Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: g91RtvwtebYA7/L0s9+WaqsUmj8AaCTj3WDgab4wGQg=
Subject key identifier: 06:C0:47:8A:45:C6:5B:12:3E:16:EB:33:92:6B:45:60:0A:0A:89:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 497ED1FACE2D7D3957D62D638993857B57861C06
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Fri 31 Oct 2025 02:00:05 +0000
ROA not before: Fri 31 Oct 2025 02:00:05 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:7e:d1:fa:ce:2d:7d:39:57:d6:2d:63:89:93:85:7b:57:86:1c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:05 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=d6d9b985d6edc3f118e09a87876473dbef8d0310a3219aa7169e2a312c81bd87, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e2:d6:9a:d5:d1:a1:48:cc:45:90:6a:8c:57:
bc:24:b0:ca:b6:73:28:a7:bc:6c:6b:7a:28:b3:f9:
f5:51:49:cb:1e:fa:52:a1:0d:b7:33:9c:15:7f:d8:
f2:34:ad:4c:51:05:c8:96:8b:43:69:35:b7:cb:a4:
aa:fe:07:cd:6d:99:e5:e2:23:d2:35:47:3c:8a:7f:
47:66:bc:3d:d2:1c:33:64:23:1a:7e:a9:d9:0c:51:
e5:0e:7b:2c:cd:15:18:af:bb:f9:6b:d9:2b:4b:74:
f0:00:43:53:9d:4f:4b:05:34:c4:57:43:8a:cd:bf:
ff:61:15:70:2d:ad:7e:5f:90:dd:c3:80:17:70:f4:
4c:ea:48:5d:ae:34:f0:7d:c6:d7:ae:fb:fb:72:88:
4b:dc:d9:8b:d8:ae:52:fa:48:db:4a:46:d6:db:d3:
3e:37:94:f7:9e:e2:63:19:a4:93:71:19:ba:75:21:
a4:54:52:d2:b1:bd:bf:70:e3:89:e5:d2:90:5f:0e:
f4:65:b0:77:60:15:b6:27:b9:c1:56:10:23:51:47:
32:01:b4:c5:71:c9:e5:31:e5:8f:bb:1b:41:39:be:
0c:1a:50:f0:7a:e1:f6:4c:ac:dc:80:e5:4e:dc:16:
72:85:5b:a3:31:c0:36:6a:2d:d9:6a:d8:86:1b:d9:
05:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C0:47:8A:45:C6:5B:12:3E:16:EB:33:92:6B:45:60:0A:0A:89:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:54:c8:41:71:ac:18:2a:2f:df:19:45:1c:57:8e:a6:35:ae:
aa:4a:27:e8:ef:1f:0c:2e:7a:d1:71:51:2d:cc:a9:49:45:86:
c2:59:78:9c:f2:d2:40:0e:6a:fb:df:9b:d0:7d:07:ca:14:1b:
7e:93:38:60:bd:41:aa:d4:3f:e1:2e:c1:60:8a:91:fc:16:2e:
c2:66:d6:b4:25:76:bb:c6:c2:04:fd:6c:4f:c9:fb:8e:88:af:
a2:c8:30:7a:c6:14:d1:0e:fe:5a:4e:a7:97:c8:fc:9f:43:74:
19:90:fc:8b:86:4a:14:2c:e1:88:90:f1:c4:3e:25:a0:5f:9c:
7a:70:99:7d:eb:a6:06:cf:24:71:1c:69:6b:be:38:65:25:8a:
1a:9d:99:b7:5e:87:ea:c0:a2:77:9c:7e:6c:ea:c2:51:1b:17:
71:3b:55:db:9d:36:8b:8a:6d:e8:c1:49:ab:90:6a:03:e4:3e:
78:1d:28:3b:52:62:6b:96:5a:89:8e:2b:c1:1c:2b:89:8a:44:
74:ae:6d:9e:b8:f6:37:23:1e:16:59:ec:86:bf:4c:ff:4c:08:
83:93:92:07:51:ed:28:c9:16:39:ec:f2:b8:14:b4:d8:e4:ff:
69:93:7f:a9:d6:d8:e2:fa:27:b6:d6:a7:0a:c8:e4:90:ce:1a:
ba:1e:6a:dc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSX7R+s4tfTlX1i1jiZOFe1eGHAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMDVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZDliOTg1ZDZlZGMzZjExOGUwOWE4Nzg3NjQ3M2RiZWY4ZDAzMTBhMzIx
OWFhNzE2OWUyYTMxMmM4MWJkODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzi1prV0aFIzEWQaoxXvCSwyrZzKKe8bGt6KLP59VFJyx76UqENtzOcFX/Y
8jStTFEFyJaLQ2k1t8ukqv4HzW2Z5eIj0jVHPIp/R2a8PdIcM2QjGn6p2QxR5Q57
LM0VGK+7+WvZK0t08ABDU51PSwU0xFdDis2//2EVcC2tfl+Q3cOAF3D0TOpIXa40
8H3G1677+3KIS9zZi9iuUvpI20pG1tvTPjeU957iYxmkk3EZunUhpFRS0rG9v3Dj
ieXSkF8O9GWwd2AVtie5wVYQI1FHMgG0xXHJ5THlj7sbQTm+DBpQ8Hrh9kys3IDl
TtwWcoVbozHANmot2WrYhhvZBfECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQGwEeK
RcZbEj4W6zOSa0VgCgqJajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBIVMhBcawYKi/fGUUcV46mNa6qSifo7x8MLnrRcVEt
zKlJRYbCWXic8tJADmr735vQfQfKFBt+kzhgvUGq1D/hLsFgipH8Fi7CZta0JXa7
xsIE/WxPyfuOiK+iyDB6xhTRDv5aTqeXyPyfQ3QZkPyLhkoULOGIkPHEPiWgX5x6
cJl966YGzyRxHGlrvjhlJYoanZm3XofqwKJ3nH5s6sJRGxdxO1XbnTaLim3owUmr
kGoD5D54HSg7UmJrllqJjivBHCuJikR0rm2euPY3Ix4WWeyGv0z/TAiDk5IHUe0o
yRY57PK4FLTY5P9pk3+p1tji+ie21qcKyOSQzhq6Hmrc
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:08:51 2025 by rpki-client