Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
File: 54f9687d-a273-4060-846b-ce640aca7c79.roa (raw, json)
Hash identifier: fViFaIlHMoKTirBWLrKfdtgSqDe8JMAZd1/H4VVZEPk=
Subject key identifier: ED:4C:B0:8D:FE:50:24:47:08:F9:2C:7A:62:83:DD:80:2E:37:79:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7AE0682E8C47F21C3B64FA9BF00AA3B74863EB3B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
Signing time: Fri 24 Oct 2025 00:40:05 +0000
ROA not before: Fri 24 Oct 2025 00:40:05 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:e0:68:2e:8c:47:f2:1c:3b:64:fa:9b:f0:0a:a3:b7:48:63:eb:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:05 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=a5682e6cecbaf445a0bab4a183f4b81d4c76ee0d5e68a4c8674629ebe18b8a4c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b2:25:36:e2:af:49:35:57:3b:7f:32:d8:2a:
2d:14:64:ae:14:ae:3e:11:4a:09:bc:73:ee:9f:25:
17:38:1e:d3:1c:d1:72:8e:ba:a8:cc:4c:bb:dc:bd:
56:5e:21:57:69:8d:26:01:f0:31:1d:44:2c:0f:66:
8a:f6:ed:1e:69:06:51:f0:92:cf:75:75:f0:88:50:
b7:b8:d9:3b:b4:54:a1:00:05:1c:1d:bd:d6:c8:38:
87:83:75:03:0d:3e:1e:7f:dd:95:4d:3a:ef:34:22:
ff:ed:c9:12:48:77:11:57:a8:da:55:ee:fd:2f:69:
04:97:ab:71:d1:73:52:43:5f:27:d4:9a:dc:ac:4a:
a3:6d:d9:bf:7e:46:2a:1f:60:eb:fb:1f:d7:5a:84:
c8:3a:38:41:b0:36:f2:13:bc:bc:18:e0:8a:95:e0:
47:ad:5c:0e:1b:35:d9:ac:4b:0e:a1:96:6b:f6:e2:
df:a8:89:27:0d:9a:1b:4e:f1:39:e8:59:bd:73:df:
61:6a:1b:e3:32:28:3b:cc:7a:ce:1c:12:ce:1c:af:
64:c2:7a:d6:8e:db:24:37:5b:fe:b0:9d:59:01:b5:
d1:f1:50:93:7e:7f:59:01:50:94:e7:0a:4a:ff:67:
8f:7d:bd:dc:c7:e4:71:ee:ee:57:44:2c:76:00:41:
7f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4C:B0:8D:FE:50:24:47:08:F9:2C:7A:62:83:DD:80:2E:37:79:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/54f9687d-a273-4060-846b-ce640aca7c79.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/14
Signature Algorithm: sha256WithRSAEncryption
89:4b:9c:3e:09:82:16:6c:4a:60:e1:ed:76:a7:d9:2e:c5:6d:
6c:2f:d7:e2:c1:28:41:7f:2b:ae:79:5b:ae:0d:b6:ba:07:2a:
17:c0:f9:50:e5:5c:e2:80:dd:ed:8e:c1:da:bf:8a:e0:17:18:
9a:d7:e2:91:bc:65:2b:fd:06:9a:6a:7c:f4:d9:55:00:58:9d:
87:d2:3f:68:a2:68:8d:fa:39:ba:fe:fa:a8:98:f4:46:ab:6c:
12:56:e0:1d:ca:c8:32:29:80:ed:ff:e1:6c:a2:94:09:f3:0f:
ef:02:b0:bf:3b:4e:10:fc:d0:f1:b7:aa:1c:4b:44:e0:38:15:
7b:d1:a9:74:a7:66:d9:4b:7f:68:04:58:3a:e6:0f:47:12:2a:
18:73:41:88:88:ab:7c:b6:b7:8c:22:43:6c:61:34:bb:d6:bd:
89:89:f2:3d:b9:ea:f2:3a:10:f4:f6:c5:5d:07:7c:ee:59:24:
98:37:dc:28:3b:9d:6e:c2:fe:59:13:19:c2:39:bf:4b:51:d2:
64:81:a2:14:ae:7a:f9:31:f4:d7:be:d8:9f:a1:16:8b:30:47:
a9:81:0b:fc:84:38:01:8c:ee:53:cb:30:6f:2e:ca:56:66:fb:
8b:91:33:e2:9c:1a:17:08:84:c8:2f:d3:ea:54:55:a5:a6:12:
c7:8e:3c:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeuBoLoxH8hw7ZPqb8Aqjt0hj6zswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMDVaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NjgyZTZjZWNiYWY0NDVhMGJhYjRhMTgzZjRiODFkNGM3NmVlMGQ1ZTY4
YTRjODY3NDYyOWViZTE4YjhhNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOOyJTbir0k1Vzt/MtgqLRRkrhSuPhFKCbxz7p8lFzge0xzRco66qMxMu9y9
Vl4hV2mNJgHwMR1ELA9mivbtHmkGUfCSz3V18IhQt7jZO7RUoQAFHB291sg4h4N1
Aw0+Hn/dlU067zQi/+3JEkh3EVeo2lXu/S9pBJercdFzUkNfJ9Sa3KxKo23Zv35G
Kh9g6/sf11qEyDo4QbA28hO8vBjgipXgR61cDhs12axLDqGWa/bi36iJJw2aG07x
OehZvXPfYWob4zIoO8x6zhwSzhyvZMJ61o7bJDdb/rCdWQG10fFQk35/WQFQlOcK
Sv9nj3293Mfkce7uV0QsdgBBf3ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTtTLCN
/lAkRwj5LHpig92ALjd53DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTRmOTY4N2QtYTI3My00MDYwLTg0NmItY2U2NDBhY2E3Yzc5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCJS5w+CYIWbEpg4e12p9kuxW1sL9fiwShBfyuueVuu
Dba6ByoXwPlQ5VzigN3tjsHav4rgFxia1+KRvGUr/Qaaanz02VUAWJ2H0j9oomiN
+jm6/vqomPRGq2wSVuAdysgyKYDt/+FsopQJ8w/vArC/O04Q/NDxt6ocS0TgOBV7
0al0p2bZS39oBFg65g9HEioYc0GIiKt8treMIkNsYTS71r2JifI9ueryOhD09sVd
B3zuWSSYN9woO51uwv5ZExnCOb9LUdJkgaIUrnr5MfTXvtifoRaLMEepgQv8hDgB
jO5TyzBvLspWZvuLkTPinBoXCITIL9PqVFWlphLHjjyP
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:04:21 2025 by rpki-client