Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
File: d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa (raw, json)
Hash identifier: SvDXiQXSj9adOhSjwya/B2yZw7Qnlt3djSszK+E+fgw=
Subject key identifier: B1:14:65:A5:95:9C:80:D0:AF:1C:47:E0:59:E7:05:D9:94:DE:EE:DD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08587ABF764430A0EF7BBCEA156EE791A58135FD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
Signing time: Tue 21 Oct 2025 14:40:06 +0000
ROA not before: Tue 21 Oct 2025 14:40:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:58:7a:bf:76:44:30:a0:ef:7b:bc:ea:15:6e:e7:91:a5:81:35:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f57388196e85a44579177823c6d3ca4fa536690c540821f9977e887ee7470e54, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:04:72:ab:b4:f2:45:5a:0b:a3:f8:f0:81:8f:
98:a3:63:7c:20:96:59:0b:9a:be:0c:88:13:33:7c:
0b:16:86:c5:cb:28:4f:f7:cc:98:1f:6b:ee:fd:01:
29:74:9f:cc:70:a3:96:f3:af:e1:db:4b:f5:ef:ee:
fa:22:0a:67:d1:14:d2:82:c1:89:0f:62:fa:c3:d2:
a1:35:b6:b6:fd:34:a3:87:df:0d:fc:2d:d7:87:08:
6a:d6:fe:67:91:cc:d4:56:8f:45:f9:26:cc:67:45:
05:c0:f8:63:68:12:e2:11:2b:e6:fd:9e:e7:9e:71:
1e:10:dc:42:dc:5f:bc:47:b0:48:e3:4d:0b:5e:95:
3b:84:6c:36:c8:71:9b:bc:3a:ed:d4:4d:72:f7:db:
e4:c0:b7:78:62:81:b4:8f:ab:73:5e:4e:97:05:05:
8b:9a:ef:b2:6c:bb:9e:32:67:8f:49:56:f3:7d:71:
e2:a0:53:98:80:72:79:39:47:e4:4e:1f:95:18:19:
71:6d:a0:d9:3a:3f:5e:4f:4b:cb:97:90:94:63:ad:
91:d2:78:15:c0:52:39:7c:81:fa:ea:7b:8e:01:b8:
09:71:73:f5:19:d6:d7:25:67:8f:da:9a:1e:fa:5a:
8e:e2:86:94:da:09:61:5b:c5:60:8d:c2:9d:b7:13:
e8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:14:65:A5:95:9C:80:D0:AF:1C:47:E0:59:E7:05:D9:94:DE:EE:DD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d13d26ae-36b1-4815-a7f0-4dc090d15b78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:57:cb:56:1d:77:99:2b:46:7c:ca:ab:4d:cb:06:04:d5:e6:
b5:45:34:19:77:51:ef:a1:88:59:e8:ef:89:19:ab:cd:2e:46:
1e:e1:04:08:8b:e7:b3:ed:a0:dc:87:76:e7:bd:62:f3:ab:b9:
76:38:92:42:2f:05:74:1f:47:79:dd:18:11:10:bb:cf:5e:cf:
ea:46:0a:84:aa:05:52:d0:50:ed:4b:5d:26:38:0e:f8:99:c4:
34:76:b6:70:7f:01:cd:65:45:f0:51:e2:33:58:22:92:db:d0:
21:cb:ce:c3:0d:6d:60:87:9c:d6:3c:a0:1e:9f:b2:78:e6:98:
b0:e8:a9:6b:3c:5a:61:92:10:77:36:9e:ad:62:39:e6:96:e4:
1c:3c:f0:8b:c9:fc:7c:19:71:87:6a:9b:91:52:74:88:bf:be:
45:2b:f7:5a:eb:05:41:20:72:40:2d:9d:30:be:8e:e9:78:d5:
0c:e7:cc:7e:a8:e0:50:f2:54:ad:59:9d:f5:d8:d5:68:b9:1c:
02:0d:a7:b7:9e:38:8f:07:26:44:06:39:4e:a8:ed:27:85:4f:
51:81:38:c3:83:f2:18:1b:e7:43:c4:e2:8c:4d:9f:6b:83:55:
ae:da:c7:84:ed:7c:26:10:b8:54:bb:cf:7b:07:7b:6b:8d:90:
f9:8e:f4:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCFh6v3ZEMKDve7zqFW7nkaWBNf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NzM4ODE5NmU4NWE0NDU3OTE3NzgyM2M2ZDNjYTRmYTUzNjY5MGM1NDA4
MjFmOTk3N2U4ODdlZTc0NzBlNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0Ecqu08kVaC6P48IGPmKNjfCCWWQuavgyIEzN8CxaGxcsoT/fMmB9r7v0B
KXSfzHCjlvOv4dtL9e/u+iIKZ9EU0oLBiQ9i+sPSoTW2tv00o4ffDfwt14cIatb+
Z5HM1FaPRfkmzGdFBcD4Y2gS4hEr5v2e555xHhDcQtxfvEewSONNC16VO4RsNshx
m7w67dRNcvfb5MC3eGKBtI+rc15OlwUFi5rvsmy7njJnj0lW831x4qBTmIByeTlH
5E4flRgZcW2g2To/Xk9Ly5eQlGOtkdJ4FcBSOXyB+up7jgG4CXFz9RnW1yVnj9qa
HvpajuKGlNoJYVvFYI3CnbcT6FUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSxFGWl
lZyA0K8cR+BZ5wXZlN7u3TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDEzZDI2YWUtMzZiMS00ODE1LWE3ZjAtNGRjMDkwZDE1Yjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBfV8tWHXeZK0Z8yqtNywYE1ea1RTQZd1HvoYhZ6O+J
GavNLkYe4QQIi+ez7aDch3bnvWLzq7l2OJJCLwV0H0d53RgRELvPXs/qRgqEqgVS
0FDtS10mOA74mcQ0drZwfwHNZUXwUeIzWCKS29Ahy87DDW1gh5zWPKAen7J45piw
6KlrPFphkhB3Np6tYjnmluQcPPCLyfx8GXGHapuRUnSIv75FK/da6wVBIHJALZ0w
vo7peNUM58x+qOBQ8lStWZ312NVouRwCDae3njiPByZEBjlOqO0nhU9RgTjDg/IY
G+dDxOKMTZ9rg1Wu2seE7XwmELhUu897B3trjZD5jvRe
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:16 2025 by rpki-client