Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
File: 2740a5f5-ec55-42ac-b7df-f4c863c83981.roa (raw, json)
Hash identifier: 63YORhk7tuDnb4l9fHWVSN1csHuZHgr10jghci5w/90=
Subject key identifier: BF:37:94:CE:7A:89:22:3A:E5:7C:42:57:3E:74:98:75:B9:0D:16:83
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13CF4E0F795B57C4B61ED974FBAF2469FE62B7E5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
Signing time: Tue 21 Oct 2025 14:40:06 +0000
ROA not before: Tue 21 Oct 2025 14:40:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:cf:4e:0f:79:5b:57:c4:b6:1e:d9:74:fb:af:24:69:fe:62:b7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=69740b60ee1de5808dc3ea348a20b66557b6bf018b8116db80a919b76bd40279, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:05:d5:91:dc:1a:a9:8d:55:00:f8:79:9e:
72:e7:21:c8:b4:c4:09:0b:58:45:aa:3b:2c:29:50:
ed:67:6f:ec:9f:6e:3b:bb:90:be:9c:67:61:71:9a:
be:f8:c9:e2:7d:b5:41:58:71:59:97:82:c8:c8:0c:
8c:00:bd:b7:cc:6f:b8:38:f8:0b:00:8b:98:92:2d:
65:fc:8d:3d:b7:d4:73:c9:51:fb:d2:fe:a8:2a:59:
e9:98:9a:89:0d:24:4a:6f:fa:49:8c:16:5e:37:a8:
74:8b:25:cb:79:d7:ed:0e:fd:b3:b5:ff:14:d3:b4:
1b:13:0b:f5:dd:c6:d4:c4:7f:9b:90:08:7c:8f:d2:
01:53:2d:f1:9f:94:83:a8:ca:96:75:7b:1b:7f:62:
09:69:e1:7c:27:cc:79:e0:3d:f4:4b:c5:ac:30:70:
cb:c8:72:a6:ab:11:1e:b4:e0:d5:a0:b5:68:cc:c9:
9b:64:72:92:43:51:4b:f2:88:b8:29:b3:bd:9c:b3:
c9:b8:be:60:e8:43:c3:e8:57:cd:28:c4:0b:8b:cd:
ec:27:13:22:b8:c0:c1:a8:c2:e5:14:21:61:0c:06:
5b:a9:04:12:95:51:5d:2a:e5:88:9d:43:c2:c3:2b:
d9:f5:a4:a0:2e:36:50:a2:73:4f:a2:81:9f:c1:7a:
fe:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:37:94:CE:7A:89:22:3A:E5:7C:42:57:3E:74:98:75:B9:0D:16:83
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2740a5f5-ec55-42ac-b7df-f4c863c83981.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
24:4e:95:e6:bd:d3:9e:bf:c5:da:fe:d6:2d:23:7a:7f:3f:e4:
02:33:3d:10:1a:76:b1:c3:c9:93:2c:83:d6:b0:21:1d:fd:16:
ef:9c:ad:71:1d:33:d9:eb:e9:ba:b3:dc:e1:2d:b8:29:f5:fd:
27:86:04:3b:0d:4a:67:52:41:89:73:f0:28:47:9e:85:4c:da:
84:3f:d3:65:91:a3:f4:49:16:9a:9a:28:1b:57:f2:9c:39:1e:
9d:76:c2:12:96:4a:17:07:f5:33:df:34:ad:13:f3:dc:71:53:
68:59:58:2b:7d:55:b7:d7:0c:51:c8:91:64:cb:29:e6:4b:80:
fe:f4:eb:00:b1:c0:93:98:8b:a5:bd:77:28:d0:0c:c8:a2:3b:
de:61:4b:64:7c:cc:be:91:4e:92:5f:ef:ca:9e:11:58:d7:6b:
a6:0b:57:8f:ee:93:17:f5:f8:45:97:da:39:a4:ba:f1:7d:0e:
c4:5d:e2:07:c9:ab:41:f9:1f:93:8f:7d:eb:00:cc:c6:71:d7:
54:34:e8:b0:df:13:72:06:ac:52:d0:83:71:8d:ee:f2:c2:04:
0c:47:fd:fe:0a:ad:44:42:f7:75:a0:c2:e2:c3:78:4d:62:d4:
d8:96:78:df:93:f4:51:46:d0:64:44:78:64:60:5e:9e:e1:db:
d9:97:a7:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE89OD3lbV8S2Htl0+68kaf5it+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NzQwYjYwZWUxZGU1ODA4ZGMzZWEzNDhhMjBiNjY1NTdiNmJmMDE4Yjgx
MTZkYjgwYTkxOWI3NmJkNDAyNzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcQBdWR3BqpjVUA+HmecuchyLTECQtYRao7LClQ7Wdv7J9uO7uQvpxnYXGa
vvjJ4n21QVhxWZeCyMgMjAC9t8xvuDj4CwCLmJItZfyNPbfUc8lR+9L+qCpZ6Zia
iQ0kSm/6SYwWXjeodIsly3nX7Q79s7X/FNO0GxML9d3G1MR/m5AIfI/SAVMt8Z+U
g6jKlnV7G39iCWnhfCfMeeA99EvFrDBwy8hypqsRHrTg1aC1aMzJm2RykkNRS/KI
uCmzvZyzybi+YOhDw+hXzSjEC4vN7CcTIrjAwajC5RQhYQwGW6kEEpVRXSrliJ1D
wsMr2fWkoC42UKJzT6KBn8F6/rUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS/N5TO
eokiOuV8Qlc+dJh1uQ0WgzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mjc0MGE1ZjUtZWM1NS00MmFjLWI3ZGYtZjRjODYzYzgzOTgxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQAkTpXmvdOev8Xa/tYtI3p/P+QCMz0QGnaxw8mTLIPW
sCEd/RbvnK1xHTPZ6+m6s9zhLbgp9f0nhgQ7DUpnUkGJc/AoR56FTNqEP9NlkaP0
SRaamigbV/KcOR6ddsISlkoXB/Uz3zStE/PccVNoWVgrfVW31wxRyJFkyynmS4D+
9OsAscCTmIulvXco0AzIojveYUtkfMy+kU6SX+/KnhFY12umC1eP7pMX9fhFl9o5
pLrxfQ7EXeIHyatB+R+Tj33rAMzGcddUNOiw3xNyBqxS0INxje7ywgQMR/3+Cq1E
Qvd1oMLiw3hNYtTYlnjfk/RRRtBkRHhkYF6e4dvZl6eD
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:03 2025 by rpki-client