Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: vMphT5C78w8G/65JRlwLnWxdxzcPOJLo2wK0aFR3NPw=
Subject key identifier: 97:30:92:BD:A4:C0:AF:4E:58:B5:27:92:9A:88:49:14:8A:40:BB:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 639B2B94D0658E56087D34A7CDFDCBF603120704
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Tue 21 Oct 2025 14:40:34 +0000
ROA not before: Tue 21 Oct 2025 14:40:34 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:9b:2b:94:d0:65:8e:56:08:7d:34:a7:cd:fd:cb:f6:03:12:07:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:34 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=da5958abd907569deb8192dcb1f98f32253ffb1ef8cf6e32fc0ff9604894c29a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:cf:77:f7:02:30:3a:14:c7:73:4c:da:04:69:
55:0b:7e:4d:90:af:c1:ef:75:6e:41:bb:0f:42:2a:
7d:c9:de:11:72:91:79:a6:6b:b7:85:30:8b:ca:4a:
c0:91:88:05:f5:fb:74:1c:4e:c2:a7:d7:8e:17:ef:
6c:47:be:b0:46:ab:25:3b:49:14:29:05:4f:77:20:
24:32:f2:1b:54:a8:86:5b:fd:92:03:0b:45:f3:13:
2a:6d:cb:b0:f6:fa:1a:2a:4a:e3:f6:12:9c:d5:3b:
de:19:27:2f:ca:ae:71:d1:61:cb:14:95:33:fd:32:
30:d3:41:b8:76:d9:f9:aa:3b:ce:81:14:7f:4c:f6:
56:06:76:48:9e:b1:2a:3a:21:9d:a9:66:73:f9:62:
fd:29:1c:50:33:cc:50:3b:fb:23:f8:42:ba:62:05:
db:67:5e:5a:67:1d:b1:b1:b5:99:d9:b1:b0:b0:6a:
13:6f:fd:1f:fe:e5:83:c3:24:9f:fe:8c:a3:29:83:
ae:29:e2:58:8c:c4:4b:c7:06:e2:88:85:fd:59:b5:
3a:5a:4b:5e:0d:bc:ff:d8:35:39:96:ff:f4:e7:aa:
a5:c6:c8:df:b4:e9:b2:75:f6:2d:29:34:bc:3e:aa:
22:85:49:4a:84:2e:ae:4c:f7:2c:56:01:a3:02:7c:
38:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:30:92:BD:A4:C0:AF:4E:58:B5:27:92:9A:88:49:14:8A:40:BB:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:ae:6e:ad:a7:d3:57:c5:97:33:da:63:49:76:ad:3a:81:95:
fb:82:d0:48:4e:02:0e:3c:68:dd:30:19:0e:93:da:4c:3b:26:
bd:cd:43:c1:d6:6d:c0:e2:b5:df:d8:6b:46:10:4b:1d:f0:f9:
ea:e5:75:d4:59:ab:47:3d:e0:8c:aa:b1:0c:ad:78:ae:c3:ec:
32:c3:8d:6b:6c:b3:46:8a:9f:97:84:dd:c1:6c:9c:83:02:10:
07:35:79:05:fc:a8:40:d6:96:ee:15:a4:34:ec:c2:91:6a:99:
1e:b6:fb:a4:25:bb:4f:d4:4d:2c:7a:82:a1:44:4f:cd:94:7c:
07:b7:13:f8:7b:ee:7a:a0:b6:6d:18:e9:e5:05:de:06:50:8b:
3e:1b:65:a8:e3:b9:28:01:55:9a:e7:51:ff:e2:21:38:94:42:
8c:87:4a:39:f0:e6:92:fe:cd:6c:de:35:0d:66:4c:e3:33:0d:
e3:fd:05:0f:93:b6:3c:c7:ce:7b:69:11:c0:20:d1:ac:0a:b9:
ad:74:00:fd:7c:28:ec:6e:e0:5b:7d:11:82:5d:63:9a:09:65:
44:5e:34:88:a0:c1:b8:52:71:4c:54:8f:18:15:d5:3c:9a:e2:
0b:54:53:30:00:28:1d:ec:bb:1d:ca:5b:54:08:78:a0:e4:dc:
74:17:f8:16
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY5srlNBljlYIfTSnzf3L9gMSBwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNTk1OGFiZDkwNzU2OWRlYjgxOTJkY2IxZjk4ZjMyMjUzZmZiMWVmOGNm
NmUzMmZjMGZmOTYwNDg5NGMyOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMbPd/cCMDoUx3NM2gRpVQt+TZCvwe91bkG7D0IqfcneEXKReaZrt4Uwi8pK
wJGIBfX7dBxOwqfXjhfvbEe+sEarJTtJFCkFT3cgJDLyG1Sohlv9kgMLRfMTKm3L
sPb6GipK4/YSnNU73hknL8qucdFhyxSVM/0yMNNBuHbZ+ao7zoEUf0z2VgZ2SJ6x
Kjohnalmc/li/SkcUDPMUDv7I/hCumIF22deWmcdsbG1mdmxsLBqE2/9H/7lg8Mk
n/6MoymDriniWIzES8cG4oiF/Vm1OlpLXg28/9g1OZb/9OeqpcbI37TpsnX2LSk0
vD6qIoVJSoQurkz3LFYBowJ8OGECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSXMJK9
pMCvTli1J5KaiEkUikC7zDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQDXrm6tp9NXxZcz2mNJdq06gZX7gtBITgIOPGjdMBkO
k9pMOya9zUPB1m3A4rXf2GtGEEsd8Pnq5XXUWatHPeCMqrEMrXiuw+wyw41rbLNG
ip+XhN3BbJyDAhAHNXkF/KhA1pbuFaQ07MKRapketvukJbtP1E0seoKhRE/NlHwH
txP4e+56oLZtGOnlBd4GUIs+G2Wo47koAVWa51H/4iE4lEKMh0o58OaS/s1s3jUN
ZkzjMw3j/QUPk7Y8x857aRHAINGsCrmtdAD9fCjsbuBbfRGCXWOaCWVEXjSIoMG4
UnFMVI8YFdU8muILVFMwACgd7LsdyltUCHig5Nx0F/gW
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:36 2025 by rpki-client