204a303350e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.21.183.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:82:cd:17:16:fc:f9:63:e5:14:73:58:39:85:5c:3a:c8:a4:
f7:df:94:e9:9b:13:74:86:38:04:f2:fa:20:1d:4c:e1:c9:de:
8f:5c:23:3e:a9:9f:6f:31:c3:40:8a:56:6d:b4:3d:a6:b3:c6:
10:90:7b:d5:37:a4:d4:e1:90:60:52:6d:39:a6:3d:03:a6:1e:
46:da:9f:c5:98:d6:27:e2:c8:df:15:b2:0c:41:41:d0:79:a6:
3d:81:5b:44:5c:25:c2:c9:8f:0c:17:b9:a8:9c:0f:cf:c7:95:
ab:4c:e7:25:ff:1b:14:e0:0a:9b:6a:53:7e:88:2b:06:bb:57:
83:92:dc:9f:49:3a:5a:81:67:2c:b1:28:15:db:df:ea:e5:c5:
d8:45:0e:f4:28:0c:4f:f5:3d:28:f4:aa:fc:c3:2f:0d:7b:42:
ca:78:6d:57:e4:4a:8b:85:a1:bd:35:14:15:1f:46:d6:03:28:
b4:2c:6c:2a:bb:af:b5:af:07:5c:39:c1:6f:35:d9:c0:fb:50:
0e:fd:43:83:12:c8:3f:d0:74:10:fe:00:a7:53:4b:12:ad:f2:
fe:9b:69:f1:f6:88:7b:33:06:e1:1a:5b:bd:b9:98:47:48:14:
c3:25:91:fd:49:4f:b5:e5:4b:1e:60:86:20:7d:3c:da:19:cc:
3d:d3:43:cb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXxqTFcs3RDuMJHJkyvoF/uUC7egwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjNaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NzFkYjlmNmQ2MWI1NGVhYzFlZTY2Mjg4ZDVjODVmMjkxYWYyNDAxZWRi
NTRkM2RmYzg0ODQ3MmQ2Y2E5MTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkYFhC9r96qP3cHuKlMNrJ6o3k2mdYgv+9eA1zLrJxEncXGbRrmnvKH/dr4
Wz9SDRNOJ/ZkogMNTUrAOoVzpRW+HK4zTA62Z1O+/IP+BMhDG/SUvCeVzGxCVEp+
ThOvquZVdBaysHmZ3mTJkC7jqAsyRy7GH0dnCUDSf5z4Iehp5OKhUA0C/sOLMz/y
jLCNUqPeGN3lXSMNc3kZucL2z4StiVmhkBI1b/2i9WD5MfnLYVEKpmrt9qNtcGZR
fYF+8jwVBAu1VqNyQuNNM6ZsP47UqQxRwsyJg6CSgzaiHi/sx1WS5feOVm7ZFuUm
FmF10OzGFII8Zs0v4jjrpTxXKM8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRrHrps
OOUWH3YnWScZ6peUpG2rJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGEzNmIzOGItOWJkMS00MDE0LTgyM2QtOTIwNGEzMDMzNTBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMVtzAN
BgkqhkiG9w0BAQsFAAOCAQEAz4LNFxb8+WPlFHNYOYVcOsik99+U6ZsTdIY4BPL6
IB1M4cnej1wjPqmfbzHDQIpWbbQ9prPGEJB71Tek1OGQYFJtOaY9A6YeRtqfxZjW
J+LI3xWyDEFB0HmmPYFbRFwlwsmPDBe5qJwPz8eVq0znJf8bFOAKm2pTfogrBrtX
g5Lcn0k6WoFnLLEoFdvf6uXF2EUO9CgMT/U9KPSq/MMvDXtCynhtV+RKi4WhvTUU
FR9G1gMotCxsKruvta8HXDnBbzXZwPtQDv1DgxLIP9B0EP4Ap1NLEq3y/ptp8faI
ezMG4RpbvbmYR0gUwyWR/UlPteVLHmCGIH082hnMPdNDyw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:25:47 2025 by rpki-client