Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: jIMv6IXkhzmrsjq8yETL7bYhgWLjGujTjbK+Dlz6IUs=
Subject key identifier: A1:CC:18:5F:F1:4E:16:E1:4A:82:CB:5B:4E:1D:53:55:F8:AC:6E:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52969FF43BC29E874D7CDCE3EAE07A78FEDF082B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Sat 15 Nov 2025 06:40:31 +0000
ROA not before: Sat 15 Nov 2025 06:40:31 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:96:9f:f4:3b:c2:9e:87:4d:7c:dc:e3:ea:e0:7a:78:fe:df:08:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:31 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=ac72d6365b84a9ddbc928eb6096cc56ef54488d9e3aec816d624a830c2f1366d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ae:80:73:f5:c0:c8:39:88:d7:45:b0:38:ae:
f2:24:14:19:91:22:59:1c:c9:25:30:f4:73:dc:4b:
08:5a:b2:28:30:36:75:eb:71:50:b9:24:98:8f:8c:
3b:57:7f:8c:d6:09:04:02:df:84:67:07:36:48:42:
11:9f:85:47:da:9e:ef:da:59:45:32:40:04:01:bc:
88:20:7f:61:e9:56:a9:8f:33:bb:58:1f:92:ad:c2:
ac:56:75:08:fe:e8:64:f9:71:71:1a:42:dd:9e:8c:
99:27:73:da:d2:c6:03:6a:7a:89:02:27:9c:a2:83:
44:ee:55:85:ee:19:ef:ee:5d:e1:a5:b9:5a:4d:84:
63:fb:f8:50:5e:17:76:6f:4e:ad:bb:9a:c4:24:b9:
06:1d:ae:65:52:e5:40:b1:e2:d0:6b:19:d3:5e:1e:
87:8f:68:7e:74:08:ae:84:ab:25:ea:d1:12:c6:32:
c4:cd:2f:40:6f:2f:00:73:a8:c2:78:48:35:ce:dc:
c2:93:f1:43:4c:a5:d3:bf:eb:58:d6:e0:8e:03:c0:
9e:01:70:ea:53:d6:41:06:ff:d5:18:aa:84:d3:47:
bc:94:e7:a7:61:b7:71:58:58:b1:ba:46:59:50:f5:
82:36:23:22:a3:7f:90:c7:af:63:f6:27:fc:91:cb:
04:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:CC:18:5F:F1:4E:16:E1:4A:82:CB:5B:4E:1D:53:55:F8:AC:6E:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:c7:94:23:f4:a0:84:a1:2e:e6:72:d7:b4:f2:bf:bc:63:10:
7b:4a:46:20:f6:cb:34:36:6c:6a:14:1f:bd:90:8c:46:1b:87:
06:90:0f:25:c7:09:45:37:62:da:e1:6a:88:09:a8:24:af:fe:
50:0f:b3:65:09:f1:3b:5f:90:3a:08:e7:ce:77:35:7e:06:85:
85:14:d3:dd:f8:42:32:99:dc:97:18:c5:ee:49:f9:ab:c7:75:
d4:ba:d1:37:99:b2:9a:b1:46:b0:42:88:b7:c0:21:8e:41:87:
cd:10:55:5d:de:7f:d0:49:8b:fc:f7:17:0e:e2:91:bb:4b:c1:
40:63:53:16:6f:48:ca:f1:3c:7a:08:d5:32:fb:71:ae:a8:b0:
60:d0:c7:d8:1e:3e:87:af:46:f9:78:5f:bb:8d:4d:95:c2:bc:
b1:30:6b:2f:a1:17:ba:6d:b5:07:48:b2:68:2f:6f:3f:58:99:
d7:25:f9:f3:0f:d6:59:ed:15:91:16:65:9c:c4:e2:c2:8f:2e:
c4:93:72:a7:50:e4:75:03:18:64:89:b4:46:dd:26:97:f8:0b:
eb:43:cc:e2:50:e6:78:10:05:38:38:a6:81:58:52:8e:95:fe:
48:3f:4b:19:0f:2c:33:f3:b5:5f:7d:a6:09:35:7b:dc:a7:06:
bf:1e:45:88
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUpaf9DvCnodNfNzj6uB6eP7fCCswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwMzFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjNzJkNjM2NWI4NGE5ZGRiYzkyOGViNjA5NmNjNTZlZjU0NDg4ZDllM2Fl
YzgxNmQ2MjRhODMwYzJmMTM2NmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaugHP1wMg5iNdFsDiu8iQUGZEiWRzJJTD0c9xLCFqyKDA2detxULkkmI+M
O1d/jNYJBALfhGcHNkhCEZ+FR9qe79pZRTJABAG8iCB/YelWqY8zu1gfkq3CrFZ1
CP7oZPlxcRpC3Z6MmSdz2tLGA2p6iQInnKKDRO5Vhe4Z7+5d4aW5Wk2EY/v4UF4X
dm9OrbuaxCS5Bh2uZVLlQLHi0GsZ014eh49ofnQIroSrJerREsYyxM0vQG8vAHOo
wnhINc7cwpPxQ0yl07/rWNbgjgPAngFw6lPWQQb/1RiqhNNHvJTnp2G3cVhYsbpG
WVD1gjYjIqN/kMevY/Yn/JHLBEsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBShzBhf
8U4W4UqCy1tOHVNV+KxuIDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCDx5Qj9KCEoS7mcte08r+8YxB7SkYg9ss0NmxqFB+9
kIxGG4cGkA8lxwlFN2La4WqICagkr/5QD7NlCfE7X5A6COfOdzV+BoWFFNPd+EIy
mdyXGMXuSfmrx3XUutE3mbKasUawQoi3wCGOQYfNEFVd3n/QSYv89xcO4pG7S8FA
Y1MWb0jK8Tx6CNUy+3GuqLBg0MfYHj6Hr0b5eF+7jU2VwryxMGsvoRe6bbUHSLJo
L28/WJnXJfnzD9ZZ7RWRFmWcxOLCjy7Ek3KnUOR1AxhkibRG3SaX+AvrQ8ziUOZ4
EAU4OKaBWFKOlf5IP0sZDywz87VffaYJNXvcpwa/HkWI
-----END CERTIFICATE-----
Generated at Mon Nov 17 11:38:55 2025 by rpki-client