Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
File: 9adb83e6-fa36-47fa-b5be-856fd7247898.roa (raw, json)
Hash identifier: hJT7R1s/1PvQud6UPJ6uu2HmEe1CZ13C5V+SLAFc2ck=
Subject key identifier: FA:61:F6:8E:32:04:8A:D0:87:BF:CA:06:F9:61:F5:D0:09:B5:0F:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1975CA4C4E56750B2ADDC95292F74BC5085FF6A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
Signing time: Wed 22 Oct 2025 00:50:16 +0000
ROA not before: Wed 22 Oct 2025 00:50:16 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.104.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:75:ca:4c:4e:56:75:0b:2a:dd:c9:52:92:f7:4b:c5:08:5f:f6:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:16 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=b8377d389f965fbca8b50f736f2432d4d1ddb53f933ed286c57e91991813591c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c9:da:cb:52:86:22:9d:25:0b:67:b4:87:d7:
e7:54:d2:32:8c:b7:50:80:ac:e8:7c:38:86:35:d2:
e2:a5:16:c4:69:19:35:3a:07:85:59:bc:5c:53:8a:
2e:44:98:92:66:dc:45:97:4c:d1:4a:05:61:3f:75:
6b:da:79:bf:e4:16:f8:02:27:63:58:1b:3f:e7:a0:
b0:8d:ac:05:51:96:23:1a:0c:1d:8c:1e:a8:6d:fb:
19:68:0a:c4:fa:3a:87:50:6d:fa:14:cb:01:3a:26:
20:2f:bb:a2:d5:08:64:df:87:fe:d4:a0:7c:0e:f9:
55:3b:c3:f2:61:54:75:9b:19:58:6c:c2:8b:98:81:
68:13:f8:37:60:c8:e4:cc:3c:53:2e:05:95:5c:31:
53:4a:57:17:a9:05:2c:5a:94:93:95:7a:55:d5:67:
56:c4:47:4e:2b:b0:57:6b:34:23:21:ed:87:91:b1:
b4:95:bb:66:4c:35:16:28:ac:b3:b3:2e:aa:53:82:
5e:a3:23:fc:07:98:a7:6c:dd:39:ff:64:f1:97:96:
61:30:5a:38:7a:11:ea:82:ba:3b:62:b0:53:44:dd:
54:28:96:52:99:51:19:d4:b4:f3:70:e0:94:c7:b1:
ee:0a:ad:85:8b:cc:e9:28:42:ef:c0:4c:ec:3e:c8:
a1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:61:F6:8E:32:04:8A:D0:87:BF:CA:06:F9:61:F5:D0:09:B5:0F:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9adb83e6-fa36-47fa-b5be-856fd7247898.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.104.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:ab:d8:fb:13:a5:99:1a:38:5f:bd:cc:21:ae:56:36:c8:20:
97:60:dd:8e:9f:40:25:97:ab:83:f3:3b:22:c1:77:20:bb:78:
86:61:65:63:d5:97:be:0b:cb:db:67:f1:a5:68:5b:5c:30:8e:
d6:2e:06:7a:96:13:20:47:a6:03:88:3c:ad:e4:f0:fe:ac:cf:
0f:c9:a9:3b:31:b0:a8:9d:b9:cb:57:06:54:d8:16:fc:4c:cb:
0d:8e:b2:5c:7c:47:c9:d4:09:99:b4:d1:f4:1b:f5:7f:e3:4b:
ee:4e:12:a1:bf:a6:01:d9:ec:46:9e:e4:d2:2e:49:db:a1:19:
ee:69:ae:04:a1:92:bf:ea:a1:c6:9f:29:31:91:1d:c3:98:f1:
df:58:20:85:b4:c9:92:d1:40:92:6b:40:4d:2f:4a:b5:19:c1:
e9:f9:ac:14:cc:34:ef:64:f9:5e:64:d6:d5:a1:32:ce:79:f1:
cd:b2:17:02:e8:a6:89:8b:34:41:0f:76:b0:40:77:14:f9:30:
97:a7:19:76:e4:87:f5:3d:aa:f1:19:5f:7c:60:6b:6a:df:e1:
f6:da:98:b2:02:c0:09:14:57:d6:b8:54:00:fb:1a:50:48:26:
75:1e:24:5a:27:fc:a6:17:f3:a3:fe:9f:91:64:48:f6:c2:83:
29:ec:a9:a5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGXXKTE5WdQsq3clSkvdLxQhf9qkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTZaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4Mzc3ZDM4OWY5NjVmYmNhOGI1MGY3MzZmMjQzMmQ0ZDFkZGI1M2Y5MzNl
ZDI4NmM1N2U5MTk5MTgxMzU5MWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3J2stShiKdJQtntIfX51TSMoy3UICs6Hw4hjXS4qUWxGkZNToHhVm8XFOK
LkSYkmbcRZdM0UoFYT91a9p5v+QW+AInY1gbP+egsI2sBVGWIxoMHYweqG37GWgK
xPo6h1Bt+hTLATomIC+7otUIZN+H/tSgfA75VTvD8mFUdZsZWGzCi5iBaBP4N2DI
5Mw8Uy4FlVwxU0pXF6kFLFqUk5V6VdVnVsRHTiuwV2s0IyHth5GxtJW7Zkw1Fiis
s7MuqlOCXqMj/AeYp2zdOf9k8ZeWYTBaOHoR6oK6O2KwU0TdVCiWUplRGdS083Dg
lMex7gqthYvM6ShC78BM7D7IobcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT6YfaO
MgSK0Ie/ygb5YfXQCbUPvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWFkYjgzZTYtZmEzNi00N2ZhLWI1YmUtODU2ZmQ3MjQ3ODk4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEATMQaDAN
BgkqhkiG9w0BAQsFAAOCAQEAqavY+xOlmRo4X73MIa5WNsggl2Ddjp9AJZerg/M7
IsF3ILt4hmFlY9WXvgvL22fxpWhbXDCO1i4GepYTIEemA4g8reTw/qzPD8mpOzGw
qJ25y1cGVNgW/EzLDY6yXHxHydQJmbTR9Bv1f+NL7k4Sob+mAdnsRp7k0i5J26EZ
7mmuBKGSv+qhxp8pMZEdw5jx31gghbTJktFAkmtATS9KtRnB6fmsFMw072T5XmTW
1aEyznnxzbIXAuimiYs0QQ92sEB3FPkwl6cZduSH9T2q8RlffGBrat/h9tqYsgLA
CRRX1rhUAPsaUEgmdR4kWif8phfzo/6fkWRI9sKDKeyppQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:20 2025 by rpki-client