Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: wLPU+3Yi3q8u/PUZuMoyQKbWcjWcdyGEpzozH6kO284=
Subject key identifier: 98:1F:AB:FA:A2:BF:44:49:78:69:86:61:0F:4D:C7:48:91:9A:AE:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 780BCB0C62B855818BE7D22FA01AB94C396C541C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Sat 15 Nov 2025 06:50:45 +0000
ROA not before: Sat 15 Nov 2025 06:50:45 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 01:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:0b:cb:0c:62:b8:55:81:8b:e7:d2:2f:a0:1a:b9:4c:39:6c:54:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:45 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=06f1b24d905d2b0375f2ef241e03a55245269411826908329749a68ab74033cc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6c:ff:2a:db:36:6a:d4:df:19:88:e7:7a:0c:
6a:21:2d:c0:fe:fd:9d:a0:85:12:47:2f:28:80:c3:
e7:bc:0e:9d:ac:92:83:50:4c:59:91:c5:ca:28:40:
20:da:16:ab:bd:12:72:08:dc:77:78:0c:27:49:5d:
60:cf:f6:43:f0:63:f3:ae:bc:a9:39:94:83:3e:5b:
91:ce:15:78:7b:a8:49:3f:a7:05:ed:f3:69:ff:3c:
af:9f:09:a1:f4:01:ff:e3:46:8d:3a:8e:7c:78:77:
44:13:ff:61:73:73:9e:c1:86:fe:ec:67:c7:05:71:
8f:8d:0e:c0:93:31:d6:3a:bf:fa:59:ac:0c:75:62:
3a:9b:90:bc:59:d2:c2:a6:b5:1d:b2:6b:58:3b:8d:
6a:29:77:22:f4:db:98:bd:71:26:c0:ab:2a:99:9f:
35:bc:9c:d3:ba:a6:e6:85:6f:65:84:15:9e:a3:23:
0e:7a:80:a9:a7:0a:9e:1e:6e:0d:59:64:8d:16:37:
4b:3e:cd:7a:68:b5:54:1b:dc:58:d4:d6:25:d8:89:
54:6c:e3:c3:e9:15:af:f9:91:44:e3:b8:ca:88:3f:
01:9f:fa:36:6e:84:e9:e3:b3:3a:fa:da:5a:7b:40:
e8:72:c7:fa:3f:3e:6c:9d:c9:62:cc:1f:db:9a:f1:
1b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:1F:AB:FA:A2:BF:44:49:78:69:86:61:0F:4D:C7:48:91:9A:AE:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:bf:7f:55:e9:03:7f:68:dd:ff:f2:a0:86:f7:2d:84:e4:e8:
e9:8c:62:62:88:d8:df:8b:e2:5a:36:c5:f6:9e:55:cc:e0:c3:
b3:9d:34:96:9f:80:69:cf:c9:18:ac:f9:e7:27:30:8b:08:0b:
d7:d3:f1:76:75:43:ee:2e:86:04:38:ea:32:d3:66:e2:c6:6f:
73:c8:be:0c:8b:5c:d7:15:e1:83:aa:b7:3d:3d:65:d1:87:6e:
62:5b:79:79:07:17:35:4b:95:c1:13:0c:9f:10:bb:cc:35:fb:
f8:82:50:42:ca:a9:32:e6:bf:06:32:73:88:fd:93:e9:77:b5:
7f:36:1d:64:69:83:0a:b6:fc:cb:22:2a:b7:c3:67:ba:b0:26:
be:27:d6:cb:ae:fc:27:ea:ba:14:66:03:25:f3:d7:d9:45:19:
02:79:ea:6d:ce:69:e3:79:55:1d:9b:fd:ec:e3:43:11:54:70:
f9:3a:ba:03:2e:d8:97:1d:81:57:bb:46:87:0b:55:fe:80:48:
45:98:93:df:32:97:17:73:fd:b3:7e:3f:d9:b8:d3:3f:04:a1:
7f:7c:c4:d1:40:ec:eb:48:f2:af:1b:dd:5f:21:1b:f6:17:95:
c6:4f:cb:cd:8c:c7:dc:09:86:ee:9f:90:9c:a9:e3:b7:82:e0:
2d:b3:50:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeAvLDGK4VYGL59IvoBq5TDlsVBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwNDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA2ZjFiMjRkOTA1ZDJiMDM3NWYyZWYyNDFlMDNhNTUyNDUyNjk0MTE4MjY5
MDgzMjk3NDlhNjhhYjc0MDMzY2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALNs/yrbNmrU3xmI53oMaiEtwP79naCFEkcvKIDD57wOnaySg1BMWZHFyihA
INoWq70Scgjcd3gMJ0ldYM/2Q/Bj8668qTmUgz5bkc4VeHuoST+nBe3zaf88r58J
ofQB/+NGjTqOfHh3RBP/YXNznsGG/uxnxwVxj40OwJMx1jq/+lmsDHViOpuQvFnS
wqa1HbJrWDuNail3IvTbmL1xJsCrKpmfNbyc07qm5oVvZYQVnqMjDnqAqacKnh5u
DVlkjRY3Sz7Nemi1VBvcWNTWJdiJVGzjw+kVr/mRROO4yog/AZ/6Nm6E6eOzOvra
WntA6HLH+j8+bJ3JYswf25rxG/sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSYH6v6
or9ESXhphmEPTcdIkZqu8TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQDUv39V6QN/aN3/8qCG9y2E5OjpjGJiiNjfi+JaNsX2
nlXM4MOznTSWn4Bpz8kYrPnnJzCLCAvX0/F2dUPuLoYEOOoy02bixm9zyL4Mi1zX
FeGDqrc9PWXRh25iW3l5Bxc1S5XBEwyfELvMNfv4glBCyqky5r8GMnOI/ZPpd7V/
Nh1kaYMKtvzLIiq3w2e6sCa+J9bLrvwn6roUZgMl89fZRRkCeeptzmnjeVUdm/3s
40MRVHD5OroDLtiXHYFXu0aHC1X+gEhFmJPfMpcXc/2zfj/ZuNM/BKF/fMTRQOzr
SPKvG91fIRv2F5XGT8vNjMfcCYbun5CcqeO3guAts1Bd
-----END CERTIFICATE-----
Generated at Sat Nov 15 10:21:04 2025 by rpki-client