Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
File: ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa (raw, json)
Hash identifier: lsXFzGEnsONKjXzijPRKGluiufGBb+CyHsW1ts3QEOs=
Subject key identifier: D3:02:FF:B7:21:B6:68:B7:E4:77:04:F7:26:8E:3B:A7:CE:31:11:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5742D47A1F9D431848B61B2B345AAED028CB0B4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
Signing time: Fri 24 Oct 2025 00:40:23 +0000
ROA not before: Fri 24 Oct 2025 00:40:23 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.24.0.0/13 maxlen: 13
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:42:d4:7a:1f:9d:43:18:48:b6:1b:2b:34:5a:ae:d0:28:cb:0b:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:23 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=32cff925791d5bb889094cb045aa9dd4c81401890923b8037977c9cf918748a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3a:71:17:82:49:f4:dc:a3:38:72:3c:33:ed:
a5:54:6c:1a:7f:d7:14:ad:31:9e:de:cf:fe:77:db:
e8:77:12:32:34:1b:db:22:47:3b:f2:a3:da:38:13:
66:25:75:27:33:58:7f:62:89:e9:e0:78:8a:f1:21:
a7:49:d7:5e:9a:04:d2:9e:3a:d3:4c:c7:76:f8:a6:
ed:bf:a4:62:ce:b4:36:7b:6c:d2:0c:6c:d2:92:b6:
14:ae:a4:46:bc:e1:29:d0:76:4c:0d:c4:57:ee:91:
47:e0:06:94:aa:a0:4e:53:4d:a5:e9:1d:e8:0d:d9:
b3:b1:52:d7:81:31:b7:a9:90:eb:89:7a:3c:ee:0e:
1d:12:91:9c:65:b2:16:62:34:07:52:04:53:54:22:
12:4a:27:65:cc:f3:cc:35:96:55:4c:5d:40:21:cd:
1f:66:1c:21:f1:a5:12:f8:3d:8e:4c:9b:28:5c:86:
02:fc:a6:d3:2f:9f:a0:f9:f0:e2:bb:75:45:db:75:
04:19:b3:95:e0:ff:2f:d7:5f:5f:d2:a3:c5:3e:ed:
5e:d1:26:15:af:bb:57:d1:4e:8f:3d:9f:4c:72:c2:
46:1d:65:19:bc:57:c1:27:dc:45:bd:26:ac:25:70:
33:de:0e:cb:9a:d1:48:b8:52:44:84:97:f4:63:f4:
79:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:02:FF:B7:21:B6:68:B7:E4:77:04:F7:26:8E:3B:A7:CE:31:11:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ca9dc172-c5c5-48fd-a801-9f7f050aa67b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.24.0.0/13
Signature Algorithm: sha256WithRSAEncryption
24:97:6e:83:e0:5d:6c:6f:86:b8:82:87:79:4c:49:e3:da:0e:
31:9f:44:0d:e6:05:81:b9:08:02:95:c0:c5:05:1c:5c:5e:f3:
54:9f:d5:08:a5:af:e0:a8:10:c3:b7:e3:47:4a:38:a5:fa:88:
83:b1:15:0f:b4:19:6a:70:a9:b4:1e:d8:da:c4:7d:7b:d4:49:
7c:62:d2:4b:0b:3a:0c:c8:0c:05:72:1d:3c:f5:45:64:0f:7f:
62:6c:18:84:19:f7:11:d7:ab:75:43:00:96:ee:c4:1e:df:8c:
3e:3b:a5:d0:75:9b:9b:25:a6:d6:ce:0d:03:dd:9b:34:68:01:
00:58:75:37:44:0d:df:e8:79:e8:25:66:15:5d:87:57:b9:7f:
ab:c2:f8:03:46:20:cb:49:1d:ed:cf:f0:f8:c7:fd:73:b4:7c:
9b:18:a8:56:06:f7:ae:38:2b:02:f8:d0:6a:e7:3d:65:5e:47:
ff:2a:e0:34:39:b2:54:7a:2a:68:bb:43:0c:e9:50:cb:29:1a:
1a:ff:cf:5d:21:af:22:ad:02:08:3a:6e:bd:34:97:d6:85:43:
df:d1:7f:c6:c2:45:0a:c2:9f:c8:7f:03:a2:31:0a:71:c7:85:
31:1e:b0:8a:9f:e6:da:43:61:0d:3a:d8:18:54:ee:48:5e:b4:
d4:4e:72:56
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV0LUeh+dQxhIthsrNFqu0CjLC0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjNaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyY2ZmOTI1NzkxZDViYjg4OTA5NGNiMDQ1YWE5ZGQ0YzgxNDAxODkwOTIz
YjgwMzc5NzdjOWNmOTE4NzQ4YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANg6cReCSfTcozhyPDPtpVRsGn/XFK0xnt7P/nfb6HcSMjQb2yJHO/Kj2jgT
ZiV1JzNYf2KJ6eB4ivEhp0nXXpoE0p4600zHdvim7b+kYs60Nnts0gxs0pK2FK6k
RrzhKdB2TA3EV+6RR+AGlKqgTlNNpekd6A3Zs7FS14Ext6mQ64l6PO4OHRKRnGWy
FmI0B1IEU1QiEkonZczzzDWWVUxdQCHNH2YcIfGlEvg9jkybKFyGAvym0y+foPnw
4rt1Rdt1BBmzleD/L9dfX9KjxT7tXtEmFa+7V9FOjz2fTHLCRh1lGbxXwSfcRb0m
rCVwM94Oy5rRSLhSRISX9GP0eQsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTTAv+3
IbZot+R3BPcmjjunzjER3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2E5ZGMxNzItYzVjNS00OGZkLWE4MDEtOWY3ZjA1MGFhNjdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzMYMA0G
CSqGSIb3DQEBCwUAA4IBAQAkl26D4F1sb4a4god5TEnj2g4xn0QN5gWBuQgClcDF
BRxcXvNUn9UIpa/gqBDDt+NHSjil+oiDsRUPtBlqcKm0HtjaxH171El8YtJLCzoM
yAwFch089UVkD39ibBiEGfcR16t1QwCW7sQe34w+O6XQdZubJabWzg0D3Zs0aAEA
WHU3RA3f6HnoJWYVXYdXuX+rwvgDRiDLSR3tz/D4x/1ztHybGKhWBveuOCsC+NBq
5z1lXkf/KuA0ObJUeipou0MM6VDLKRoa/89dIa8irQIIOm69NJfWhUPf0X/GwkUK
wp/IfwOiMQpxx4UxHrCKn+baQ2ENOtgYVO5IXrTUTnJW
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:26:34 2025 by rpki-client