Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
File: 186c4a20-4025-4599-90c9-1eeb15cf6730.roa (raw, json)
Hash identifier: qbztZKRuLSpx2jr+wFZmWoYuqNEfpJxsbj1JpoXGYqY=
Subject key identifier: 04:F4:C4:F1:4D:87:15:10:67:9A:F4:4E:1B:31:43:7C:41:F3:5C:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3DF5B5A9E316DBD2A995E025F082DC05AB9A5183
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
Signing time: Wed 22 Oct 2025 00:50:17 +0000
ROA not before: Wed 22 Oct 2025 00:50:17 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f5:b5:a9:e3:16:db:d2:a9:95:e0:25:f0:82:dc:05:ab:9a:51:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:17 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=ecf80953524d76bf2062bd69b0818e6398d53964e1c0400e7f3380f3a8021829, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f3:30:5b:4e:b5:1e:8e:18:6b:eb:6f:71:59:
2c:78:08:53:39:f1:65:2c:fe:30:dc:97:aa:6a:2b:
45:7f:d1:f9:81:ae:31:65:c7:66:9e:a1:f4:3a:76:
8a:bf:27:d2:7c:c0:a4:ea:85:ac:01:d6:d5:1c:08:
4f:78:bf:ab:68:92:48:4c:3d:eb:1a:1a:65:e2:6e:
de:ae:6c:37:51:db:bf:2d:93:72:4d:f5:ba:19:49:
22:fb:c6:3c:f6:a1:09:d1:4a:49:91:b3:98:64:78:
e5:d9:5c:e3:fb:bc:f1:52:33:10:ff:02:09:99:dc:
9b:60:95:d5:76:b0:1b:55:18:f3:4e:6d:ae:bc:fc:
10:05:b7:89:16:bc:12:6f:3c:d2:4c:a3:4d:54:74:
4b:df:30:2d:d0:18:51:97:8a:3e:64:9f:39:20:ff:
6c:ce:80:4f:54:c1:18:ab:8a:e8:a8:09:70:cd:13:
d1:87:40:46:6e:7d:a8:b7:88:da:6a:06:4b:48:59:
82:bd:13:7e:96:ac:86:ec:8c:c5:a2:bb:89:0f:75:
53:06:a9:ea:1c:40:4f:c7:2d:71:48:a5:16:05:5d:
ed:69:93:91:cd:ae:eb:26:8e:b7:11:55:e9:17:70:
37:51:01:7b:3d:08:36:04:d0:b3:1f:6e:b0:25:a5:
58:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F4:C4:F1:4D:87:15:10:67:9A:F4:4E:1B:31:43:7C:41:F3:5C:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/186c4a20-4025-4599-90c9-1eeb15cf6730.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.205.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:d5:eb:0a:70:73:79:64:f6:7a:03:58:f9:1a:49:2c:e5:ac:
ca:f7:db:2a:ea:f0:73:1d:81:b5:a5:ed:95:fa:d9:3f:fb:5e:
5c:1b:9c:52:3c:43:49:ea:2e:53:39:f0:51:b5:41:eb:e6:de:
d3:7c:b7:cc:0c:79:7a:42:0e:63:15:22:89:1c:7e:c5:98:eb:
38:22:f2:9e:6c:eb:cf:5a:5f:fd:e7:59:e5:ef:25:0e:64:1a:
7a:9c:34:79:c7:07:01:59:ac:c0:86:f5:11:11:a9:de:b5:80:
e2:0f:6b:58:be:00:11:ef:68:c5:4f:ea:92:9a:4d:0b:56:af:
44:ff:48:e8:bc:99:6d:93:26:1d:73:f6:cd:76:bf:1b:64:44:
5f:d2:0c:62:d2:34:2a:86:d2:55:cd:47:19:90:c4:61:a5:e9:
f9:f6:b6:98:17:52:f1:56:58:41:31:ac:d2:e6:8b:b0:66:21:
d7:01:f0:eb:6a:98:29:83:7c:60:55:26:c5:18:4e:3e:ba:a3:
15:e2:f3:6a:f8:83:7d:f1:98:8f:dd:4d:76:c5:56:66:6a:6e:
e9:f8:a4:a6:c6:ad:b0:2b:0d:83:55:cb:1e:66:d9:bf:42:d4:
a7:30:29:9f:a4:83:9d:7c:c5:73:0f:f5:b0:04:0c:2f:eb:73:
af:96:9b:81
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPfW1qeMW29KpleAl8ILcBauaUYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTdaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjZjgwOTUzNTI0ZDc2YmYyMDYyYmQ2OWIwODE4ZTYzOThkNTM5NjRlMWMw
NDAwZTdmMzM4MGYzYTgwMjE4MjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODzMFtOtR6OGGvrb3FZLHgIUznxZSz+MNyXqmorRX/R+YGuMWXHZp6h9Dp2
ir8n0nzApOqFrAHW1RwIT3i/q2iSSEw96xoaZeJu3q5sN1Hbvy2Tck31uhlJIvvG
PPahCdFKSZGzmGR45dlc4/u88VIzEP8CCZncm2CV1XawG1UY805trrz8EAW3iRa8
Em880kyjTVR0S98wLdAYUZeKPmSfOSD/bM6AT1TBGKuK6KgJcM0T0YdARm59qLeI
2moGS0hZgr0TfpashuyMxaK7iQ91Uwap6hxAT8ctcUilFgVd7WmTkc2u6yaOtxFV
6RdwN1EBez0INgTQsx9usCWlWEsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQE9MTx
TYcVEGea9E4bMUN8QfNcfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTg2YzRhMjAtNDAyNS00NTk5LTkwYzktMWVlYjE1Y2Y2NzMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzTAN
BgkqhkiG9w0BAQsFAAOCAQEAztXrCnBzeWT2egNY+RpJLOWsyvfbKurwcx2BtaXt
lfrZP/teXBucUjxDSeouUznwUbVB6+be03y3zAx5ekIOYxUiiRx+xZjrOCLynmzr
z1pf/edZ5e8lDmQaepw0eccHAVmswIb1ERGp3rWA4g9rWL4AEe9oxU/qkppNC1av
RP9I6LyZbZMmHXP2zXa/G2REX9IMYtI0KobSVc1HGZDEYaXp+fa2mBdS8VZYQTGs
0uaLsGYh1wHw62qYKYN8YFUmxRhOPrqjFeLzaviDffGYj91NdsVWZmpu6fikpsat
sCsNg1XLHmbZv0LUpzApn6SDnXzFcw/1sAQML+tzr5abgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:31:47 2025 by rpki-client