Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: AFz5qQD51WfNyxEXm7Q4AcM4bWNBb1gtd0B+m0YUcJ4=
Subject key identifier: 62:D5:3F:44:6D:B3:AA:4E:A7:15:0A:AE:EA:20:CC:F4:80:4D:A3:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0ABB5BFABC912BC0625B1E612A7EFC142D2AA857
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Tue 21 Oct 2025 14:50:42 +0000
ROA not before: Tue 21 Oct 2025 14:50:42 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:bb:5b:fa:bc:91:2b:c0:62:5b:1e:61:2a:7e:fc:14:2d:2a:a8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:42 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8840ef3c56e528cadbee4a70a3c15c9e2eaedee89070d8e71b7f2b1111dd1f52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:12:45:84:8e:f8:fe:f4:e1:9f:c9:1c:5b:63:
86:62:2b:67:bf:87:1b:4e:32:4a:8b:5b:7e:30:9e:
00:23:72:4e:c8:50:29:b4:36:b5:51:fd:5f:a4:17:
3e:49:49:53:55:24:12:33:05:3e:74:34:e6:78:ec:
8a:27:fc:4f:b9:4e:c7:e4:4c:4e:c4:33:28:ca:b0:
ee:01:64:dc:51:21:b5:34:82:98:e8:65:4f:7d:37:
22:73:26:a5:00:8c:43:66:2a:a7:40:76:23:eb:6b:
5f:b4:67:c3:4a:0e:92:58:c9:67:96:35:a9:c8:4b:
bd:e7:2d:04:1c:85:ce:47:5c:8b:14:b8:5b:a3:51:
2d:ca:bc:b9:f0:4e:5a:82:1c:de:94:2a:6a:79:3b:
02:91:e9:24:1a:c3:08:64:f9:6a:fe:6b:5d:39:44:
29:a4:06:24:d2:93:b6:4a:cc:45:ff:d8:5e:56:c8:
e3:db:5a:72:bc:64:0f:7b:9e:67:67:ef:8e:f9:f3:
bf:da:cd:73:76:eb:75:bf:0e:33:b5:98:d4:81:3b:
f1:d8:a1:f7:ae:1a:e3:11:a1:f6:41:2c:f2:83:5e:
0d:90:cc:19:53:e5:1a:b0:6a:73:95:b6:6d:f3:14:
96:d1:52:4e:84:b7:40:ca:81:d8:a0:38:ed:ad:15:
36:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:D5:3F:44:6D:B3:AA:4E:A7:15:0A:AE:EA:20:CC:F4:80:4D:A3:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a6:c7:c3:eb:3f:fd:27:61:00:9d:e2:3e:e5:44:22:c1:32:d0:
c0:25:b6:85:dd:c9:78:12:ae:47:2c:00:d2:16:b6:48:72:c2:
89:64:bb:80:36:0c:85:da:4a:67:84:59:6f:08:17:5e:99:7b:
5b:18:fe:04:89:69:72:3b:bd:f4:aa:af:cc:2c:1a:f9:40:60:
fb:f6:d0:43:d0:2e:fc:65:4f:7d:74:94:59:f5:d6:65:eb:14:
57:76:64:1b:32:07:57:41:61:55:99:0d:6e:2e:87:fd:2f:3d:
a8:e4:29:dd:e3:3e:8f:5e:b3:3b:30:11:a8:9f:ae:60:1a:02:
1d:a0:04:19:5c:2e:c8:c8:e3:99:c1:1a:63:77:7b:d2:f2:61:
50:2d:95:4c:44:1d:1f:2f:7f:10:df:9a:86:52:43:0c:9a:d4:
29:35:90:81:a1:c3:45:c9:36:c2:d6:07:fb:77:61:6d:f2:ef:
c6:a3:48:70:a0:d6:60:08:e9:c9:85:73:43:61:a4:43:11:4e:
1f:22:33:89:35:67:86:11:5a:f5:e3:62:01:2a:f9:3d:14:31:
08:cf:4e:8c:46:14:da:3c:9f:88:19:61:7c:84:ce:d2:58:ae:
68:d2:d5:28:eb:5a:1f:62:22:f9:03:e9:f4:02:e9:d5:ad:74:
1c:4b:40:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCrtb+ryRK8BiWx5hKn78FC0qqFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwNDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4NDBlZjNjNTZlNTI4Y2FkYmVlNGE3MGEzYzE1YzllMmVhZWRlZTg5MDcw
ZDhlNzFiN2YyYjExMTFkZDFmNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQSRYSO+P704Z/JHFtjhmIrZ7+HG04ySotbfjCeACNyTshQKbQ2tVH9X6QX
PklJU1UkEjMFPnQ05njsiif8T7lOx+RMTsQzKMqw7gFk3FEhtTSCmOhlT303InMm
pQCMQ2Yqp0B2I+trX7Rnw0oOkljJZ5Y1qchLvectBByFzkdcixS4W6NRLcq8ufBO
WoIc3pQqank7ApHpJBrDCGT5av5rXTlEKaQGJNKTtkrMRf/YXlbI49tacrxkD3ue
Z2fvjvnzv9rNc3brdb8OM7WY1IE78dih964a4xGh9kEs8oNeDZDMGVPlGrBqc5W2
bfMUltFSToS3QMqB2KA47a0VNqcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRi1T9E
bbOqTqcVCq7qIMz0gE2jhDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQCmx8PrP/0nYQCd4j7lRCLBMtDAJbaF3cl4Eq5HLADS
FrZIcsKJZLuANgyF2kpnhFlvCBdemXtbGP4EiWlyO730qq/MLBr5QGD79tBD0C78
ZU99dJRZ9dZl6xRXdmQbMgdXQWFVmQ1uLof9Lz2o5Cnd4z6PXrM7MBGon65gGgId
oAQZXC7IyOOZwRpjd3vS8mFQLZVMRB0fL38Q35qGUkMMmtQpNZCBocNFyTbC1gf7
d2Ft8u/Go0hwoNZgCOnJhXNDYaRDEU4fIjOJNWeGEVr142IBKvk9FDEIz06MRhTa
PJ+IGWF8hM7SWK5o0tUo61ofYiL5A+n0AunVrXQcS0Dl
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:26:32 2025 by rpki-client