Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: ecmD2VxGUk0L12fSj7paf2hpIhyA+19ZK3f9tzbxdXM=
Subject key identifier: 20:C9:7D:D2:F5:5E:85:15:88:38:51:63:18:23:09:04:92:77:43:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 014B4E460F4E5C41A5BD0BD0A1E23F726ECB4D5B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Tue 21 Oct 2025 14:50:40 +0000
ROA not before: Tue 21 Oct 2025 14:50:40 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:4b:4e:46:0f:4e:5c:41:a5:bd:0b:d0:a1:e2:3f:72:6e:cb:4d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:40 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1a05040442a321bd19ad1ff7f3a3a4f40d3d9fad8939c409582367f33f7ea9f1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4f:81:a6:f0:7d:6a:5c:06:af:6b:bc:3e:6a:
b4:eb:d6:8a:ed:35:ab:c8:b1:d4:c9:f2:1e:97:27:
68:fd:91:a5:9d:45:6b:0f:97:ae:73:ce:fd:ea:64:
c5:f0:c4:a6:88:5b:a6:6f:64:b0:74:dc:58:e6:ad:
bb:32:c9:62:ba:1b:17:90:fa:91:3e:76:2a:97:0c:
a4:46:89:5b:71:fb:85:f9:6d:2d:78:57:8b:86:4e:
79:17:dc:f3:9e:98:fe:2d:a8:d2:4a:8a:f5:14:56:
49:ac:3e:31:cc:22:6d:61:a1:c5:e8:30:d4:92:31:
87:c4:a7:08:2a:39:69:d1:da:31:f3:9c:c2:d9:2d:
bd:3b:b1:f5:03:e0:4d:49:c4:79:99:ff:64:0a:1d:
39:2b:a4:80:97:1d:b2:b3:bb:e9:f9:4b:4a:5b:be:
0b:31:ec:8c:5b:21:79:53:60:4a:3a:b8:76:60:0e:
71:0a:09:77:6e:28:4c:6e:65:6b:88:00:2f:4f:ff:
6d:90:1e:33:cb:c1:7d:26:15:71:b6:54:d3:49:e4:
3c:96:0b:af:88:31:88:d7:57:90:a4:9c:e6:4d:79:
a1:cb:58:10:03:ee:38:da:6d:ca:89:b6:43:0e:4b:
25:9e:2d:35:82:dd:1c:07:90:4a:82:c1:6a:45:2f:
50:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C9:7D:D2:F5:5E:85:15:88:38:51:63:18:23:09:04:92:77:43:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
08:a5:33:1b:cd:57:10:e0:90:4a:11:b3:e7:52:b3:ac:df:4a:
b2:f4:53:0c:06:f7:a6:b5:59:0f:18:99:dd:d7:2e:11:de:9d:
65:24:d3:fd:ec:85:0e:64:66:77:ca:1c:14:fe:e4:58:5e:58:
fc:79:c4:2d:ef:8c:36:48:58:7a:14:47:e1:78:89:e9:82:df:
2d:c6:87:c7:2d:f3:3c:2f:ba:a3:47:b5:b5:49:73:7b:fd:32:
f2:bc:32:50:55:42:1d:b9:57:4b:28:0d:13:65:44:2a:40:7c:
15:20:f2:b3:7d:e8:15:ee:e8:af:a9:5a:2e:b0:db:dd:78:9c:
e2:9c:21:81:f7:d6:ad:3d:83:a5:d9:5e:3b:56:65:1b:2d:db:
05:9e:41:f6:3f:72:2f:99:d9:6b:64:86:78:25:68:08:0e:9a:
ef:d5:3a:a2:a1:20:2b:41:a8:c7:b6:ed:55:88:81:6a:57:a5:
e8:6e:57:7f:f1:fa:e0:8c:31:91:c5:12:7b:10:6f:01:4c:e6:
31:22:9b:ff:6d:b6:c6:a5:21:6f:3c:ec:7d:20:72:0f:7a:c9:
7c:53:46:09:98:1a:59:93:cd:0c:ff:68:37:fe:c5:ed:37:06:
14:63:4d:47:15:f5:5d:d1:52:d3:05:7f:49:97:3c:af:b9:7d:
8f:69:43:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAUtORg9OXEGlvQvQoeI/cm7LTVswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwNDBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhMDUwNDA0NDJhMzIxYmQxOWFkMWZmN2YzYTNhNGY0MGQzZDlmYWQ4OTM5
YzQwOTU4MjM2N2YzM2Y3ZWE5ZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNPgabwfWpcBq9rvD5qtOvWiu01q8ix1MnyHpcnaP2RpZ1Faw+XrnPO/epk
xfDEpohbpm9ksHTcWOatuzLJYrobF5D6kT52KpcMpEaJW3H7hfltLXhXi4ZOeRfc
856Y/i2o0kqK9RRWSaw+McwibWGhxegw1JIxh8SnCCo5adHaMfOcwtktvTux9QPg
TUnEeZn/ZAodOSukgJcdsrO76flLSlu+CzHsjFsheVNgSjq4dmAOcQoJd24oTG5l
a4gAL0//bZAeM8vBfSYVcbZU00nkPJYLr4gxiNdXkKSc5k15octYEAPuONptyom2
Qw5LJZ4tNYLdHAeQSoLBakUvULkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgyX3S
9V6FFYg4UWMYIwkEkndDoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQAIpTMbzVcQ4JBKEbPnUrOs30qy9FMMBvemtVkPGJnd
1y4R3p1lJNP97IUOZGZ3yhwU/uRYXlj8ecQt74w2SFh6FEfheInpgt8txofHLfM8
L7qjR7W1SXN7/TLyvDJQVUIduVdLKA0TZUQqQHwVIPKzfegV7uivqVousNvdeJzi
nCGB99atPYOl2V47VmUbLdsFnkH2P3IvmdlrZIZ4JWgIDprv1TqioSArQajHtu1V
iIFqV6Xobld/8frgjDGRxRJ7EG8BTOYxIpv/bbbGpSFvPOx9IHIPesl8U0YJmBpZ
k80M/2g3/sXtNwYUY01HFfVd0VLTBX9JlzyvuX2PaUMz
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:30:52 2025 by rpki-client