Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
File: 83d64fad-2f6b-441a-9079-e9e60d149aec.roa (raw, json)
Hash identifier: RNmi2onHFsRTrnH1ee30JgjyfFm65B4nvfuhFPD83RM=
Subject key identifier: D1:D3:27:76:EF:5C:7B:74:07:98:61:52:A2:A5:0B:3F:02:68:E3:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 219E6410ACB8D8A32D145471D32739372E4F5B3F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
Signing time: Wed 22 Oct 2025 00:50:18 +0000
ROA not before: Wed 22 Oct 2025 00:50:18 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:9e:64:10:ac:b8:d8:a3:2d:14:54:71:d3:27:39:37:2e:4f:5b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:18 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=a6cec76ed0f674d486c1962de521368be0bb6a8abb549a6ee412d16618787c2e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:47:7d:25:e4:5d:de:7c:bb:40:04:19:33:b7:
ac:3f:fa:f0:49:f5:43:54:e4:0f:3b:d8:1d:0e:eb:
92:48:60:20:2a:10:d6:cd:56:10:2c:97:98:f7:53:
4d:1d:5c:ce:5b:84:52:fe:0d:72:10:26:9c:ee:46:
bd:13:a7:3a:f4:64:b3:42:71:f3:14:d9:4d:65:31:
01:9e:6c:63:43:f5:4b:81:df:d2:56:a3:3e:57:b4:
77:8b:5c:dd:2d:26:97:0a:07:b9:d2:67:38:3f:c3:
dd:31:3c:83:0f:ad:e6:8f:4a:cf:f1:04:a9:55:3c:
60:15:ec:b1:18:dd:5c:fd:4e:c8:16:be:be:7e:20:
08:08:a3:47:9b:3c:8d:e8:55:58:10:66:1e:3a:95:
7a:4a:5e:80:6b:aa:d6:b3:39:77:93:f4:49:08:62:
b4:dc:0c:cd:1c:82:53:6b:9b:d8:32:7c:8b:d2:41:
57:a5:97:e5:7d:3d:d5:77:cf:b7:31:b8:be:28:cb:
4c:6c:4d:10:2e:6a:1a:e8:5c:96:dd:21:ea:33:e2:
b7:96:5c:08:c5:3f:cf:82:38:49:3c:cb:c4:04:8e:
75:81:0f:1e:0d:86:d9:ce:be:0c:75:63:35:2c:ef:
37:9a:e1:88:6e:41:45:48:ee:ac:2a:9e:03:38:01:
e1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:D3:27:76:EF:5C:7B:74:07:98:61:52:A2:A5:0B:3F:02:68:E3:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83d64fad-2f6b-441a-9079-e9e60d149aec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:ef:9f:7a:01:19:74:99:55:16:95:21:9d:41:f4:ce:57:b9:
4b:f9:a0:6e:78:31:11:f4:6f:d4:d4:b4:1c:39:c5:9f:7e:08:
89:3f:1a:7b:2a:88:5f:5c:32:2e:4e:5d:69:0a:81:b3:e4:a6:
ef:e4:7e:96:6c:03:7d:20:39:ba:62:62:73:52:4c:4d:4d:22:
b1:23:3d:04:0f:a8:ef:49:f9:18:a0:53:ec:2b:ef:bc:3e:db:
0b:4c:8b:29:22:a1:cc:f3:c3:d8:99:73:e5:9c:6c:90:05:77:
e3:25:13:67:76:4a:2e:b0:7f:4a:20:02:ca:72:dc:fb:94:ab:
f2:3a:a6:e6:da:7f:09:80:ae:5c:f5:69:95:b3:98:08:91:79:
f2:47:35:0c:ce:94:2b:8d:cb:1a:37:da:56:2a:d4:54:74:72:
ce:de:00:eb:37:f4:14:63:10:f1:f2:0f:34:a5:ac:7b:c5:b8:
46:3f:47:d4:91:97:80:12:e1:18:4d:ea:3e:12:91:56:aa:2f:
0d:60:97:55:f8:c1:ca:4f:17:c6:aa:4b:32:ed:b7:2d:76:f4:
60:06:43:dd:e9:eb:59:22:cd:c8:31:10:8e:0d:ff:2e:5b:32:
36:2a:e5:4d:9f:d3:c7:49:a8:30:cc:91:7b:e5:32:b4:37:47:
d7:49:ab:9f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIZ5kEKy42KMtFFRx0yc5Ny5PWz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMThaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2Y2VjNzZlZDBmNjc0ZDQ4NmMxOTYyZGU1MjEzNjhiZTBiYjZhOGFiYjU0
OWE2ZWU0MTJkMTY2MTg3ODdjMmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRHfSXkXd58u0AEGTO3rD/68En1Q1TkDzvYHQ7rkkhgICoQ1s1WECyXmPdT
TR1czluEUv4NchAmnO5GvROnOvRks0Jx8xTZTWUxAZ5sY0P1S4Hf0lajPle0d4tc
3S0mlwoHudJnOD/D3TE8gw+t5o9Kz/EEqVU8YBXssRjdXP1OyBa+vn4gCAijR5s8
jehVWBBmHjqVekpegGuq1rM5d5P0SQhitNwMzRyCU2ub2DJ8i9JBV6WX5X091XfP
tzG4vijLTGxNEC5qGuhclt0h6jPit5ZcCMU/z4I4STzLxASOdYEPHg2G2c6+DHVj
NSzvN5rhiG5BRUjurCqeAzgB4eECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTR0yd2
71x7dAeYYVKipQs/AmjjkTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNkNjRmYWQtMmY2Yi00NDFhLTkwNzktZTllNjBkMTQ5YWVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAt++fegEZdJlVFpUhnUH0zle5S/mgbngxEfRv1NS0
HDnFn34IiT8aeyqIX1wyLk5daQqBs+Sm7+R+lmwDfSA5umJic1JMTU0isSM9BA+o
70n5GKBT7CvvvD7bC0yLKSKhzPPD2Jlz5ZxskAV34yUTZ3ZKLrB/SiACynLc+5Sr
8jqm5tp/CYCuXPVplbOYCJF58kc1DM6UK43LGjfaVirUVHRyzt4A6zf0FGMQ8fIP
NKWse8W4Rj9H1JGXgBLhGE3qPhKRVqovDWCXVfjByk8XxqpLMu23LXb0YAZD3enr
WSLNyDEQjg3/LlsyNirlTZ/Tx0moMMyRe+UytDdH10mrnw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:06 2025 by rpki-client