Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: LUjRN/O5+CkN6wocNO92iu2Nq/OJSpTWuJ7AvBYkfvA=
Subject key identifier: 5E:15:A3:7B:15:27:85:33:31:E0:45:D7:77:C1:AE:13:3F:1C:7D:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5659F3674FA7665219B8A70027D5A2363E8B9074
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Tue 21 Oct 2025 14:50:26 +0000
ROA not before: Tue 21 Oct 2025 14:50:26 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:59:f3:67:4f:a7:66:52:19:b8:a7:00:27:d5:a2:36:3e:8b:90:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:26 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=99f94cc8c623a5a6e2c5e5a3a24dac65f3b998f53110ae8e2f418424d3fff791, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:aa:ed:c3:ba:71:cf:61:2b:11:30:c1:0e:b1:
27:54:b5:8e:3d:88:86:5a:91:5b:c2:d9:8e:3e:8c:
6e:4f:15:67:20:52:ce:66:d8:22:ce:15:cf:e8:0b:
fb:92:0e:b8:be:81:a7:22:af:45:4f:2b:52:54:ef:
37:8d:ef:61:0a:8c:79:a4:cf:04:34:85:fb:70:b0:
31:46:18:6b:4e:95:50:4b:8f:e3:3a:e8:74:82:a6:
00:68:6e:51:50:a6:d0:f3:88:e3:94:ac:fa:ea:6e:
3f:e0:48:c9:7f:d5:d5:be:2e:6f:31:db:ce:18:6f:
d3:db:aa:05:c2:08:46:c1:f6:d0:a9:7d:95:a0:3b:
b4:de:07:e1:02:e2:f2:66:46:d5:f2:8e:d9:ab:8b:
48:f7:6a:6e:48:cf:0c:e1:52:a9:a7:bd:af:21:02:
74:84:89:af:9b:91:bb:34:fb:49:94:5f:b1:d3:af:
de:8b:bd:db:bb:ef:85:cc:1d:4a:45:d3:4e:35:40:
e3:ae:40:8c:05:47:a4:ed:56:c7:5e:26:e1:22:62:
f5:09:c9:01:86:a6:4c:f0:e2:d9:49:dc:36:73:0d:
96:53:fd:e5:30:6e:59:b6:f3:12:08:a4:89:dd:72:
39:7a:2b:54:9f:51:11:95:91:50:00:28:4a:86:2d:
f7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:15:A3:7B:15:27:85:33:31:E0:45:D7:77:C1:AE:13:3F:1C:7D:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:c3:3b:58:55:8b:c5:8b:a4:2b:db:40:50:9a:58:ee:10:fc:
6f:ea:10:32:43:02:12:4b:69:13:52:0a:63:52:1f:78:e8:21:
45:74:a1:7f:c9:85:66:10:7b:f0:da:01:ed:18:0d:64:ff:2a:
18:2e:86:44:b1:79:98:71:7b:22:bc:19:3d:69:d9:67:e0:63:
f2:ba:2f:af:0f:19:d1:44:87:03:20:a0:0e:1c:bb:42:e5:d0:
99:51:9c:ac:ea:28:82:e8:6e:88:f9:8a:dd:51:aa:3e:f5:d9:
03:41:ec:65:3c:32:24:68:7c:91:a4:bc:e6:2a:c8:87:f2:b0:
90:76:64:a0:12:d6:05:a7:5f:f8:76:12:f7:45:d8:7e:27:da:
97:96:83:29:41:74:0f:b6:a4:34:9f:02:86:81:7f:83:b0:dc:
54:c2:65:2a:ff:44:6a:03:14:68:fc:b1:fe:b0:c3:aa:87:81:
ca:cb:8f:dc:22:e1:ce:53:ea:f3:b4:18:ee:54:67:f5:f4:f0:
71:33:42:b9:09:69:d8:be:6c:0f:f4:7e:e9:88:4a:80:db:02:
88:2a:69:de:96:b3:83:34:c6:e8:5d:fb:25:78:eb:88:91:f2:
c6:90:7c:a0:8d:f6:29:80:ca:89:11:27:2e:65:f5:3a:5f:6a:
45:e3:fd:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVlnzZ0+nZlIZuKcAJ9WiNj6LkHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMjZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5Zjk0Y2M4YzYyM2E1YTZlMmM1ZTVhM2EyNGRhYzY1ZjNiOTk4ZjUzMTEw
YWU4ZTJmNDE4NDI0ZDNmZmY3OTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6q7cO6cc9hKxEwwQ6xJ1S1jj2IhlqRW8LZjj6Mbk8VZyBSzmbYIs4Vz+gL
+5IOuL6BpyKvRU8rUlTvN43vYQqMeaTPBDSF+3CwMUYYa06VUEuP4zrodIKmAGhu
UVCm0POI45Ss+upuP+BIyX/V1b4ubzHbzhhv09uqBcIIRsH20Kl9laA7tN4H4QLi
8mZG1fKO2auLSPdqbkjPDOFSqae9ryECdISJr5uRuzT7SZRfsdOv3ou927vvhcwd
SkXTTjVA465AjAVHpO1Wx14m4SJi9QnJAYamTPDi2UncNnMNllP95TBuWbbzEgik
id1yOXorVJ9REZWRUAAoSoYt97cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBReFaN7
FSeFMzHgRdd3wa4TPxx98DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAgwztYVYvFi6Qr20BQmljuEPxv6hAyQwISS2kTUgpj
Uh946CFFdKF/yYVmEHvw2gHtGA1k/yoYLoZEsXmYcXsivBk9adln4GPyui+vDxnR
RIcDIKAOHLtC5dCZUZys6iiC6G6I+YrdUao+9dkDQexlPDIkaHyRpLzmKsiH8rCQ
dmSgEtYFp1/4dhL3Rdh+J9qXloMpQXQPtqQ0nwKGgX+DsNxUwmUq/0RqAxRo/LH+
sMOqh4HKy4/cIuHOU+rztBjuVGf19PBxM0K5CWnYvmwP9H7piEqA2wKIKmnelrOD
NMboXfsleOuIkfLGkHygjfYpgMqJEScuZfU6X2pF4/3B
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:28:53 2025 by rpki-client