Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: wqeV4p93xVXbBqtWpfeoP4o4mMztU7wbSxMhQgEYDO4=
Subject key identifier: C4:91:61:13:99:00:DF:B1:07:0F:51:D2:8E:C8:B3:25:1A:65:75:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F002D456DE985770AE7CC651B551F95DBA4BBDE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Sat 15 Nov 2025 06:40:51 +0000
ROA not before: Sat 15 Nov 2025 06:40:51 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 14:56:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:00:2d:45:6d:e9:85:77:0a:e7:cc:65:1b:55:1f:95:db:a4:bb:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:51 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=c45177f5f3457b51596d113cf71cfe436e5a90c40afabbf338b98456f799156e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4c:bf:10:f2:1b:fb:21:8c:7c:a0:7a:10:8e:
e7:e9:18:aa:02:70:2f:27:55:a1:79:9a:8a:bc:56:
5b:15:c4:8e:0b:20:55:1d:af:82:68:47:b0:b1:8b:
bb:7d:bd:c0:80:4b:4f:9c:96:fa:b8:f5:cf:8b:72:
39:e2:15:df:7c:c3:b5:cd:51:bb:e2:f2:76:b1:28:
66:90:6d:b3:0b:fd:bf:70:6b:c2:33:bf:20:32:82:
8c:94:a2:c8:94:03:7b:d9:af:b3:f5:8c:20:61:1b:
c7:d3:d7:80:49:5b:13:5f:4e:7c:47:52:70:41:88:
5d:db:67:aa:01:1f:12:79:2f:11:5c:92:62:9d:68:
ff:a6:b5:09:9b:87:24:05:11:a9:77:59:6c:3b:e1:
65:34:6e:21:11:ed:9e:5a:3b:45:62:4b:78:16:55:
53:7c:1f:ef:5b:ae:d1:06:17:24:18:e0:e4:77:9c:
53:f7:9a:a3:03:4e:a8:15:58:21:fb:27:4f:75:cb:
85:51:f7:b1:84:f8:f6:8a:05:b0:99:f2:eb:69:1b:
49:0f:b9:92:5f:ed:23:de:7b:44:77:74:89:ae:a2:
3f:16:19:c5:3a:97:99:f9:b9:98:bc:35:01:37:03:
62:70:3d:a6:97:06:8e:c6:9a:c9:2b:b7:c7:49:eb:
a1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:91:61:13:99:00:DF:B1:07:0F:51:D2:8E:C8:B3:25:1A:65:75:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:2e:d4:47:1c:88:76:c7:b6:0c:ef:a2:72:9a:01:5f:55:45:
81:dc:98:d8:87:75:2c:93:14:96:9c:77:dd:5f:45:ea:f3:77:
fd:59:0b:22:57:ff:75:8f:3f:24:d2:04:d7:d8:d8:cc:15:19:
d5:fc:49:e6:ba:49:8b:01:8c:2c:00:c4:de:19:fe:8e:25:e4:
28:03:e9:1a:b0:9b:7c:94:f4:5c:ec:79:d8:b1:76:0e:c2:cc:
95:a1:88:7c:a6:97:10:8a:6b:15:e8:83:51:e1:e2:b6:ca:71:
f4:c0:49:36:2d:25:83:63:a3:7f:ac:59:02:bd:f7:1b:f3:ff:
93:c4:3c:87:40:2d:55:8e:a2:2f:06:0e:a1:3e:c3:7b:6d:2d:
ba:30:1e:24:ed:37:fa:4f:ce:83:c8:fd:87:3b:71:03:bd:d7:
9d:a2:26:d5:a7:d6:81:5f:bc:15:02:b6:fe:84:80:c1:8a:28:
56:b8:b8:71:40:80:65:f8:31:66:c1:38:50:c0:ce:ad:7e:b6:
cc:6d:0a:ef:d4:81:d8:cd:f2:c0:5c:87:da:55:cd:cc:03:42:
b9:46:40:9f:e2:6e:95:c2:c8:dd:20:4a:0f:5e:4c:23:68:16:
ec:34:88:80:d7:af:95:3b:1e:2f:1a:14:09:52:e2:25:c2:79:
00:5b:3b:7b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPwAtRW3phXcK58xlG1Uflduku94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwNTFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0NTE3N2Y1ZjM0NTdiNTE1OTZkMTEzY2Y3MWNmZTQzNmU1YTkwYzQwYWZh
YmJmMzM4Yjk4NDU2Zjc5OTE1NmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5MvxDyG/shjHygehCO5+kYqgJwLydVoXmairxWWxXEjgsgVR2vgmhHsLGL
u329wIBLT5yW+rj1z4tyOeIV33zDtc1Ru+LydrEoZpBtswv9v3BrwjO/IDKCjJSi
yJQDe9mvs/WMIGEbx9PXgElbE19OfEdScEGIXdtnqgEfEnkvEVySYp1o/6a1CZuH
JAURqXdZbDvhZTRuIRHtnlo7RWJLeBZVU3wf71uu0QYXJBjg5HecU/eaowNOqBVY
IfsnT3XLhVH3sYT49ooFsJny62kbSQ+5kl/tI957RHd0ia6iPxYZxTqXmfm5mLw1
ATcDYnA9ppcGjsaaySu3x0nroZkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTEkWET
mQDfsQcPUdKOyLMlGmV1vDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBwLtRHHIh2x7YM76JymgFfVUWB3JjYh3UskxSWnHfd
X0Xq83f9WQsiV/91jz8k0gTX2NjMFRnV/EnmukmLAYwsAMTeGf6OJeQoA+kasJt8
lPRc7HnYsXYOwsyVoYh8ppcQimsV6INR4eK2ynH0wEk2LSWDY6N/rFkCvfcb8/+T
xDyHQC1VjqIvBg6hPsN7bS26MB4k7Tf6T86DyP2HO3EDvdedoibVp9aBX7wVArb+
hIDBiihWuLhxQIBl+DFmwThQwM6tfrbMbQrv1IHYzfLAXIfaVc3MA0K5RkCf4m6V
wsjdIEoPXkwjaBbsNIiA16+VOx4vGhQJUuIlwnkAWzt7
-----END CERTIFICATE-----
Generated at Mon Nov 17 18:12:34 2025 by rpki-client