Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
File: 85056db0-2868-4547-8893-66ae7ad101d4.roa (raw, json)
Hash identifier: EP2yGj5OSnlrDAprEO4q4F5GLAuRGi7VoZaTwyigLio=
Subject key identifier: 1B:CA:29:F2:23:37:6A:9D:17:B6:12:64:42:B7:EC:F9:C0:80:78:A9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1DC82FEE1DC03CBFCC2DFA300664E7AAE6977322
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
Signing time: Mon 01 Sep 2025 21:40:21 +0000
ROA not before: Mon 01 Sep 2025 21:40:21 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.90.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 13:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:c8:2f:ee:1d:c0:3c:bf:cc:2d:fa:30:06:64:e7:aa:e6:97:73:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:40:21 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2904108a0a3de7ea12a3591ae594ab55fb315443d876ce1c821300f7827adf38, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:90:df:cc:b5:67:71:48:24:e8:8f:76:15:f1:
c2:08:ea:96:d9:93:5d:c4:9d:ed:a1:d7:2b:69:47:
4e:78:a4:2d:62:36:9a:33:7e:d2:5f:e4:a1:35:c5:
85:5e:1a:20:4b:2f:f1:3c:ae:14:4a:33:71:e7:b0:
4e:d9:64:b9:12:7d:0f:5d:1e:5a:52:1c:1e:90:22:
8b:72:22:89:84:58:f2:2f:db:d7:45:f7:54:41:42:
70:28:c3:9b:f7:af:0f:2e:51:d6:19:81:cd:55:af:
b2:c4:00:0e:51:6f:5b:a1:58:04:37:7f:39:93:35:
4c:72:af:73:5b:11:41:ed:b3:6e:c4:78:64:a7:29:
da:74:5d:04:fa:c3:c4:9c:cf:14:49:88:1b:90:8c:
e2:d0:de:b2:f1:5e:ba:f8:98:f5:06:ca:02:0f:a9:
25:fa:5f:fd:e0:7e:f8:06:9a:e2:fb:79:fb:00:f4:
a2:8d:a6:68:b0:8b:79:fe:de:83:72:85:ca:4c:d9:
36:60:6c:d6:62:ed:44:90:41:79:2f:68:4d:67:06:
28:ac:f9:27:b8:15:2e:d0:21:39:33:0e:51:04:22:
c6:c7:92:a1:1c:cf:ab:7d:f8:76:29:21:26:ea:75:
a6:10:90:99:b7:7e:53:b1:23:26:80:b4:63:20:62:
1e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:CA:29:F2:23:37:6A:9D:17:B6:12:64:42:B7:EC:F9:C0:80:78:A9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/85056db0-2868-4547-8893-66ae7ad101d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.90.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:4d:1a:56:8f:16:23:bf:f2:f2:10:23:31:aa:4c:de:eb:ee:
b6:9c:59:45:6d:e4:22:57:56:b0:0c:93:0a:fe:e0:c6:8e:2d:
61:e0:04:e1:ae:41:b9:5f:03:1b:35:2f:b5:b7:9d:95:ba:8d:
13:f2:f9:5a:5b:69:15:b1:62:9e:a8:71:7f:21:de:97:39:2d:
9c:55:42:2d:27:eb:13:19:b2:50:30:49:f8:54:e0:8e:f1:bd:
16:be:c7:18:e8:65:b6:d5:81:08:e7:c3:51:33:2e:bf:0d:9d:
3c:59:35:6b:6e:01:7e:ee:49:2a:70:d3:68:5c:5b:b9:fd:a9:
ea:ba:c8:58:64:8d:14:a7:8b:9f:f1:f8:a0:4e:3e:b7:3b:ee:
87:74:df:e9:a1:bf:89:63:07:43:15:ba:05:80:53:17:f9:c2:
b8:bd:2e:3f:99:83:80:35:db:7c:c0:2d:78:c1:3b:a8:1d:7d:
d1:4a:71:4c:ce:3b:ca:fe:75:2c:ed:9d:17:9f:4f:7f:fc:e0:
34:a5:87:17:19:02:df:03:fa:85:a8:3c:a7:0c:40:da:4a:5a:
18:ee:2c:91:05:51:28:64:c2:85:ad:7c:ed:ff:b1:6f:91:5f:
64:8f:9b:0e:6d:ec:7e:da:d4:9a:16:28:90:4e:9d:d2:5a:df:
cb:86:6f:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHcgv7h3APL/MLfowBmTnquaXcyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTQwMjFaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MDQxMDhhMGEzZGU3ZWExMmEzNTkxYWU1OTRhYjU1ZmIzMTU0NDNkODc2
Y2UxYzgyMTMwMGY3ODI3YWRmMzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKaQ38y1Z3FIJOiPdhXxwgjqltmTXcSd7aHXK2lHTnikLWI2mjN+0l/koTXF
hV4aIEsv8TyuFEozceewTtlkuRJ9D10eWlIcHpAii3IiiYRY8i/b10X3VEFCcCjD
m/evDy5R1hmBzVWvssQADlFvW6FYBDd/OZM1THKvc1sRQe2zbsR4ZKcp2nRdBPrD
xJzPFEmIG5CM4tDesvFeuviY9QbKAg+pJfpf/eB++Aaa4vt5+wD0oo2maLCLef7e
g3KFykzZNmBs1mLtRJBBeS9oTWcGKKz5J7gVLtAhOTMOUQQixseSoRzPq334dikh
Jup1phCQmbd+U7EjJoC0YyBiHj0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQbyiny
IzdqnRe2EmRCt+z5wIB4qTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODUwNTZkYjAtMjg2OC00NTQ3LTg4OTMtNjZhZTdhZDEwMWQ0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCGTRpWjxYjv/LyECMxqkze6+62nFlFbeQiV1awDJMK
/uDGji1h4AThrkG5XwMbNS+1t52Vuo0T8vlaW2kVsWKeqHF/Id6XOS2cVUItJ+sT
GbJQMEn4VOCO8b0WvscY6GW21YEI58NRMy6/DZ08WTVrbgF+7kkqcNNoXFu5/anq
ushYZI0Up4uf8figTj63O+6HdN/pob+JYwdDFboFgFMX+cK4vS4/mYOANdt8wC14
wTuoHX3RSnFMzjvK/nUs7Z0Xn09//OA0pYcXGQLfA/qFqDynDEDaSloY7iyRBVEo
ZMKFrXzt/7FvkV9kj5sObex+2tSaFiiQTp3SWt/Lhm/m
-----END CERTIFICATE-----
Generated at Thu Sep 18 20:14:40 2025 by rpki-client