Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
File: 63e023f1-83fd-412f-8365-33afe1ac80af.roa (raw, json)
Hash identifier: 00LWN+SfRwhKSMbKw6de08GjwZXZwobM1sRrUW4im+8=
Subject key identifier: 6D:28:ED:5B:07:A9:76:9C:BE:8B:1D:57:7C:E4:1F:0F:AC:32:98:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43972B990E40775451559A8EBBDBA5EC07F66548
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
Signing time: Fri 26 Sep 2025 20:20:15 +0000
ROA not before: Fri 26 Sep 2025 20:20:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.160.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 13:29:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:97:2b:99:0e:40:77:54:51:55:9a:8e:bb:db:a5:ec:07:f6:65:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a8b13e6971bc0f0afcd5b8b659180dc31e9af5c7bd693a393114aca2a8daebdb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6b:0d:3f:5a:20:fa:6a:ea:e2:30:02:21:ef:
15:7e:f0:b3:ea:b3:c7:65:9a:46:99:bd:83:c4:34:
70:ad:4a:af:d3:a9:2e:be:6e:42:9e:16:7a:1c:a8:
ee:6a:cb:01:a2:92:17:00:c5:dd:9b:fb:40:db:c4:
d8:db:69:5a:60:a5:a0:67:81:b3:db:9d:a6:11:8f:
49:ea:b9:6c:e7:6a:ee:b6:5b:ff:d1:9a:cb:42:62:
78:85:be:59:60:e2:09:bf:14:cb:7a:a5:68:b4:73:
5e:4f:15:f8:e5:3e:08:be:cc:46:d8:b0:bb:d6:bb:
f9:f6:f0:8a:7e:2b:3c:bf:ac:db:cf:15:60:dc:3d:
af:93:76:60:64:fe:75:0e:64:61:db:a9:32:94:5a:
d6:5c:03:e3:38:fa:aa:59:36:92:38:c8:de:2b:b5:
46:9c:41:9b:a1:46:d4:46:be:55:d8:0d:b7:3e:c8:
5c:fd:24:61:64:c5:73:fd:f5:35:61:11:9e:83:5f:
7c:13:9e:1e:9f:96:80:03:74:1c:2c:2f:f6:b4:40:
92:d9:b1:c2:6a:44:0f:0b:7b:1d:df:f2:39:84:a8:
6d:43:29:57:a3:b0:b6:ec:e3:59:b8:75:ed:2a:5f:
7a:66:d4:98:7f:b1:1d:41:da:47:9b:55:05:a5:a0:
d8:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:28:ED:5B:07:A9:76:9C:BE:8B:1D:57:7C:E4:1F:0F:AC:32:98:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/63e023f1-83fd-412f-8365-33afe1ac80af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.160.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:7a:89:0d:88:96:56:8a:53:4c:f5:df:c3:e3:cc:1f:31:c1:
53:ee:0a:f5:54:66:35:13:60:38:e6:19:59:78:e0:8d:0d:5e:
b6:0d:f5:de:8d:59:b3:b7:0c:0f:28:f7:3c:14:ec:3a:57:44:
35:fd:03:2b:9a:ce:5a:75:7d:b7:75:a6:a7:3a:c9:29:db:f8:
f9:e3:40:b2:28:ff:ac:72:8c:dc:22:62:9a:b0:0a:1a:f6:30:
51:f1:4d:82:09:d4:c8:eb:85:88:1f:26:da:ca:56:46:cb:89:
20:94:8b:7b:42:a2:f9:25:eb:87:ae:6b:96:4f:02:46:97:8c:
11:51:73:26:8a:22:f4:ff:d4:b6:48:4b:e2:04:47:b3:75:44:
00:6e:11:c9:a9:9c:6f:fd:b7:d2:9f:8d:67:3e:b9:04:65:4e:
0c:e7:94:72:32:68:8a:7e:b5:7c:21:9c:c4:22:cf:37:3f:5e:
01:15:c3:6c:f2:15:f7:0b:0f:e0:57:92:3e:50:b3:ae:6a:94:
6a:08:58:37:4a:65:ad:63:dc:9d:e9:a7:63:e9:80:fa:26:b6:
63:59:57:2b:29:aa:93:b0:a7:ce:a3:d2:0d:ba:a3:e4:52:20:
51:ab:94:37:23:47:2b:a1:a6:e9:15:67:8b:03:cf:ff:f9:5f:
ba:05:ea:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ5crmQ5Ad1RRVZqOu9ul7Af2ZUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4YjEzZTY5NzFiYzBmMGFmY2Q1YjhiNjU5MTgwZGMzMWU5YWY1YzdiZDY5
M2EzOTMxMTRhY2EyYThkYWViZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJrDT9aIPpq6uIwAiHvFX7ws+qzx2WaRpm9g8Q0cK1Kr9OpLr5uQp4Wehyo
7mrLAaKSFwDF3Zv7QNvE2NtpWmCloGeBs9udphGPSeq5bOdq7rZb/9Gay0JieIW+
WWDiCb8Uy3qlaLRzXk8V+OU+CL7MRtiwu9a7+fbwin4rPL+s288VYNw9r5N2YGT+
dQ5kYdupMpRa1lwD4zj6qlk2kjjI3iu1RpxBm6FG1Ea+VdgNtz7IXP0kYWTFc/31
NWERnoNffBOeHp+WgAN0HCwv9rRAktmxwmpEDwt7Hd/yOYSobUMpV6OwtuzjWbh1
7SpfembUmH+xHUHaR5tVBaWg2LkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRtKO1b
B6l2nL6LHVd85B8PrDKY6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjNlMDIzZjEtODNmZC00MTJmLTgzNjUtMzNhZmUxYWM4MGFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOgMA0G
CSqGSIb3DQEBCwUAA4IBAQCueokNiJZWilNM9d/D48wfMcFT7gr1VGY1E2A45hlZ
eOCNDV62DfXejVmztwwPKPc8FOw6V0Q1/QMrms5adX23daanOskp2/j540CyKP+s
cozcImKasAoa9jBR8U2CCdTI64WIHybaylZGy4kglIt7QqL5JeuHrmuWTwJGl4wR
UXMmiiL0/9S2SEviBEezdUQAbhHJqZxv/bfSn41nPrkEZU4M55RyMmiKfrV8IZzE
Is83P14BFcNs8hX3Cw/gV5I+ULOuapRqCFg3SmWtY9yd6adj6YD6JrZjWVcrKaqT
sKfOo9INuqPkUiBRq5Q3I0croabpFWeLA8//+V+6BeqQ
-----END CERTIFICATE-----
Generated at Wed Oct 15 22:33:36 2025 by rpki-client