Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
File: aa15a3a6-022f-41a6-9a60-2175164bb741.roa (raw, json)
Hash identifier: aWROu0cXigU5sdAEXJ1lISGPQTJKy/F4MrFOcWV6L2A=
Subject key identifier: DF:B9:A1:1C:EE:29:62:C2:7F:74:52:5E:58:AD:20:9F:F4:FA:70:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76C4C48164076C58B5D9F630D49DB2D58169118B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
Signing time: Wed 22 Oct 2025 00:50:17 +0000
ROA not before: Wed 22 Oct 2025 00:50:17 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c4:c4:81:64:07:6c:58:b5:d9:f6:30:d4:9d:b2:d5:81:69:11:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:17 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=52642ffd117ffc78f1fb0aaca7d9f0721224e38939ecd49eb80fdf39ff04b785, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f9:af:92:43:ad:56:2f:74:a6:d4:d2:57:e2:
a8:f2:ed:ca:14:bb:86:1e:0e:70:70:da:88:77:84:
6a:2d:6e:d3:eb:38:0f:06:7d:24:63:b5:44:8c:54:
c5:34:d2:3d:37:04:f3:46:25:65:2d:7b:20:33:e1:
5c:ec:f1:0b:2f:ce:81:88:5b:27:fc:2b:e2:0d:fd:
1d:1a:90:6b:5e:c7:7f:86:67:71:67:ec:44:c1:7e:
0d:75:e9:5a:c5:17:9f:a6:e2:13:62:09:e5:2f:48:
60:ab:d1:99:7a:4c:fc:38:e0:f5:44:be:69:92:df:
89:4e:77:fe:bd:25:ab:f5:29:6f:3d:85:8f:b6:39:
c1:d4:ea:df:a1:9b:d4:dd:03:d7:5b:40:7e:dc:b2:
db:37:06:0a:27:f0:a7:97:2c:47:0f:bb:c6:06:8e:
ef:e8:b5:6c:a1:f2:46:7b:e5:fe:63:7a:05:f5:ad:
3a:71:73:a1:47:03:34:8f:a5:6f:25:d9:28:74:05:
16:74:dd:15:48:42:da:1a:eb:1d:09:65:b5:1e:9c:
c6:a3:34:04:d2:68:54:15:4f:e0:98:da:20:05:3d:
72:ef:52:4b:83:ab:61:dc:4f:4a:d9:88:84:f3:02:
4d:b6:b2:01:30:6f:05:a7:53:69:2f:8a:39:b4:44:
b7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B9:A1:1C:EE:29:62:C2:7F:74:52:5E:58:AD:20:9F:F4:FA:70:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa15a3a6-022f-41a6-9a60-2175164bb741.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.204.0/24
Signature Algorithm: sha256WithRSAEncryption
70:12:77:9d:4d:e9:f4:fb:a3:f8:c8:55:a5:31:1d:ae:38:4d:
19:ae:02:55:d8:96:b0:bd:da:f5:2b:8f:fb:9e:48:d0:fe:b4:
a1:e8:db:27:40:7e:77:36:93:02:e9:e3:89:2a:f5:88:48:e6:
02:86:0c:25:47:d3:b8:65:c5:89:f6:29:3f:95:f1:bc:44:72:
da:bf:8d:83:fe:84:06:a1:1a:a1:c0:77:4e:eb:01:4c:5b:86:
a9:de:db:b7:1a:c1:11:35:3c:36:8b:a0:f9:6f:2c:eb:35:7a:
2d:ad:0a:9e:de:54:22:8a:3e:a3:d2:9f:5a:d3:b4:be:5e:d6:
b6:0b:36:ea:17:3e:db:2b:2c:f5:4c:ea:90:cd:0e:90:59:f9:
4d:fa:f9:30:97:e3:23:0e:6f:75:44:a4:7a:8b:e2:59:92:c7:
91:30:36:90:2f:47:56:2f:a7:90:1b:53:57:9c:3e:b2:69:0c:
dd:74:0d:96:8f:1e:27:3f:77:18:1a:d9:58:59:91:0d:32:5c:
cb:19:51:9f:86:5c:83:d5:1d:01:34:18:37:4a:8e:da:5c:fd:
69:dc:35:4f:fc:15:04:5a:e1:97:85:99:15:db:21:5f:eb:73:
86:e9:94:c4:80:72:e2:c4:99:70:ed:68:13:a6:89:ee:fb:a4:
e8:10:3e:54
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdsTEgWQHbFi12fYw1J2y1YFpEYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTdaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyNjQyZmZkMTE3ZmZjNzhmMWZiMGFhY2E3ZDlmMDcyMTIyNGUzODkzOWVj
ZDQ5ZWI4MGZkZjM5ZmYwNGI3ODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT5r5JDrVYvdKbU0lfiqPLtyhS7hh4OcHDaiHeEai1u0+s4DwZ9JGO1RIxU
xTTSPTcE80YlZS17IDPhXOzxCy/OgYhbJ/wr4g39HRqQa17Hf4ZncWfsRMF+DXXp
WsUXn6biE2IJ5S9IYKvRmXpM/Djg9US+aZLfiU53/r0lq/Upbz2Fj7Y5wdTq36Gb
1N0D11tAftyy2zcGCifwp5csRw+7xgaO7+i1bKHyRnvl/mN6BfWtOnFzoUcDNI+l
byXZKHQFFnTdFUhC2hrrHQlltR6cxqM0BNJoVBVP4JjaIAU9cu9SS4OrYdxPStmI
hPMCTbayATBvBadTaS+KObREt+MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTfuaEc
7iliwn90Ul5YrSCf9Ppw+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWExNWEzYTYtMDIyZi00MWE2LTlhNjAtMjE3NTE2NGJiNzQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADMQzDAN
BgkqhkiG9w0BAQsFAAOCAQEAcBJ3nU3p9Puj+MhVpTEdrjhNGa4CVdiWsL3a9SuP
+55I0P60oejbJ0B+dzaTAunjiSr1iEjmAoYMJUfTuGXFifYpP5XxvERy2r+Ng/6E
BqEaocB3TusBTFuGqd7btxrBETU8Noug+W8s6zV6La0Knt5UIoo+o9KfWtO0vl7W
tgs26hc+2yss9UzqkM0OkFn5Tfr5MJfjIw5vdUSkeoviWZLHkTA2kC9HVi+nkBtT
V5w+smkM3XQNlo8eJz93GBrZWFmRDTJcyxlRn4Zcg9UdATQYN0qO2lz9adw1T/wV
BFrhl4WZFdshX+tzhumUxIBy4sSZcO1oE6aJ7vuk6BA+VA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:25:31 2025 by rpki-client