Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
File: 179c664b-afae-4c21-9c97-2a2a3985d5b0.roa (raw, json)
Hash identifier: Xchc4BmFN5/iUS6YLh0WJkHeJfOaf0LAdkvSDoyE/XE=
Subject key identifier: 86:FE:FE:ED:89:B2:D2:86:D2:F0:16:0D:51:1B:B8:DE:5D:E0:44:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 128E355FB84CBE97843DB298ED67A251980293B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
Signing time: Tue 21 Oct 2025 14:40:05 +0000
ROA not before: Tue 21 Oct 2025 14:40:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:8e:35:5f:b8:4c:be:97:84:3d:b2:98:ed:67:a2:51:98:02:93:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=dd525788e024b300854b091b721ed505f49cb987134bb574ee5f9aee035acec8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5a:e0:a5:f9:5f:7a:84:d5:ba:f3:92:6d:7b:
6e:11:77:bd:a1:61:83:d3:c1:3b:d9:30:8e:e6:1d:
a6:69:3f:75:1a:23:8a:f7:b1:d3:1b:7c:c1:60:f9:
25:a1:8f:64:38:41:fa:67:c5:a5:f9:07:72:e9:c7:
06:cc:3d:9b:0e:a0:3b:5c:4b:cf:bb:a0:f7:74:95:
5e:b4:d2:8b:4a:21:7a:d7:95:19:bf:fe:fc:5c:79:
ba:3e:66:04:eb:ff:65:c7:31:bb:ab:7d:88:7e:a2:
a2:4a:32:55:36:f9:9b:d2:ac:50:35:ab:79:7f:b4:
48:d2:75:b5:ed:91:47:07:ae:7f:74:8c:ee:c7:ce:
ee:32:90:c7:62:46:83:05:ae:5e:8f:6a:ba:c8:01:
90:d6:f9:8b:be:d0:e7:d9:c9:7d:2f:f6:1c:e5:5f:
01:5f:9d:6c:21:bf:ba:32:1a:95:70:50:b0:5f:21:
36:17:73:06:15:10:77:41:3a:d3:08:75:cf:75:d8:
2d:6e:da:50:b9:02:30:b9:56:4d:2b:55:a7:54:82:
dc:2f:58:cc:d5:c9:28:94:c1:fa:96:6d:1e:b6:ca:
ed:a4:b7:cb:76:26:01:88:6e:fe:69:7e:cd:33:20:
4c:d4:e3:01:9b:87:d5:86:c0:a4:1c:90:1d:f4:4c:
02:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FE:FE:ED:89:B2:D2:86:D2:F0:16:0D:51:1B:B8:DE:5D:E0:44:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/179c664b-afae-4c21-9c97-2a2a3985d5b0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:00:d5:8a:c0:9f:36:35:5a:16:a3:ce:a2:d4:ac:a2:9e:13:
bc:94:9f:c2:8b:35:8a:2c:c3:5a:e6:97:d9:fd:46:bb:76:19:
ed:bf:f3:70:50:72:d4:0c:13:ab:5c:58:4b:32:fa:83:1b:ec:
37:46:58:98:cb:e2:e3:e2:75:5d:83:7f:0b:16:a5:14:7b:19:
15:a4:6e:7f:3f:82:6f:61:fd:a3:e9:d3:90:0d:d4:de:bf:1c:
1f:23:e1:e8:71:45:fa:36:6c:b4:1b:83:b7:59:a6:5a:dd:e6:
01:48:10:78:43:31:46:db:00:9d:68:bf:d5:f9:bc:25:65:8d:
1c:bb:45:8b:52:d4:50:64:fd:bd:a4:6b:69:8b:da:9f:46:e0:
df:95:65:93:03:2d:d0:12:1e:b4:38:fe:85:a1:fa:e2:0a:27:
e6:0b:f4:22:17:c2:f4:44:6f:f5:90:e2:83:ef:63:a2:79:bc:
4b:bf:ad:b3:89:7a:aa:44:0a:c4:ce:b1:42:f5:86:37:59:47:
40:b4:26:b5:82:f8:52:15:f4:a7:dc:22:e4:94:02:5d:92:ff:
24:cb:7e:3e:c9:1c:b2:39:e6:47:45:19:2c:c0:9c:08:e3:e8:
34:78:4c:86:0a:40:31:41:90:af:01:81:be:fe:1f:e9:08:6c:
c6:ba:10:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEo41X7hMvpeEPbKY7WeiUZgCk7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkNTI1Nzg4ZTAyNGIzMDA4NTRiMDkxYjcyMWVkNTA1ZjQ5Y2I5ODcxMzRi
YjU3NGVlNWY5YWVlMDM1YWNlYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKla4KX5X3qE1brzkm17bhF3vaFhg9PBO9kwjuYdpmk/dRojivex0xt8wWD5
JaGPZDhB+mfFpfkHcunHBsw9mw6gO1xLz7ug93SVXrTSi0oheteVGb/+/Fx5uj5m
BOv/Zccxu6t9iH6iokoyVTb5m9KsUDWreX+0SNJ1te2RRweuf3SM7sfO7jKQx2JG
gwWuXo9qusgBkNb5i77Q59nJfS/2HOVfAV+dbCG/ujIalXBQsF8hNhdzBhUQd0E6
0wh1z3XYLW7aULkCMLlWTStVp1SC3C9YzNXJKJTB+pZtHrbK7aS3y3YmAYhu/ml+
zTMgTNTjAZuH1YbApByQHfRMAgsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSG/v7t
ibLShtLwFg1RG7jeXeBESzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTc5YzY2NGItYWZhZS00YzIxLTljOTctMmEyYTM5ODVkNWIwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQBbANWKwJ82NVoWo86i1KyinhO8lJ/CizWKLMNa5pfZ
/Ua7dhntv/NwUHLUDBOrXFhLMvqDG+w3RliYy+Lj4nVdg38LFqUUexkVpG5/P4Jv
Yf2j6dOQDdTevxwfI+HocUX6Nmy0G4O3WaZa3eYBSBB4QzFG2wCdaL/V+bwlZY0c
u0WLUtRQZP29pGtpi9qfRuDflWWTAy3QEh60OP6FofriCifmC/QiF8L0RG/1kOKD
72OiebxLv62ziXqqRArEzrFC9YY3WUdAtCa1gvhSFfSn3CLklAJdkv8ky34+yRyy
OeZHRRkswJwI4+g0eEyGCkAxQZCvAYG+/h/pCGzGuhBV
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:00:28 2025 by rpki-client