Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
File: 4264c9e7-8855-4a41-950f-ef8df4425790.roa (raw, json)
Hash identifier: dnv1zHhWNwPtitTkcY7Sf7AGJafIVoPy/GtCGxz0bb8=
Subject key identifier: 4E:69:F4:8F:9D:EC:36:7E:40:17:CD:DF:F2:F7:E3:FE:36:F7:A4:43
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 714BD8E3D5746045723395F497B343528362B947
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
Signing time: Tue 21 Oct 2025 14:50:06 +0000
ROA not before: Tue 21 Oct 2025 14:50:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:4b:d8:e3:d5:74:60:45:72:33:95:f4:97:b3:43:52:83:62:b9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=0b6c9c69ecad06ff22ce716c73773260a957689978b8de5ed015b0bccee246f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:50:78:9e:76:e2:4e:b3:0f:cb:13:56:a7:03:
e6:d8:56:a9:d7:47:2c:a2:7f:6f:c0:3b:10:e7:a1:
e7:40:a1:a5:ef:e5:f1:2e:37:2a:40:b2:71:a2:11:
bb:24:26:fa:a5:fb:bc:c1:60:6e:05:33:45:80:3b:
f0:35:44:98:2f:66:63:f4:91:45:5c:74:dc:95:8c:
4b:5e:cd:50:60:ee:b3:d3:4d:0e:5e:a9:e2:49:70:
ee:cc:0a:6f:93:f1:fb:6e:64:62:44:e2:1e:67:4f:
94:d8:a2:1f:62:32:ce:ab:94:68:d0:cf:91:91:a4:
3d:21:57:0b:78:e9:c6:dc:71:b6:4e:16:29:9c:bd:
7b:37:f9:59:f8:90:8d:a1:05:51:20:b9:e6:fb:a5:
70:21:b4:f3:e4:c0:e4:d1:77:66:eb:3f:c3:5d:7a:
5d:d3:0a:c4:51:c4:c6:e5:2d:9d:e4:03:36:f7:93:
8a:2d:ea:76:0f:17:f2:40:c1:27:19:bd:d6:9d:63:
ac:63:ad:4d:f1:ad:00:c5:a8:bc:93:af:36:9a:23:
5c:62:48:ee:12:1c:17:dd:37:a7:9b:03:a7:04:44:
32:17:7d:cf:92:c7:a3:f9:73:0a:87:83:ff:71:19:
c0:46:d1:31:ba:f4:21:60:61:34:8c:84:88:9a:95:
a2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:69:F4:8F:9D:EC:36:7E:40:17:CD:DF:F2:F7:E3:FE:36:F7:A4:43
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4264c9e7-8855-4a41-950f-ef8df4425790.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
18:5f:7d:d9:d5:fd:fe:f2:57:59:56:17:f1:51:cb:ea:37:a1:
cc:5b:b8:d6:b9:08:63:88:91:c7:7f:d5:9a:7d:ed:d3:89:db:
cf:54:f9:84:5d:13:ff:48:93:c8:7c:69:d8:41:a3:7c:00:b2:
77:f0:43:c9:b0:eb:34:1d:08:51:63:bb:2e:d5:bd:df:a6:96:
94:92:49:77:d9:f0:f5:ae:6e:ed:e8:a2:71:a0:d2:f2:07:f4:
e2:7e:3e:a0:f5:db:8d:26:d4:9f:e2:5d:2d:33:bc:13:be:a8:
cd:7c:6d:41:ed:47:ef:39:8a:f6:79:d0:6e:32:0f:19:ca:c4:
de:f3:1f:6e:1b:d8:f0:a1:54:01:5e:c3:99:80:11:07:31:29:
cf:fd:f4:de:8c:ea:eb:ad:38:55:5e:25:34:c6:04:44:41:20:
19:72:29:80:b9:8f:7d:44:5f:08:89:22:da:2d:fc:cf:40:04:
ef:29:2f:b5:2d:2c:82:aa:28:32:b6:b4:79:b5:a4:06:10:61:
c4:83:e3:0d:89:4e:89:e3:0c:10:3c:52:c6:f7:ca:d6:fc:d0:
d3:e2:bb:70:c2:9c:66:f6:11:10:77:73:ad:d2:8a:7a:21:86:
1a:8f:c0:b0:12:42:02:33:be:c7:b1:57:d5:26:e3:7d:17:a1:
13:ff:23:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcUvY49V0YEVyM5X0l7NDUoNiuUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiNmM5YzY5ZWNhZDA2ZmYyMmNlNzE2YzczNzczMjYwYTk1NzY4OTk3OGI4
ZGU1ZWQwMTViMGJjY2VlMjQ2ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJhQeJ524k6zD8sTVqcD5thWqddHLKJ/b8A7EOeh50Chpe/l8S43KkCycaIR
uyQm+qX7vMFgbgUzRYA78DVEmC9mY/SRRVx03JWMS17NUGDus9NNDl6p4klw7swK
b5Px+25kYkTiHmdPlNiiH2IyzquUaNDPkZGkPSFXC3jpxtxxtk4WKZy9ezf5WfiQ
jaEFUSC55vulcCG08+TA5NF3Zus/w116XdMKxFHExuUtneQDNveTii3qdg8X8kDB
Jxm91p1jrGOtTfGtAMWovJOvNpojXGJI7hIcF903p5sDpwREMhd9z5LHo/lzCoeD
/3EZwEbRMbr0IWBhNIyEiJqVou0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBROafSP
new2fkAXzd/y9+P+NvekQzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDI2NGM5ZTctODg1NS00YTQxLTk1MGYtZWY4ZGY0NDI1NzkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQAYX33Z1f3+8ldZVhfxUcvqN6HMW7jWuQhjiJHHf9Wa
fe3TidvPVPmEXRP/SJPIfGnYQaN8ALJ38EPJsOs0HQhRY7su1b3fppaUkkl32fD1
rm7t6KJxoNLyB/Tifj6g9duNJtSf4l0tM7wTvqjNfG1B7UfvOYr2edBuMg8ZysTe
8x9uG9jwoVQBXsOZgBEHMSnP/fTejOrrrThVXiU0xgREQSAZcimAuY99RF8IiSLa
LfzPQATvKS+1LSyCqigytrR5taQGEGHEg+MNiU6J4wwQPFLG98rW/NDT4rtwwpxm
9hEQd3Ot0op6IYYaj8CwEkICM77HsVfVJuN9F6ET/yMI
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:05:10 2025 by rpki-client