Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: jRSkd4Ptxtnr7P4Wf8ibrF8U+uQKyLoHtk+TRMPFcDs=
Subject key identifier: 2B:0D:F7:4B:5B:A6:BF:3D:C1:D0:43:5E:1C:34:0C:62:3E:62:35:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D18863202236862232CD7B4FE98594CAB5347CE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Fri 24 Oct 2025 00:40:06 +0000
ROA not before: Fri 24 Oct 2025 00:40:06 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:18:86:32:02:23:68:62:23:2c:d7:b4:fe:98:59:4c:ab:53:47:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:06 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=9c3254cf6150ce61d9d11d4b7dbbef9987dc8c7035fc8f24945c781dc384da72, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:22:09:c7:a9:1f:83:74:f5:96:17:a0:c8:82:
69:0c:46:e4:c8:28:1e:1a:bb:3c:91:0b:4f:36:93:
77:9e:c5:63:71:c8:cf:81:fc:e0:0a:a0:02:62:cc:
82:a7:f9:6e:c4:dd:fc:25:18:b3:44:6d:6f:46:bf:
9a:82:20:62:a3:b9:dc:f8:e2:b8:f1:10:2c:25:e3:
24:1c:23:e1:d7:a9:23:fa:7d:62:c2:81:e7:49:6e:
c5:6b:0a:5d:94:db:b0:88:ff:22:59:59:68:ea:c0:
b9:4f:1d:63:74:96:d5:bb:f1:57:12:ff:a4:ad:73:
26:04:8b:9a:96:9c:dc:c4:4a:1d:92:19:3a:5c:05:
12:70:6e:04:81:62:b8:d2:a7:1d:3c:10:7a:e3:74:
f5:73:fe:ea:8f:28:c8:70:83:75:f0:c3:39:47:2a:
98:48:3c:dd:b1:46:48:7e:b9:97:7c:d3:1d:46:b2:
a9:0c:32:b7:a2:97:f5:e9:86:d3:00:53:3c:bf:80:
d4:6f:45:40:3b:4f:37:1f:96:4e:8d:ad:9d:8b:f5:
70:07:41:83:91:fb:8b:82:f5:27:f4:7a:64:a1:36:
f9:dc:66:9c:36:de:92:3e:c1:be:0d:50:00:b6:92:
d8:54:4b:30:ac:af:a1:83:0a:4d:00:64:a7:d5:98:
16:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0D:F7:4B:5B:A6:BF:3D:C1:D0:43:5E:1C:34:0C:62:3E:62:35:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
50:4b:0f:ab:c2:1f:6f:06:c0:f0:e9:f7:c0:f1:78:83:22:ee:
36:4b:a9:44:8c:64:db:9d:5b:f9:48:e2:2b:19:2e:91:70:cb:
e3:c9:30:bd:56:18:91:c1:c0:46:72:06:20:fc:6c:3b:61:b7:
43:28:ff:6f:fb:92:9f:01:85:ca:70:24:29:35:79:51:54:ff:
18:43:24:fa:e3:99:d7:bc:33:bd:d7:cb:de:bf:24:66:84:5d:
98:f7:2c:8a:fa:ae:c6:46:34:e1:2a:5a:55:26:1d:c8:22:f8:
f3:24:94:00:aa:a7:20:a2:61:ac:f0:33:c6:3c:02:96:4a:c8:
75:e1:57:b8:01:bd:c6:bd:60:3a:6c:6f:85:85:de:6e:88:45:
ff:49:55:a8:4a:75:57:52:27:a5:7c:12:35:bb:7e:bb:64:89:
39:a6:7b:0a:68:33:92:05:40:cf:bb:80:7a:2a:a8:3a:1d:02:
27:43:81:33:8e:42:20:bf:65:87:e9:76:34:fd:cf:a0:46:09:
47:14:f1:90:1a:6d:f2:60:c9:08:79:48:57:05:71:9c:82:c9:
08:c2:a8:22:f8:16:64:02:47:4a:2d:ba:11:b4:07:1f:41:25:
79:30:9a:05:3a:21:b8:75:ab:6d:3f:7a:09:8f:f1:4b:da:bc:
08:bd:0e:d9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbRiGMgIjaGIjLNe0/phZTKtTR84wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMDZaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDljMzI1NGNmNjE1MGNlNjFkOWQxMWQ0YjdkYmJlZjk5ODdkYzhjNzAzNWZj
OGYyNDk0NWM3ODFkYzM4NGRhNzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIiCcepH4N09ZYXoMiCaQxG5MgoHhq7PJELTzaTd57FY3HIz4H84AqgAmLM
gqf5bsTd/CUYs0Rtb0a/moIgYqO53PjiuPEQLCXjJBwj4depI/p9YsKB50luxWsK
XZTbsIj/IllZaOrAuU8dY3SW1bvxVxL/pK1zJgSLmpac3MRKHZIZOlwFEnBuBIFi
uNKnHTwQeuN09XP+6o8oyHCDdfDDOUcqmEg83bFGSH65l3zTHUayqQwyt6KX9emG
0wBTPL+A1G9FQDtPNx+WTo2tnYv1cAdBg5H7i4L1J/R6ZKE2+dxmnDbekj7Bvg1Q
ALaS2FRLMKyvoYMKTQBkp9WYFl0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQrDfdL
W6a/PcHQQ14cNAxiPmI1zzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQBQSw+rwh9vBsDw6ffA8XiDIu42S6lEjGTbnVv5SOIr
GS6RcMvjyTC9VhiRwcBGcgYg/Gw7YbdDKP9v+5KfAYXKcCQpNXlRVP8YQyT645nX
vDO918vevyRmhF2Y9yyK+q7GRjThKlpVJh3IIvjzJJQAqqcgomGs8DPGPAKWSsh1
4Ve4Ab3GvWA6bG+Fhd5uiEX/SVWoSnVXUielfBI1u367ZIk5pnsKaDOSBUDPu4B6
Kqg6HQInQ4EzjkIgv2WH6XY0/c+gRglHFPGQGm3yYMkIeUhXBXGcgskIwqgi+BZk
AkdKLboRtAcfQSV5MJoFOiG4dattP3oJj/FL2rwIvQ7Z
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:27:16 2025 by rpki-client