Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
File: 8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa (raw, json)
Hash identifier: mCZgnnLmFh7mrYY+WaUnZmHEav98bdzhLi4+8XE0bS0=
Subject key identifier: C7:CF:51:1D:6E:B9:3F:9E:92:82:C9:9C:85:14:F4:55:CA:CF:6D:31
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 579EA2235035D7099AB0CFE83D50D77B09AD2E13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
Signing time: Wed 22 Oct 2025 00:50:03 +0000
ROA not before: Wed 22 Oct 2025 00:50:03 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:9e:a2:23:50:35:d7:09:9a:b0:cf:e8:3d:50:d7:7b:09:ad:2e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:03 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=24e33ebf10d7b8e82498d1a4b8fc04094b9f4e8d4c36a728c52b567b178e8862, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:fe:4d:2b:ea:4b:45:32:89:e0:10:2c:79:2c:
13:81:63:d6:1d:1e:6f:97:1e:a7:05:66:95:35:82:
80:71:6d:8c:74:96:aa:67:84:c3:ac:71:61:8e:58:
c7:be:88:69:ea:29:b9:e9:b8:1f:68:82:d2:63:55:
35:82:25:57:17:37:53:5b:35:85:1b:e6:23:11:63:
49:40:ae:f6:d3:20:58:da:54:c5:48:3a:4b:80:49:
0f:5e:1e:bc:df:50:17:f4:6e:26:f2:f8:22:6d:b7:
b9:ef:af:9c:5d:ad:10:68:57:3f:c7:f9:ba:b8:85:
0c:13:9d:f6:5b:98:6d:a4:8b:af:49:48:7e:2b:3d:
20:72:03:dd:ad:ee:09:4a:38:97:ee:c6:81:a5:16:
d9:46:e7:84:45:3a:85:e6:ba:ca:b7:7e:f5:f2:f8:
5d:c6:f0:a8:dc:a1:2a:61:bb:d9:3f:dc:97:27:22:
a6:ab:f9:c7:a0:93:00:7c:71:05:b4:13:59:13:f1:
63:ce:b5:4d:a4:94:51:e1:55:dd:f3:12:14:e4:01:
8a:3e:77:51:1c:2a:68:59:8b:11:4a:49:35:af:38:
4d:70:c3:59:f5:20:9d:cb:d3:0d:f7:e9:c5:ec:1e:
18:49:0a:0e:37:3f:98:bf:16:1c:66:c7:68:cc:1f:
33:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CF:51:1D:6E:B9:3F:9E:92:82:C9:9C:85:14:F4:55:CA:CF:6D:31
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8c7710c7-6ab8-4545-b04c-0bbeaa573eae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:8e:80:f6:b3:ae:9a:8c:16:2f:42:c0:c5:d2:ab:46:63:08:
44:03:e6:42:57:f7:c3:34:a8:33:9c:e8:d3:18:c9:40:0b:62:
95:4c:ea:bc:e8:c9:47:05:8a:49:4a:ad:29:38:f6:d3:9e:4f:
ad:b8:85:fd:11:34:70:93:e4:c9:00:b7:ab:35:22:b7:f1:16:
17:51:85:fc:2d:c5:0e:ee:cf:31:5b:35:4a:fe:c5:97:a2:c4:
bf:4b:a9:26:8c:c2:a4:e9:1d:44:0b:57:03:01:c4:0a:88:8d:
ac:50:79:da:d8:57:0d:db:62:bb:af:98:f2:44:60:f9:a4:c2:
db:0f:a5:58:da:cf:d5:9f:1c:66:a0:e9:4b:a9:3a:65:60:10:
5a:13:ac:88:74:7f:97:c8:70:3b:b8:c5:86:85:58:69:e0:61:
d6:e9:64:a6:1c:74:fc:1a:01:91:b4:cc:fe:97:24:f0:53:72:
73:78:0e:fa:6f:f3:41:73:d7:a3:23:73:74:86:60:46:76:1c:
70:11:25:ef:14:3e:30:07:af:9c:68:60:4c:df:55:cd:05:ce:
db:98:b5:bc:c0:70:bc:a0:f7:ce:23:90:12:c0:ee:34:54:00:
f7:12:02:de:a8:b1:ec:8b:2d:d3:44:fd:21:54:3a:1c:1d:01:
4d:d9:0b:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV56iI1A11wmasM/oPVDXewmtLhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMDNaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0ZTMzZWJmMTBkN2I4ZTgyNDk4ZDFhNGI4ZmMwNDA5NGI5ZjRlOGQ0YzM2
YTcyOGM1MmI1NjdiMTc4ZTg4NjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3+TSvqS0UyieAQLHksE4Fj1h0eb5cepwVmlTWCgHFtjHSWqmeEw6xxYY5Y
x76Iaeopuem4H2iC0mNVNYIlVxc3U1s1hRvmIxFjSUCu9tMgWNpUxUg6S4BJD14e
vN9QF/RuJvL4Im23ue+vnF2tEGhXP8f5uriFDBOd9luYbaSLr0lIfis9IHID3a3u
CUo4l+7GgaUW2UbnhEU6hea6yrd+9fL4XcbwqNyhKmG72T/clycipqv5x6CTAHxx
BbQTWRPxY861TaSUUeFV3fMSFOQBij53URwqaFmLEUpJNa84TXDDWfUgncvTDffp
xeweGEkKDjc/mL8WHGbHaMwfM7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHz1Ed
brk/npKCyZyFFPRVys9tMTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGM3NzEwYzctNmFiOC00NTQ1LWIwNGMtMGJiZWFhNTczZWFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNwMA0G
CSqGSIb3DQEBCwUAA4IBAQBvjoD2s66ajBYvQsDF0qtGYwhEA+ZCV/fDNKgznOjT
GMlAC2KVTOq86MlHBYpJSq0pOPbTnk+tuIX9ETRwk+TJALerNSK38RYXUYX8LcUO
7s8xWzVK/sWXosS/S6kmjMKk6R1EC1cDAcQKiI2sUHna2FcN22K7r5jyRGD5pMLb
D6VY2s/VnxxmoOlLqTplYBBaE6yIdH+XyHA7uMWGhVhp4GHW6WSmHHT8GgGRtMz+
lyTwU3JzeA76b/NBc9ejI3N0hmBGdhxwESXvFD4wB6+caGBM31XNBc7bmLW8wHC8
oPfOI5ASwO40VAD3EgLeqLHsiy3TRP0hVDocHQFN2Qta
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:46 2025 by rpki-client