Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
File: 39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa (raw, json)
Hash identifier: nZUA0eB0Y+fqgO6mxj3MmT9s7NcUKp5nv2P43t38rPM=
Subject key identifier: 73:EF:44:87:9A:3D:5E:7D:B4:7E:60:90:14:2B:B9:CE:EF:BF:D5:A5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C255DE97EDD6B19E2D4A46C73DBFC5D9A2B9942
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
Signing time: Wed 22 Oct 2025 00:50:02 +0000
ROA not before: Wed 22 Oct 2025 00:50:02 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.80.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:25:5d:e9:7e:dd:6b:19:e2:d4:a4:6c:73:db:fc:5d:9a:2b:99:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:02 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=20fc7998c43fb6245c2b9df9a5e23856e9ddeda258830f6879c9ed25fb7c979d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b9:d3:41:fa:ae:cf:08:61:f7:60:5f:b1:a0:
eb:c7:78:c8:46:49:f5:ce:3e:f3:5b:8a:c7:e0:15:
21:6f:1a:6a:c6:81:ac:39:74:35:85:4a:23:35:77:
21:38:56:e1:20:a1:31:4a:8e:8b:0a:a0:4b:3a:99:
9e:68:21:b5:59:01:3a:c8:32:fa:8a:19:b2:54:d7:
04:f0:c6:15:66:2c:43:21:20:6f:e9:e9:5e:92:3c:
d0:81:ee:ac:01:b2:32:e3:05:de:d3:f3:e6:1b:74:
fd:c9:36:c4:f2:cf:13:8d:1e:9c:81:eb:d2:85:a0:
fc:8e:df:88:29:16:f1:79:d1:0d:b3:0a:69:94:7e:
34:c0:79:11:5c:7e:6a:58:80:72:a1:7c:29:af:cf:
fc:f5:4c:8a:20:6d:d8:1d:e8:9d:e1:14:7c:3b:c7:
60:ef:ab:d2:3c:e6:c4:1b:ed:96:95:20:1a:00:8a:
72:91:9a:11:ba:38:c9:29:ba:c0:14:f1:91:f8:33:
64:f7:07:c9:61:4a:4b:fa:cd:89:f7:87:f1:94:47:
8c:36:03:16:cf:f8:fa:ae:ef:bd:af:76:1f:8d:63:
ce:7e:77:c3:8c:ca:fe:d0:a6:7b:61:a3:3a:17:b7:
b3:ca:44:00:e0:ed:bf:7d:d6:70:1a:42:23:53:bc:
98:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:EF:44:87:9A:3D:5E:7D:B4:7E:60:90:14:2B:B9:CE:EF:BF:D5:A5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/39032a05-08aa-42f2-98fc-8aa6aeee1dc2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.80.0/21
Signature Algorithm: sha256WithRSAEncryption
d7:92:27:56:23:3a:9d:67:fd:95:36:e5:bf:42:88:e0:13:c4:
e0:5e:f3:73:87:3e:cc:a0:8a:38:3b:da:aa:2f:4b:e6:47:a2:
c0:8d:36:fb:e9:61:17:b7:4a:c5:c2:f6:54:13:37:22:bd:9a:
5c:9e:06:e4:24:f7:72:0c:a8:6f:23:19:a0:56:16:31:f3:b2:
32:7b:ec:41:71:21:be:bd:23:4f:fb:3a:74:84:ec:61:a4:c6:
67:40:e2:c4:e7:c3:31:1d:d1:01:ea:7c:58:17:2a:40:92:36:
eb:a5:ae:2d:be:27:a0:f2:78:10:20:ba:c6:ca:5e:df:69:77:
93:00:76:1b:84:66:ab:f9:7d:7a:1a:4a:db:18:fb:79:e2:3a:
79:97:40:21:bf:87:9a:ec:b3:20:ad:4c:1f:3f:92:91:49:04:
fa:90:b7:f2:d2:9d:3e:03:33:e1:ba:c4:b9:19:40:3b:45:13:
1f:ec:6e:23:ff:3c:73:74:88:fa:da:17:58:fa:0b:1e:33:41:
a1:ac:2a:04:7a:06:2f:96:36:58:21:77:57:70:a6:5c:80:d3:
cb:90:cb:bb:8a:23:0e:ed:32:80:cb:12:07:a6:2c:56:5d:eb:
a7:88:d6:56:d7:3a:12:44:6a:92:42:55:99:b7:ab:11:4d:da:
11:a2:1f:ff
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbCVd6X7daxni1KRsc9v8XZormUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMDJaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwZmM3OTk4YzQzZmI2MjQ1YzJiOWRmOWE1ZTIzODU2ZTlkZGVkYTI1ODgz
MGY2ODc5YzllZDI1ZmI3Yzk3OWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6500H6rs8IYfdgX7Gg68d4yEZJ9c4+81uKx+AVIW8aasaBrDl0NYVKIzV3
IThW4SChMUqOiwqgSzqZnmghtVkBOsgy+ooZslTXBPDGFWYsQyEgb+npXpI80IHu
rAGyMuMF3tPz5ht0/ck2xPLPE40enIHr0oWg/I7fiCkW8XnRDbMKaZR+NMB5EVx+
aliAcqF8Ka/P/PVMiiBt2B3oneEUfDvHYO+r0jzmxBvtlpUgGgCKcpGaEbo4ySm6
wBTxkfgzZPcHyWFKS/rNifeH8ZRHjDYDFs/4+q7vva92H41jzn53w4zK/tCme2Gj
Ohe3s8pEAODtv33WcBpCI1O8mAUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRz70SH
mj1efbR+YJAUK7nO77/VpTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzkwMzJhMDUtMDhhYS00MmYyLTk4ZmMtOGFhNmFlZWUxZGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAUDAN
BgkqhkiG9w0BAQsFAAOCAQEA15InViM6nWf9lTblv0KI4BPE4F7zc4c+zKCKODva
qi9L5keiwI02++lhF7dKxcL2VBM3Ir2aXJ4G5CT3cgyobyMZoFYWMfOyMnvsQXEh
vr0jT/s6dITsYaTGZ0DixOfDMR3RAep8WBcqQJI266WuLb4noPJ4ECC6xspe32l3
kwB2G4Rmq/l9ehpK2xj7eeI6eZdAIb+HmuyzIK1MHz+SkUkE+pC38tKdPgMz4brE
uRlAO0UTH+xuI/88c3SI+toXWPoLHjNBoawqBHoGL5Y2WCF3V3CmXIDTy5DLu4oj
Du0ygMsSB6YsVl3rp4jWVtc6EkRqkkJVmberEU3aEaIf/w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:26:38 2025 by rpki-client