Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: jzanUGbY8Y9n5y1bRFeD7FKPIAa5hCTOWvk4e2mllKE=
Subject key identifier: 24:CE:5D:14:BF:09:C5:EC:BA:33:73:3A:11:94:E5:B1:DA:04:89:2D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13C3AF983A2006E65E84CFFF8F428AD4582DD37D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Tue 21 Oct 2025 14:50:04 +0000
ROA not before: Tue 21 Oct 2025 14:50:04 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c3:af:98:3a:20:06:e6:5e:84:cf:ff:8f:42:8a:d4:58:2d:d3:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:04 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=808a1837a9d3b76a689443019b87bec030e7a95e5e08d0b30f24268934dead6e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:91:6f:9b:68:00:eb:36:85:3e:6c:c1:25:7d:
a0:98:c8:de:85:67:5f:c5:88:0b:65:6a:7b:57:4f:
15:d8:e7:95:33:8b:c2:b6:b1:3e:b8:26:37:e5:88:
63:4c:b3:ba:c2:70:04:d3:25:0e:e8:11:f3:a1:c9:
63:25:42:a8:2a:21:a8:bc:9f:cf:56:5f:d5:67:ba:
e5:6e:18:5a:c8:72:a1:d9:b2:5f:3f:b9:cf:7f:06:
e0:db:8b:88:bb:05:ba:e9:56:e8:1a:21:f2:ca:63:
3a:9f:24:59:a8:9e:70:75:38:c3:79:d1:3a:ca:10:
e5:b5:be:fc:da:d5:b4:2f:66:47:ed:ae:df:e7:2a:
5f:20:3b:a2:45:e2:10:80:6d:07:53:38:21:1a:d6:
95:50:03:4e:93:9c:43:a7:b4:fe:1b:45:d3:00:1a:
2a:77:75:2e:48:bc:1c:b6:df:5c:89:f6:54:39:54:
f1:67:3f:ef:13:3e:70:de:68:60:fa:3f:56:fd:5d:
53:6d:de:ec:7b:05:01:48:56:b4:8a:aa:34:29:cb:
2c:f2:c6:62:a9:3a:54:25:65:be:cf:32:e8:90:f2:
43:37:8b:bf:a3:36:82:93:6b:99:68:3e:0d:48:94:
e2:cd:2c:26:fe:fc:ba:32:09:f6:e6:26:34:69:e8:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CE:5D:14:BF:09:C5:EC:BA:33:73:3A:11:94:E5:B1:DA:04:89:2D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
39:54:af:a7:e6:77:56:ac:60:5d:0c:93:7c:dc:c1:6a:23:c6:
bd:74:47:57:fc:4c:f3:ae:71:39:31:c2:a6:a5:77:c1:e2:ae:
5b:7e:1c:5f:21:8d:c0:f7:a2:75:0e:29:cf:cc:09:a4:cf:c6:
92:25:45:fd:88:cb:77:05:e9:fa:80:5a:b2:f2:d4:cd:3d:6a:
23:40:21:c8:d1:aa:95:5b:b3:e0:8a:f4:2f:c2:63:f5:de:07:
af:f5:17:0f:30:19:5c:b8:75:e5:01:d4:71:74:83:6b:fd:d1:
f3:71:6f:2d:1c:30:fd:6f:92:f4:fb:b0:cf:88:2c:56:bd:3b:
c0:17:72:7b:fe:87:53:cc:3c:7e:4e:12:6b:ef:fb:12:4a:cc:
16:33:89:e5:bd:79:da:ca:ee:75:56:29:22:a5:ef:f5:bd:4e:
d1:9d:7f:1a:2c:da:b4:85:46:c5:8b:f3:26:ec:be:71:0f:31:
b7:58:f6:00:51:5c:4c:70:bb:bb:f7:79:b8:f0:37:99:4f:89:
84:e8:22:05:44:74:61:b9:c2:68:c3:9a:ec:a1:00:7c:ab:69:
f8:9f:79:32:e5:87:ad:d9:00:f3:30:65:ee:d7:1c:e2:cd:96:
6f:a1:eb:13:eb:9f:64:57:af:e0:13:90:cb:2b:81:59:52:51:
65:6a:e0:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE8OvmDogBuZehM//j0KK1Fgt030wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwOGExODM3YTlkM2I3NmE2ODk0NDMwMTliODdiZWMwMzBlN2E5NWU1ZTA4
ZDBiMzBmMjQyNjg5MzRkZWFkNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOORb5toAOs2hT5swSV9oJjI3oVnX8WIC2Vqe1dPFdjnlTOLwraxPrgmN+WI
Y0yzusJwBNMlDugR86HJYyVCqCohqLyfz1Zf1We65W4YWshyodmyXz+5z38G4NuL
iLsFuulW6Boh8spjOp8kWaiecHU4w3nROsoQ5bW+/NrVtC9mR+2u3+cqXyA7okXi
EIBtB1M4IRrWlVADTpOcQ6e0/htF0wAaKnd1Lki8HLbfXIn2VDlU8Wc/7xM+cN5o
YPo/Vv1dU23e7HsFAUhWtIqqNCnLLPLGYqk6VCVlvs8y6JDyQzeLv6M2gpNrmWg+
DUiU4s0sJv78ujIJ9uYmNGno5ZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQkzl0U
vwnF7LozczoRlOWx2gSJLTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQA5VK+n5ndWrGBdDJN83MFqI8a9dEdX/EzzrnE5McKm
pXfB4q5bfhxfIY3A96J1DinPzAmkz8aSJUX9iMt3Ben6gFqy8tTNPWojQCHI0aqV
W7PgivQvwmP13gev9RcPMBlcuHXlAdRxdINr/dHzcW8tHDD9b5L0+7DPiCxWvTvA
F3J7/odTzDx+ThJr7/sSSswWM4nlvXnayu51Vikipe/1vU7RnX8aLNq0hUbFi/Mm
7L5xDzG3WPYAUVxMcLu793m48DeZT4mE6CIFRHRhucJow5rsoQB8q2n4n3ky5Yet
2QDzMGXu1xzizZZvoesT659kV6/gE5DLK4FZUlFlauDW
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:35:51 2025 by rpki-client