Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: uPNPoBCcSpSkilzmzGpemuIc1MDxybGrTQuYD+bEkYI=
Subject key identifier: 39:85:5D:43:1E:03:9B:0A:A6:BD:64:20:7A:15:0A:8D:06:75:99:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72ED8811B43BEE6D39CF40C42041D7ECC6C67BAD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Tue 21 Oct 2025 14:40:33 +0000
ROA not before: Tue 21 Oct 2025 14:40:33 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:ed:88:11:b4:3b:ee:6d:39:cf:40:c4:20:41:d7:ec:c6:c6:7b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:33 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e20f175e19edcfa71271abda5dda56c16dbb269dc95f7fbe8f20b0a84181e630, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:55:bf:67:c1:1b:a7:98:5b:08:9d:72:73:b7:
3a:cd:34:f6:e6:fa:61:0b:e2:03:22:c6:10:59:0b:
86:69:2d:f1:bf:ce:5b:78:f3:ff:f9:50:fb:88:be:
9a:00:44:2f:9a:59:74:82:41:77:b6:0e:77:72:53:
0b:30:d2:98:db:09:ec:0b:a9:a7:6c:65:a7:af:ee:
17:67:fe:ad:6f:66:6e:97:be:df:65:d6:8b:52:6a:
59:33:76:f6:e3:91:54:43:c8:d7:bc:3d:34:ce:ad:
ea:44:43:18:44:c4:da:4e:37:9f:aa:51:98:8b:8c:
e9:a3:80:03:99:41:1e:04:19:f8:80:dd:e4:69:ba:
06:a4:74:ff:65:d1:af:55:d9:fd:ae:bb:79:ac:b7:
e5:02:7e:5f:ca:13:91:be:bf:b9:25:76:cf:29:dd:
40:1a:68:f9:27:5d:fe:08:2a:b2:bd:8b:2c:84:2f:
d5:83:6f:e2:e1:8e:07:e7:42:bb:5c:9e:c9:b1:02:
98:8f:4f:a9:21:26:e7:0f:a4:14:f1:5b:0e:cf:48:
0b:8d:68:a4:2c:5c:4f:ce:c4:68:38:b4:4a:d9:06:
1d:cf:56:77:e3:62:83:23:bd:6e:45:7d:c9:2a:f1:
8f:fc:64:f4:22:bd:5c:b1:15:fd:24:ad:d6:5f:98:
68:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:85:5D:43:1E:03:9B:0A:A6:BD:64:20:7A:15:0A:8D:06:75:99:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:bd:55:52:4a:1e:b7:81:5b:ff:b5:b2:69:9c:48:c3:b8:bc:
4a:0a:be:b0:22:c7:0c:5e:22:e2:94:d9:2b:94:98:64:4b:4b:
7e:78:d8:04:95:a0:bf:8f:e1:6c:a5:78:06:71:2b:a0:d0:19:
6e:88:84:3a:05:24:8f:25:9f:24:9d:4c:31:66:9c:75:fc:e3:
19:64:ad:43:17:00:99:aa:6d:27:7b:10:98:7b:61:78:4e:f8:
25:fd:dd:ca:f0:c4:25:6f:d7:73:67:e7:33:d6:ee:9e:d7:94:
89:19:4a:a2:09:27:a4:5d:ae:02:c4:a7:aa:d3:a9:44:75:d2:
39:70:b3:43:50:3f:37:6d:85:00:bc:4d:f1:bd:cc:3b:1c:69:
a9:5e:4f:5b:ee:d1:3b:d4:f0:d4:75:57:70:cc:b9:a4:16:82:
ff:c3:7f:5d:da:ca:6e:0c:fd:37:5c:bc:66:93:ee:b6:fb:37:
02:6c:9b:1d:62:18:d8:48:dd:85:86:42:be:2f:b1:7b:3a:6d:
4a:c9:e7:e0:4d:3a:1c:45:3a:1d:50:23:e9:38:f4:93:a9:fc:
37:c2:8d:b3:22:96:90:74:bf:9e:cc:40:0e:b9:c6:fa:54:1a:
80:5e:ef:41:c7:84:c7:62:e2:79:8c:21:fa:fb:40:94:fe:8f:
49:fe:b7:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcu2IEbQ77m05z0DEIEHX7MbGe60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyMGYxNzVlMTllZGNmYTcxMjcxYWJkYTVkZGE1NmMxNmRiYjI2OWRjOTVm
N2ZiZThmMjBiMGE4NDE4MWU2MzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANNVv2fBG6eYWwidcnO3Os009ub6YQviAyLGEFkLhmkt8b/OW3jz//lQ+4i+
mgBEL5pZdIJBd7YOd3JTCzDSmNsJ7Aupp2xlp6/uF2f+rW9mbpe+32XWi1JqWTN2
9uORVEPI17w9NM6t6kRDGETE2k43n6pRmIuM6aOAA5lBHgQZ+IDd5Gm6BqR0/2XR
r1XZ/a67eay35QJ+X8oTkb6/uSV2zyndQBpo+Sdd/ggqsr2LLIQv1YNv4uGOB+dC
u1yeybECmI9PqSEm5w+kFPFbDs9IC41opCxcT87EaDi0StkGHc9Wd+NigyO9bkV9
ySrxj/xk9CK9XLEV/SSt1l+YaB0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5hV1D
HgObCqa9ZCB6FQqNBnWZDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQCmvVVSSh63gVv/tbJpnEjDuLxKCr6wIscMXiLilNkr
lJhkS0t+eNgElaC/j+FspXgGcSug0BluiIQ6BSSPJZ8knUwxZpx1/OMZZK1DFwCZ
qm0nexCYe2F4Tvgl/d3K8MQlb9dzZ+cz1u6e15SJGUqiCSekXa4CxKeq06lEddI5
cLNDUD83bYUAvE3xvcw7HGmpXk9b7tE71PDUdVdwzLmkFoL/w39d2spuDP03XLxm
k+62+zcCbJsdYhjYSN2FhkK+L7F7Om1KyefgTTocRTodUCPpOPSTqfw3wo2zIpaQ
dL+ezEAOucb6VBqAXu9Bx4THYuJ5jCH6+0CU/o9J/rcP
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:32:41 2025 by rpki-client