Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
File: 16466217-dced-4a5a-a70d-36ae6ab6acbe.roa (raw, json)
Hash identifier: PDwhRNxOfW2H06RXPKwmVDKfqZm24kNOmU2R+TNUz2g=
Subject key identifier: 7B:16:8A:DD:0F:FE:CA:38:64:02:D4:EB:E7:46:15:CC:14:AD:A1:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2513337EE1DF6B771F7C268A2E749AD621219B30
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
Signing time: Fri 24 Oct 2025 00:40:10 +0000
ROA not before: Fri 24 Oct 2025 00:40:10 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:13:33:7e:e1:df:6b:77:1f:7c:26:8a:2e:74:9a:d6:21:21:9b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:10 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=3350f773967b67ecef37fc722663246417134bf8687940b8f9f49ae5963c75ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:ba:dc:ff:7f:e0:11:eb:50:0a:b6:2b:19:
77:1a:4c:e9:0c:c8:a3:27:63:46:d5:c1:f8:21:31:
ec:e8:de:71:1f:9b:d8:49:74:86:f8:3c:32:75:17:
0f:29:e1:35:af:8c:03:fd:e0:c8:1f:48:1c:a4:70:
7c:29:80:11:71:ac:25:48:ce:39:a9:9a:45:4f:e0:
0a:01:12:0e:07:9e:63:6b:06:fc:b2:3d:21:0f:0c:
4b:50:b6:8d:02:45:1a:3a:1c:50:e7:5b:ef:f1:07:
6a:d2:43:5c:69:79:0b:c8:fc:4e:7a:04:cb:5c:48:
05:7a:23:e5:e3:10:e1:6e:16:0a:3a:eb:55:ae:68:
3e:37:23:85:83:9c:93:37:1d:fa:75:60:69:bc:3a:
6f:8b:5d:7f:19:ec:b7:c1:e2:16:6c:1a:07:5c:53:
ae:a0:4b:9b:01:d9:e4:c3:d7:ef:b5:62:af:28:df:
1a:7e:60:44:7b:ef:eb:91:e4:14:8a:a4:aa:d4:ba:
29:e8:aa:57:f2:0c:59:66:4b:3e:61:9d:6b:80:37:
d3:42:85:1f:43:22:7b:4c:70:3a:e3:12:60:a5:20:
37:31:20:53:87:c7:a8:ee:24:14:16:8f:5a:5a:b3:
81:21:da:5c:c9:68:8c:a5:b1:0c:76:7e:41:d3:07:
1f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:16:8A:DD:0F:FE:CA:38:64:02:D4:EB:E7:46:15:CC:14:AD:A1:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
52:f8:ea:92:03:fa:a4:16:35:39:0d:e0:4a:64:ef:24:31:fe:
76:c6:81:38:c9:ac:64:9f:5e:c7:a6:16:33:03:2f:98:89:94:
74:e0:e9:23:b2:d4:62:1b:f9:c7:70:10:48:7e:c2:03:99:fc:
b4:07:21:b1:cf:79:fd:d7:ce:fd:cd:c1:92:1f:6c:f8:94:69:
19:ee:c9:b9:d5:45:f5:e9:e3:3a:f6:83:8f:13:a5:22:bf:c7:
9a:06:89:cb:bc:8d:2d:d5:62:eb:6b:28:b9:66:82:1b:88:0e:
02:eb:ba:10:9b:0f:af:43:22:5e:82:c2:98:fb:e2:20:4d:27:
82:2c:e2:f2:b0:be:47:88:e0:56:c9:2b:29:1d:0d:7c:19:45:
24:8f:ea:01:d5:f0:45:87:4f:d2:b6:ec:6a:a2:ee:89:ce:88:
e7:f4:e0:71:39:05:f0:50:52:87:2d:36:28:3f:23:4a:30:d6:
45:f2:43:c2:85:44:be:a9:94:6f:2e:3e:dd:4c:65:e8:e2:76:
27:0a:ad:e9:04:29:f2:3b:45:c3:e2:62:34:3b:78:e0:3c:c9:
be:80:33:33:6e:87:1b:cc:88:59:8c:32:80:10:91:02:0e:19:
2b:bc:cd:16:f2:50:35:59:2d:d6:69:41:93:e5:2e:f8:11:38:
4e:a4:6e:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJRMzfuHfa3cffCaKLnSa1iEhmzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMTBaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNTBmNzczOTY3YjY3ZWNlZjM3ZmM3MjI2NjMyNDY0MTcxMzRiZjg2ODc5
NDBiOGY5ZjQ5YWU1OTYzYzc1ZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUhutz/f+AR61AKtisZdxpM6QzIoydjRtXB+CEx7OjecR+b2El0hvg8MnUX
DynhNa+MA/3gyB9IHKRwfCmAEXGsJUjOOamaRU/gCgESDgeeY2sG/LI9IQ8MS1C2
jQJFGjocUOdb7/EHatJDXGl5C8j8TnoEy1xIBXoj5eMQ4W4WCjrrVa5oPjcjhYOc
kzcd+nVgabw6b4tdfxnst8HiFmwaB1xTrqBLmwHZ5MPX77ViryjfGn5gRHvv65Hk
FIqkqtS6KeiqV/IMWWZLPmGda4A300KFH0Mie0xwOuMSYKUgNzEgU4fHqO4kFBaP
WlqzgSHaXMlojKWxDHZ+QdMHH+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7Ford
D/7KOGQC1OvnRhXMFK2htjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY0NjYyMTctZGNlZC00YTVhLWE3MGQtMzZhZTZhYjZhY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBS+OqSA/qkFjU5DeBKZO8kMf52xoE4yaxkn17HphYz
Ay+YiZR04OkjstRiG/nHcBBIfsIDmfy0ByGxz3n91879zcGSH2z4lGkZ7sm51UX1
6eM69oOPE6Uiv8eaBonLvI0t1WLrayi5ZoIbiA4C67oQmw+vQyJegsKY++IgTSeC
LOLysL5HiOBWySspHQ18GUUkj+oB1fBFh0/Stuxqou6Jzojn9OBxOQXwUFKHLTYo
PyNKMNZF8kPChUS+qZRvLj7dTGXo4nYnCq3pBCnyO0XD4mI0O3jgPMm+gDMzbocb
zIhZjDKAEJECDhkrvM0W8lA1WS3WaUGT5S74EThOpG6D
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:05:53 2025 by rpki-client