Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
File: 9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa (raw, json)
Hash identifier: SJq9OjdW3GATCIOvCX1616be4cBD4s7BwRxNjm09NYU=
Subject key identifier: DD:5C:30:EA:95:3B:6B:5B:D4:DD:5B:2D:F4:1B:DB:1C:E5:01:A4:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 079AF91A591BABC1BEC79E89D35FD8609397C472
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
Signing time: Fri 31 Oct 2025 02:00:06 +0000
ROA not before: Fri 31 Oct 2025 02:00:06 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.70.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:9a:f9:1a:59:1b:ab:c1:be:c7:9e:89:d3:5f:d8:60:93:97:c4:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:06 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=605f15a045a13184d07484828378682ec0ece6e0176a2be2cbde4b86f905200c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fa:bd:a2:77:b6:54:3e:ce:d5:ae:fa:42:df:
24:11:fc:6c:bb:b0:71:b4:fc:9c:4a:52:dc:4e:64:
75:bb:d7:b4:80:52:7e:cd:a0:1a:99:84:07:ac:6c:
8a:db:1e:32:56:4c:64:46:7b:84:76:88:03:7d:02:
0b:3f:92:49:80:bb:f0:82:57:80:75:e7:ed:62:a6:
c6:a6:b6:50:53:56:f5:18:b1:17:eb:b0:3a:13:99:
ca:cc:07:49:f1:75:4d:49:66:ce:8e:00:17:bd:f7:
35:a1:97:a2:4c:61:30:d0:2a:a4:35:bf:d7:a0:d5:
37:18:ab:73:78:56:c2:b3:b6:ef:19:fb:f7:66:f9:
d0:70:5f:2e:0d:40:d9:e8:e3:3a:76:cf:14:5b:ce:
ad:56:9d:4a:06:ff:6c:52:d4:9e:dd:8a:39:67:a2:
7c:64:35:24:20:a3:e9:7d:2b:14:45:4b:9e:85:44:
78:b9:9b:f0:e9:aa:24:27:10:d1:46:10:72:f4:42:
20:5d:38:48:ca:c9:01:3f:42:aa:97:f8:99:33:dc:
73:11:8f:df:56:0b:e4:bc:76:1f:d6:62:01:1d:b5:
72:98:96:bd:fc:90:22:ff:62:4f:b3:e9:1b:7d:21:
3e:54:19:c8:fe:a8:3d:a8:b8:5a:c3:94:57:7a:8f:
78:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:5C:30:EA:95:3B:6B:5B:D4:DD:5B:2D:F4:1B:DB:1C:E5:01:A4:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c5a1a14-73c1-4c49-8b22-7d10c4379e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.70.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:e3:ef:c8:f7:ed:e5:5b:52:55:c2:80:07:8c:62:c0:01:e6:
56:9d:cf:27:3e:ec:b0:10:e1:61:ed:fc:23:07:7f:cf:17:9b:
36:27:d0:5d:04:86:c4:4a:9d:0a:34:8e:e3:2d:a8:0d:e8:a0:
b4:d3:a5:20:a4:ca:d4:f5:e0:dd:e3:23:4e:30:03:7f:48:15:
98:a3:6e:6b:40:1a:dd:69:be:54:1e:f9:64:3d:03:b9:c5:b2:
97:f1:42:72:21:4b:82:00:d6:c8:09:c0:81:fd:e0:3e:0d:c8:
25:15:4e:a3:4c:f6:ea:cf:7d:ac:27:44:ab:1c:66:41:d2:1a:
d5:7d:bb:22:24:f5:da:d6:ba:98:c6:1e:11:6a:d1:7d:1e:51:
41:50:a7:3a:6f:16:17:77:2b:81:7d:27:2c:13:5d:c0:8f:5d:
2c:ef:13:d8:e0:a2:7d:2c:1e:28:74:13:0c:6f:89:bc:de:9d:
74:ec:c8:be:72:c0:4c:74:b0:d2:2f:ee:59:03:77:f1:e0:51:
95:12:36:eb:7c:5d:7d:80:cd:27:a0:f1:dc:c1:3b:a6:2c:78:
27:cb:4a:78:b7:9a:8d:02:88:6a:8b:c5:4e:c0:68:cb:81:91:
b3:11:83:e4:65:92:87:c7:b2:f2:50:50:b2:b1:d7:42:cd:40:
41:6e:3c:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB5r5Glkbq8G+x56J01/YYJOXxHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMDZaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwNWYxNWEwNDVhMTMxODRkMDc0ODQ4MjgzNzg2ODJlYzBlY2U2ZTAxNzZh
MmJlMmNiZGU0Yjg2ZjkwNTIwMGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALD6vaJ3tlQ+ztWu+kLfJBH8bLuwcbT8nEpS3E5kdbvXtIBSfs2gGpmEB6xs
itseMlZMZEZ7hHaIA30CCz+SSYC78IJXgHXn7WKmxqa2UFNW9RixF+uwOhOZyswH
SfF1TUlmzo4AF733NaGXokxhMNAqpDW/16DVNxirc3hWwrO27xn792b50HBfLg1A
2ejjOnbPFFvOrVadSgb/bFLUnt2KOWeifGQ1JCCj6X0rFEVLnoVEeLmb8OmqJCcQ
0UYQcvRCIF04SMrJAT9Cqpf4mTPccxGP31YL5Lx2H9ZiAR21cpiWvfyQIv9iT7Pp
G30hPlQZyP6oPai4WsOUV3qPePMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdXDDq
lTtrW9TdWy30G9sc5QGkjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM1YTFhMTQtNzNjMS00YzQ5LThiMjItN2QxMGM0Mzc5ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNGMA0G
CSqGSIb3DQEBCwUAA4IBAQCv4+/I9+3lW1JVwoAHjGLAAeZWnc8nPuywEOFh7fwj
B3/PF5s2J9BdBIbESp0KNI7jLagN6KC006UgpMrU9eDd4yNOMAN/SBWYo25rQBrd
ab5UHvlkPQO5xbKX8UJyIUuCANbICcCB/eA+DcglFU6jTPbqz32sJ0SrHGZB0hrV
fbsiJPXa1rqYxh4RatF9HlFBUKc6bxYXdyuBfScsE13Aj10s7xPY4KJ9LB4odBMM
b4m83p107Mi+csBMdLDSL+5ZA3fx4FGVEjbrfF19gM0noPHcwTumLHgny0p4t5qN
Aohqi8VOwGjLgZGzEYPkZZKHx7LyUFCysddCzUBBbjzI
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:00:51 2025 by rpki-client