Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
File: 5480e32c-3a23-4243-82e3-c7eea059d814.roa (raw, json)
Hash identifier: i0zftQJ8A+58LUU8RyeIrCB87Vb48cNLAKMnbp6Akmw=
Subject key identifier: 32:AF:E8:1F:E4:70:0B:C4:01:FF:0C:D5:09:AF:8F:24:AF:98:28:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7070EA9367E0FFC81EF5BABF8CC3C77D21797715
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
Signing time: Fri 24 Oct 2025 00:40:10 +0000
ROA not before: Fri 24 Oct 2025 00:40:10 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:70:ea:93:67:e0:ff:c8:1e:f5:ba:bf:8c:c3:c7:7d:21:79:77:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:10 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=9b213f1ecff4c60ee5f1ac0d2f39266960d65d391e702d9d790db8f6078010dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:97:a7:5e:3b:7f:ce:48:1c:12:f2:6c:e4:ab:
2d:4a:4a:f3:37:e2:5d:d8:a4:54:fa:82:e2:1a:fc:
c7:3e:91:d5:40:8f:c7:8b:52:89:8c:e7:27:5d:d8:
87:e7:31:68:ab:4e:e2:36:d0:02:74:20:a7:59:7c:
96:30:eb:14:37:b5:b4:b6:0d:5d:a9:f7:cc:97:d4:
58:62:bd:17:d9:69:45:52:3f:5a:bc:68:e8:f0:d0:
86:b6:20:c2:9d:f2:62:aa:d9:02:67:77:a7:6a:e7:
30:af:a4:fe:1c:58:20:fa:8d:7b:c7:e6:4d:b7:cd:
4e:d1:e4:40:1b:54:8d:b7:c2:45:f2:e6:96:00:ab:
92:00:68:b2:db:f8:6d:09:be:a6:9c:db:b9:20:5c:
33:c6:c3:47:97:91:86:8d:f2:00:76:33:72:53:01:
b1:90:c8:05:5a:21:49:fa:d2:21:85:04:5f:31:df:
7b:e2:61:98:ec:9d:f5:a7:65:91:17:28:2f:d3:00:
17:02:6c:f5:c1:85:d6:30:19:a8:d9:1f:1f:88:1f:
62:d1:06:35:dc:de:87:b8:7c:0f:59:27:72:5d:e5:
c0:ab:b5:b4:9d:fc:01:ee:4f:59:83:7d:e5:57:34:
17:bd:f4:63:eb:2f:76:e6:03:e2:04:af:8b:7f:83:
b8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AF:E8:1F:E4:70:0B:C4:01:FF:0C:D5:09:AF:8F:24:AF:98:28:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5480e32c-3a23-4243-82e3-c7eea059d814.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:50:7b:73:82:b4:e4:f5:75:2d:db:85:60:3d:2f:fa:70:cd:
c5:51:37:36:f4:d5:bf:ce:81:04:5e:1b:8e:b7:81:70:c1:b4:
a7:2b:74:1e:c4:c3:db:d3:3f:7b:45:68:4f:e5:3a:14:bf:f9:
59:27:a9:e9:b2:3a:49:d9:f6:ac:ae:79:12:22:97:4b:15:db:
9b:e4:72:c6:11:41:b8:6e:be:7a:85:fb:7a:83:ec:b1:13:46:
c4:fc:a2:3a:5f:0e:2e:e2:36:a4:e6:ac:2a:0f:4d:78:29:bd:
6c:37:66:a8:eb:cb:cb:cf:54:a8:1a:c9:d5:2e:84:ce:7a:f3:
44:77:4c:06:7b:fe:3d:d4:a8:f2:7f:40:f1:aa:ef:e7:7e:38:
8e:96:47:be:77:90:fe:17:7a:d6:f7:ce:e0:eb:86:f9:c9:b3:
15:2d:5e:4a:24:33:cc:6c:34:b5:99:40:1d:2f:5f:b2:3a:56:
f0:f2:e7:81:ee:01:9a:c7:a7:be:0a:88:5b:a1:94:73:e6:cd:
ca:3f:0e:e7:e2:48:1d:1f:00:2c:e9:0a:75:5f:c5:a5:9f:c9:
f8:0e:4c:32:e5:53:50:2e:0d:d3:1e:fc:e8:5d:6e:f7:92:94:
0b:2d:c2:c3:b6:71:80:a4:30:6c:8b:e3:cb:77:df:34:1f:16:
cb:d3:bd:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcHDqk2fg/8ge9bq/jMPHfSF5dxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMTBaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMjEzZjFlY2ZmNGM2MGVlNWYxYWMwZDJmMzkyNjY5NjBkNjVkMzkxZTcw
MmQ5ZDc5MGRiOGY2MDc4MDEwZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2Xp147f85IHBLybOSrLUpK8zfiXdikVPqC4hr8xz6R1UCPx4tSiYznJ13Y
h+cxaKtO4jbQAnQgp1l8ljDrFDe1tLYNXan3zJfUWGK9F9lpRVI/Wrxo6PDQhrYg
wp3yYqrZAmd3p2rnMK+k/hxYIPqNe8fmTbfNTtHkQBtUjbfCRfLmlgCrkgBostv4
bQm+ppzbuSBcM8bDR5eRho3yAHYzclMBsZDIBVohSfrSIYUEXzHfe+JhmOyd9adl
kRcoL9MAFwJs9cGF1jAZqNkfH4gfYtEGNdzeh7h8D1kncl3lwKu1tJ38Ae5PWYN9
5Vc0F730Y+svduYD4gSvi3+DuHcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQyr+gf
5HALxAH/DNUJr48kr5goMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTQ4MGUzMmMtM2EyMy00MjQzLTgyZTMtYzdlZWEwNTlkODE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQBBUHtzgrTk9XUt24VgPS/6cM3FUTc29NW/zoEEXhuO
t4FwwbSnK3QexMPb0z97RWhP5ToUv/lZJ6npsjpJ2fasrnkSIpdLFdub5HLGEUG4
br56hft6g+yxE0bE/KI6Xw4u4jak5qwqD014Kb1sN2ao68vLz1SoGsnVLoTOevNE
d0wGe/491Kjyf0Dxqu/nfjiOlke+d5D+F3rW987g64b5ybMVLV5KJDPMbDS1mUAd
L1+yOlbw8ueB7gGax6e+CohboZRz5s3KPw7n4kgdHwAs6Qp1X8Wln8n4Dkwy5VNQ
Lg3THvzoXW73kpQLLcLDtnGApDBsi+PLd980HxbL073M
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:00:30 2025 by rpki-client