Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: crLLZhgY36SfRJRvvWxjqqSoKFzEmYktp9bSudqrNQ0=
Subject key identifier: FE:45:56:B3:82:38:81:64:77:D2:82:B6:96:BE:37:AA:C9:3E:DA:BE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72BB609582CF347F75160C2EB5721D32DD66A724
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Fri 24 Oct 2025 00:40:22 +0000
ROA not before: Fri 24 Oct 2025 00:40:22 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:bb:60:95:82:cf:34:7f:75:16:0c:2e:b5:72:1d:32:dd:66:a7:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:22 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=233ab12c88845dc8e39f46a7e2b1a8db032e665a7e0d0dbffcd30be2ad61d9f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:19:5d:57:c9:f3:ee:62:b5:be:ea:59:d0:c4:
77:d3:0f:44:28:dc:ef:6f:0c:af:00:36:54:65:2b:
a1:ce:4c:e6:e1:60:ac:47:4f:96:e1:7e:a7:b8:18:
e7:ed:57:06:29:49:5a:15:0d:a5:3c:b2:03:a3:5b:
69:11:b1:6b:08:6b:b7:bf:70:d3:b5:e1:02:49:d1:
6d:78:17:1f:65:89:b5:78:90:e4:e5:f0:df:c7:fe:
b3:8c:ac:94:35:2c:e5:b1:db:d0:b6:bb:43:a7:62:
df:db:3e:2c:33:01:ee:e6:d0:c7:e4:76:74:a2:10:
61:30:58:fa:2c:84:5e:f0:8c:45:5c:8a:02:dc:49:
fe:b2:8c:bf:87:09:79:e2:4f:dd:95:3b:d5:61:08:
18:ac:fd:76:a8:f5:e8:7a:75:e4:9e:d7:1f:ee:67:
24:ff:d4:a2:64:91:ba:5c:d9:ab:6c:0a:a5:fb:3f:
b5:25:88:b7:c7:6c:58:e2:8f:7e:47:4c:0c:9b:56:
92:dc:b2:0c:35:a3:06:81:0f:05:3c:44:23:ff:1b:
5f:51:c1:e2:70:c0:4c:e0:79:36:70:99:e0:ce:0d:
28:5c:ef:44:5c:43:98:cc:6f:ec:fc:4a:a1:3f:ac:
4a:23:8b:62:5b:91:80:5b:10:69:4f:c2:c7:b0:de:
f3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:45:56:B3:82:38:81:64:77:D2:82:B6:96:BE:37:AA:C9:3E:DA:BE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
2b:4b:b1:7c:6c:84:d8:5e:fa:3a:b7:d4:22:cc:61:d0:74:a6:
98:5b:2e:ca:ee:1a:cd:75:f5:11:6d:9f:87:9f:e7:20:11:69:
4f:f8:29:02:2b:d9:b1:fd:a4:1e:b2:43:22:21:e4:fa:fe:31:
dd:4f:34:c5:45:6e:0f:14:33:af:30:08:c8:aa:12:f2:84:13:
3f:54:b9:b3:7c:9e:64:af:46:1f:3a:53:89:24:1c:cc:1f:b5:
a1:19:58:19:9c:c0:88:a5:e2:f5:3c:01:4c:e6:48:b8:03:e9:
41:1c:9e:38:38:9f:d1:fd:03:46:79:3e:16:f8:b7:99:41:a8:
48:f3:ca:e7:4d:e2:4d:2d:85:b8:e5:fc:4b:94:59:d7:eb:1f:
37:86:2a:e6:b5:88:59:a9:35:a4:ff:0a:42:16:18:c3:44:a5:
10:cd:5f:0c:3b:37:e0:79:b0:c1:23:b9:3d:b8:a4:c0:ae:34:
f3:06:7d:52:0f:26:3f:91:ea:65:a5:8c:a5:62:96:f4:5f:d5:
29:ed:1c:2b:52:b0:88:9b:21:5c:e0:3e:38:86:29:87:d6:6f:
a2:2c:d2:9d:67:86:b7:ba:4a:43:44:3a:7f:11:e5:e5:c0:09:
11:4c:25:a7:de:05:6d:29:4a:50:d1:ff:f7:05:de:82:21:93:
96:24:25:ac
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcrtglYLPNH91FgwutXIdMt1mpyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjJaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzM2FiMTJjODg4NDVkYzhlMzlmNDZhN2UyYjFhOGRiMDMyZTY2NWE3ZTBk
MGRiZmZjZDMwYmUyYWQ2MWQ5ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4ZXVfJ8+5itb7qWdDEd9MPRCjc728MrwA2VGUroc5M5uFgrEdPluF+p7gY
5+1XBilJWhUNpTyyA6NbaRGxawhrt79w07XhAknRbXgXH2WJtXiQ5OXw38f+s4ys
lDUs5bHb0La7Q6di39s+LDMB7ubQx+R2dKIQYTBY+iyEXvCMRVyKAtxJ/rKMv4cJ
eeJP3ZU71WEIGKz9dqj16Hp15J7XH+5nJP/UomSRulzZq2wKpfs/tSWIt8dsWOKP
fkdMDJtWktyyDDWjBoEPBTxEI/8bX1HB4nDATOB5NnCZ4M4NKFzvRFxDmMxv7PxK
oT+sSiOLYluRgFsQaU/Cx7De8xcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+RVaz
gjiBZHfSgraWvjeqyT7avjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQArS7F8bITYXvo6t9QizGHQdKaYWy7K7hrNdfURbZ+H
n+cgEWlP+CkCK9mx/aQeskMiIeT6/jHdTzTFRW4PFDOvMAjIqhLyhBM/VLmzfJ5k
r0YfOlOJJBzMH7WhGVgZnMCIpeL1PAFM5ki4A+lBHJ44OJ/R/QNGeT4W+LeZQahI
88rnTeJNLYW45fxLlFnX6x83hirmtYhZqTWk/wpCFhjDRKUQzV8MOzfgebDBI7k9
uKTArjTzBn1SDyY/keplpYylYpb0X9Up7RwrUrCImyFc4D44himH1m+iLNKdZ4a3
ukpDRDp/EeXlwAkRTCWn3gVtKUpQ0f/3Bd6CIZOWJCWs
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:30:44 2025 by rpki-client