Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: HtiRIF+vPfBABHy+2y/3pAOcSWXFfVQxY8Oth926wuM=
Subject key identifier: 6D:E8:32:52:B1:65:39:E5:34:F4:ED:E2:A1:07:17:5D:CC:9E:77:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B10FCD739B89518C3CFECBA04FCA46D5940F3CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Tue 21 Oct 2025 14:40:37 +0000
ROA not before: Tue 21 Oct 2025 14:40:37 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 08:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:10:fc:d7:39:b8:95:18:c3:cf:ec:ba:04:fc:a4:6d:59:40:f3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:37 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=85c678e3483d9bf1d5b6db0a22c5983bac95ee11326d3255cb95b99a8cc01590, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:36:03:ae:c6:9f:70:39:74:7a:2e:61:e2:f4:
1c:2c:55:43:6e:8c:e5:09:b5:b5:81:22:dc:82:8b:
a7:53:a2:fc:42:e7:44:3f:bc:52:fb:07:73:b7:2a:
a9:5a:a5:5a:60:a9:ba:da:67:c4:80:95:08:36:17:
88:cd:8e:4d:62:7c:13:1b:3c:cb:b8:c0:db:ec:69:
7b:69:17:af:2c:f9:94:a9:a6:a4:44:1f:b6:35:00:
63:6d:bd:b5:17:19:20:a1:72:2b:9f:3a:99:3a:03:
25:c9:41:6b:30:6d:f6:cf:9e:56:d5:46:88:a9:2a:
33:3c:5b:c0:07:05:8d:af:78:74:7e:29:31:b3:e7:
b2:19:f5:6e:87:19:69:f0:05:e3:14:bd:1a:8a:88:
9c:bc:bf:6c:8c:33:69:d1:a9:8b:a6:c3:75:f3:ff:
41:7a:87:48:10:b7:67:fc:5c:94:08:3f:fe:bc:50:
cb:0a:12:4d:7c:85:24:0b:25:bf:c3:a1:6d:8a:1d:
ba:8a:0e:e0:79:e7:14:91:f1:a6:66:be:e5:04:ad:
04:1a:a3:86:32:a2:72:57:6a:b2:c2:76:5a:34:75:
4b:f3:0f:2a:62:1b:68:27:84:e6:5b:8f:ed:ca:f2:
e9:b3:ee:ae:1f:c4:b1:3d:e4:f3:68:66:db:77:d8:
03:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:E8:32:52:B1:65:39:E5:34:F4:ED:E2:A1:07:17:5D:CC:9E:77:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:49:97:73:67:47:7e:d9:24:67:7a:b6:2e:80:40:cb:df:dc:
24:c8:10:74:59:2b:f7:7e:03:b0:df:c8:40:c5:cc:5a:29:78:
28:24:10:58:e8:67:18:4d:ec:09:fa:af:6c:ef:fe:97:71:c0:
b1:f6:d1:25:4b:01:de:49:3c:24:0e:a3:55:78:92:a4:d1:ca:
f0:c7:81:e5:9d:0f:e8:1a:6e:0d:17:a4:55:b4:ec:60:88:fb:
f7:0d:ee:e3:bd:89:81:ea:29:3e:df:91:39:62:2d:31:96:56:
60:4c:88:2e:e7:e5:99:39:19:4f:48:02:dd:d3:c9:72:f1:82:
ef:d4:0d:00:aa:de:90:98:e1:08:82:96:df:7e:65:aa:65:71:
44:85:57:7a:56:f6:37:22:d8:48:27:95:bc:ba:7a:10:6f:c6:
ed:49:79:43:f5:ab:f3:31:9f:22:c6:9d:17:97:df:7c:5b:a7:
76:f4:7e:09:4c:3f:b1:23:2a:f1:5b:88:4c:f6:a8:53:d4:69:
a9:14:9b:a8:f0:06:e4:35:68:03:b4:8f:dc:3a:3a:f3:e0:76:
1b:c4:cc:c1:a5:69:97:c5:a4:c5:2e:1e:a0:49:4e:23:29:4b:
3b:a3:04:5a:87:d2:fb:36:ac:87:74:fc:66:96:f1:dc:7b:8e:
96:f3:c7:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKxD81zm4lRjDz+y6BPykbVlA88wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzdaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YzY3OGUzNDgzZDliZjFkNWI2ZGIwYTIyYzU5ODNiYWM5NWVlMTEzMjZk
MzI1NWNiOTViOTlhOGNjMDE1OTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQ2A67Gn3A5dHouYeL0HCxVQ26M5Qm1tYEi3IKLp1Oi/ELnRD+8UvsHc7cq
qVqlWmCputpnxICVCDYXiM2OTWJ8Exs8y7jA2+xpe2kXryz5lKmmpEQftjUAY229
tRcZIKFyK586mToDJclBazBt9s+eVtVGiKkqMzxbwAcFja94dH4pMbPnshn1bocZ
afAF4xS9GoqInLy/bIwzadGpi6bDdfP/QXqHSBC3Z/xclAg//rxQywoSTXyFJAsl
v8OhbYoduooO4HnnFJHxpma+5QStBBqjhjKicldqssJ2WjR1S/MPKmIbaCeE5luP
7cry6bPurh/EsT3k82hm23fYA2MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRt6DJS
sWU55TT07eKhBxddzJ53tTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQAuSZdzZ0d+2SRnerYugEDL39wkyBB0WSv3fgOw38hA
xcxaKXgoJBBY6GcYTewJ+q9s7/6XccCx9tElSwHeSTwkDqNVeJKk0crwx4HlnQ/o
Gm4NF6RVtOxgiPv3De7jvYmB6ik+35E5Yi0xllZgTIgu5+WZORlPSALd08ly8YLv
1A0Aqt6QmOEIgpbffmWqZXFEhVd6VvY3IthIJ5W8unoQb8btSXlD9avzMZ8ixp0X
l998W6d29H4JTD+xIyrxW4hM9qhT1GmpFJuo8AbkNWgDtI/cOjrz4HYbxMzBpWmX
xaTFLh6gSU4jKUs7owRah9L7NqyHdPxmlvHce46W88ea
-----END CERTIFICATE-----
Generated at Mon Nov 3 11:01:37 2025 by rpki-client