Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json)
Hash identifier: oqGuYV/ZomT6Ao+Ga+oee5lj1uVttPevUTMS2ExuEJE=
Subject key identifier: 71:74:EB:F4:34:E1:27:0E:A5:CB:58:90:7A:A1:33:9D:CB:71:BA:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22D72DC23BFD243FE4911985F9E688270B58C7D8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
Signing time: Wed 22 Oct 2025 00:50:14 +0000
ROA not before: Wed 22 Oct 2025 00:50:14 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:d7:2d:c2:3b:fd:24:3f:e4:91:19:85:f9:e6:88:27:0b:58:c7:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:14 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=949c38525430f178c49431c9c82dfd8e2f10fcbdc5da625d0ffa49b7fedf09da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3b:b9:fc:06:07:54:4c:89:35:ce:f0:76:de:
38:9f:66:46:ee:43:a7:96:25:d4:f4:9b:0c:42:80:
68:03:1e:51:e4:c5:05:3f:c0:a3:9c:a9:06:f2:7d:
03:69:6f:88:5c:bc:66:13:85:8d:88:75:c2:59:35:
9b:36:bc:14:73:46:bd:e7:bc:5d:bd:14:df:4c:32:
06:17:51:05:ce:a1:d5:1b:33:0d:7a:b0:44:cb:71:
be:62:81:8d:15:37:f5:48:95:a2:cb:85:d6:2b:c3:
89:99:d6:d1:d2:e0:98:f0:2e:77:d8:73:3d:8a:f6:
71:e3:99:e5:c8:b2:d5:2b:eb:05:0d:a2:df:e3:f0:
db:8b:ce:1d:07:9c:63:60:93:8d:02:08:d2:c3:98:
b6:a7:f0:7f:d5:48:72:ab:d9:b3:86:7f:0d:ba:60:
a0:35:9d:45:f0:8c:12:0a:37:34:f8:69:9f:df:45:
5c:5b:d8:bf:5a:7e:83:3c:96:8f:fc:76:3b:bb:54:
ae:ec:4c:36:73:b8:99:88:01:76:3f:91:ec:33:3b:
31:65:e9:ad:d4:16:96:a7:b7:3b:1f:14:14:f5:83:
f0:6c:d4:2d:e5:62:08:4c:af:d0:39:67:2d:ee:9e:
ac:77:0a:27:63:5e:35:65:40:e9:69:49:23:fe:f0:
38:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:74:EB:F4:34:E1:27:0E:A5:CB:58:90:7A:A1:33:9D:CB:71:BA:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
d6:83:4e:ee:f2:88:4b:05:b5:8d:53:40:66:3b:52:cd:3c:9d:
be:2c:78:1a:7a:84:5f:7b:84:0b:7c:a3:f6:81:68:56:a4:ee:
a6:e6:82:30:7f:01:10:92:be:7d:53:89:e2:28:c9:fd:38:85:
51:22:9d:18:1d:b8:d6:7a:56:fb:02:de:b6:24:3d:00:d4:a2:
80:3b:ec:ec:ff:32:c6:dc:d4:11:e8:61:cc:a2:60:99:07:f6:
a9:80:ae:08:9f:ce:ee:03:9f:c1:fb:00:58:b9:b5:27:74:ee:
90:03:ce:f9:3a:4b:13:86:61:9f:41:66:32:dd:10:d5:b5:f9:
69:29:e1:5a:50:f8:ae:72:41:22:8c:48:99:e3:aa:0f:e0:92:
c3:ad:db:14:9e:b8:de:68:1a:8a:c3:0b:91:a6:f7:38:08:13:
0b:7e:e1:51:ff:19:5c:ce:63:6f:6d:62:9e:d4:80:65:98:bd:
2d:4a:a4:16:a0:48:9e:ea:14:ab:12:62:98:9f:ea:be:e6:7c:
35:8d:51:ca:0b:65:3f:dc:51:6c:1f:c9:90:6f:fa:2b:94:76:
8e:60:09:01:e3:71:a8:55:54:4d:dd:1d:c0:9f:3e:bf:4f:db:
f5:4f:13:aa:47:b1:35:c1:6d:e0:01:83:77:e8:55:83:e4:80:
5c:96:6b:eb
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUItctwjv9JD/kkRmF+eaIJwtYx9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTRaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0OWMzODUyNTQzMGYxNzhjNDk0MzFjOWM4MmRmZDhlMmYxMGZjYmRjNWRh
NjI1ZDBmZmE0OWI3ZmVkZjA5ZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMc7ufwGB1RMiTXO8HbeOJ9mRu5Dp5Yl1PSbDEKAaAMeUeTFBT/Ao5ypBvJ9
A2lviFy8ZhOFjYh1wlk1mza8FHNGvee8Xb0U30wyBhdRBc6h1RszDXqwRMtxvmKB
jRU39UiVosuF1ivDiZnW0dLgmPAud9hzPYr2ceOZ5ciy1SvrBQ2i3+Pw24vOHQec
Y2CTjQII0sOYtqfwf9VIcqvZs4Z/DbpgoDWdRfCMEgo3NPhpn99FXFvYv1p+gzyW
j/x2O7tUruxMNnO4mYgBdj+R7DM7MWXprdQWlqe3Ox8UFPWD8GzULeViCEyv0Dln
Le6erHcKJ2NeNWVA6WlJI/7wODMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRxdOv0
NOEnDqXLWJB6oTOdy3G6JjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEA1oNO7vKISwW1jVNAZjtSzTydvix4GnqEX3uEC3yj
9oFoVqTupuaCMH8BEJK+fVOJ4ijJ/TiFUSKdGB241npW+wLetiQ9ANSigDvs7P8y
xtzUEehhzKJgmQf2qYCuCJ/O7gOfwfsAWLm1J3TukAPO+TpLE4Zhn0FmMt0Q1bX5
aSnhWlD4rnJBIoxImeOqD+CSw63bFJ643mgaisMLkab3OAgTC37hUf8ZXM5jb21i
ntSAZZi9LUqkFqBInuoUqxJimJ/qvuZ8NY1RygtlP9xRbB/JkG/6K5R2jmAJAeNx
qFVUTd0dwJ8+v0/b9U8TqkexNcFt4AGDd+hVg+SAXJZr6w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:26:01 2025 by rpki-client