Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: 3ReMRvPL2ahajPV4LRICmrSzXWgxcHM9DpPeQr0B+Kc=
Subject key identifier: B9:D4:E9:BB:07:63:A4:10:DC:CF:37:43:07:65:6E:3D:81:00:19:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39955667D8A6E93F48DC667A3C91DAB1118EFA97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Fri 31 Oct 2025 02:00:06 +0000
ROA not before: Fri 31 Oct 2025 02:00:06 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:95:56:67:d8:a6:e9:3f:48:dc:66:7a:3c:91:da:b1:11:8e:fa:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:06 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=bf97708cf3966122e4190fda1ec686ce49606151f21109d879b9cdc37d979eed, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bb:fb:17:9b:1d:97:0e:9f:9d:34:5b:2a:35:
fc:38:c4:40:05:2f:8e:6a:4a:43:3f:2b:e3:42:51:
04:55:fd:21:ab:a8:cc:74:d8:fd:40:26:ac:a2:91:
28:17:a3:f6:5d:d1:c6:05:95:d9:a8:c9:06:da:2e:
c9:44:b1:70:78:f9:54:e4:fd:f4:8e:5f:e2:8c:96:
c1:60:13:b2:93:0c:8c:b0:f4:cc:46:fb:5f:ec:c1:
c3:48:a2:5b:c4:ae:2c:ba:4d:65:fd:99:b3:42:8d:
df:6f:9c:3f:0f:0f:bc:3a:cb:31:32:34:74:c7:2e:
0b:78:62:3f:75:74:62:06:4b:66:ab:32:0d:d4:44:
7d:b1:bb:53:ea:6b:e1:b8:ca:0a:3d:c3:1b:80:44:
14:38:4b:b2:4d:2b:ec:08:a2:13:7e:a6:1e:e4:76:
1c:35:75:12:0b:7c:96:e4:dd:65:50:1d:7e:8b:22:
e0:47:bf:09:da:03:49:ee:bb:c7:a7:ae:6d:6e:e0:
ff:20:c3:6b:06:0e:8c:0e:ef:69:2e:2b:09:92:ac:
df:92:7d:6e:58:69:b0:4c:9b:76:77:84:74:9c:fa:
4a:8d:f7:d0:35:b6:bf:2d:e2:ff:bf:7f:cd:0b:c8:
37:62:3e:f9:8d:eb:3c:79:9d:db:e2:e9:fd:61:9d:
bb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:D4:E9:BB:07:63:A4:10:DC:CF:37:43:07:65:6E:3D:81:00:19:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:00:60:10:7b:80:c1:9b:52:33:81:7a:74:7c:9c:fd:34:84:
b0:16:69:4b:12:1f:08:82:13:4c:c7:56:11:90:7f:21:85:30:
70:c3:f3:77:d4:a7:9e:dc:fe:c8:60:8c:b2:43:b7:6c:bb:52:
99:1f:ba:ab:7e:3a:f6:8b:59:50:5c:86:92:28:0f:5f:b7:ee:
95:69:f6:ab:bd:45:8d:20:37:47:62:b9:85:06:d1:10:08:ea:
f0:58:50:8f:88:49:49:b8:b5:37:54:49:53:ee:4b:20:2d:fd:
98:d4:c2:7a:e3:26:87:e4:3a:4b:4c:77:e3:d6:0e:f5:c9:81:
4e:db:83:74:3c:08:fe:cd:5c:2d:28:89:18:93:96:6c:0c:76:
4e:6d:fa:a2:26:be:9f:aa:7b:5e:16:33:b6:41:22:82:76:59:
48:bf:75:86:77:60:65:b1:88:71:bb:78:91:2d:ba:0e:20:10:
6b:1e:80:4b:cf:27:31:b5:9d:0c:65:2b:b1:51:d6:ca:af:df:
6a:82:7b:f1:4f:24:84:88:03:db:52:32:81:40:0f:11:48:1d:
c3:ff:20:ad:87:95:63:09:0a:2e:58:0e:86:da:c9:ee:ca:aa:
e8:d1:14:3e:eb:92:70:6a:d7:93:01:95:f7:20:b6:5f:10:37:
d5:26:fa:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOZVWZ9im6T9I3GZ6PJHasRGO+pcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMDZaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmOTc3MDhjZjM5NjYxMjJlNDE5MGZkYTFlYzY4NmNlNDk2MDYxNTFmMjEx
MDlkODc5YjljZGMzN2Q5NzllZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN67+xebHZcOn500Wyo1/DjEQAUvjmpKQz8r40JRBFX9IauozHTY/UAmrKKR
KBej9l3RxgWV2ajJBtouyUSxcHj5VOT99I5f4oyWwWATspMMjLD0zEb7X+zBw0ii
W8SuLLpNZf2Zs0KN32+cPw8PvDrLMTI0dMcuC3hiP3V0YgZLZqsyDdREfbG7U+pr
4bjKCj3DG4BEFDhLsk0r7AiiE36mHuR2HDV1Egt8luTdZVAdfosi4Ee/CdoDSe67
x6eubW7g/yDDawYOjA7vaS4rCZKs35J9blhpsEybdneEdJz6So330DW2vy3i/79/
zQvIN2I++Y3rPHmd2+Lp/WGdu3ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS51Om7
B2OkENzPN0MHZW49gQAZKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQDBAGAQe4DBm1IzgXp0fJz9NISwFmlLEh8IghNMx1YR
kH8hhTBww/N31Kee3P7IYIyyQ7dsu1KZH7qrfjr2i1lQXIaSKA9ft+6VafarvUWN
IDdHYrmFBtEQCOrwWFCPiElJuLU3VElT7ksgLf2Y1MJ64yaH5DpLTHfj1g71yYFO
24N0PAj+zVwtKIkYk5ZsDHZObfqiJr6fqnteFjO2QSKCdllIv3WGd2BlsYhxu3iR
LboOIBBrHoBLzycxtZ0MZSuxUdbKr99qgnvxTySEiAPbUjKBQA8RSB3D/yCth5Vj
CQouWA6G2snuyqro0RQ+65JwateTAZX3ILZfEDfVJvoA
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:47 2025 by rpki-client