Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: COK0kAJtlB4RrNEG/fVrs+HhjxL83MrRlETZ7QyjF/0=
Subject key identifier: 9C:46:D4:CF:B0:1C:3E:46:03:F3:E2:68:E0:48:1F:BB:B7:0E:36:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A04B6C10E354E36075D53D58556EDA9DBB5DC08
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Tue 21 Oct 2025 15:00:32 +0000
ROA not before: Tue 21 Oct 2025 15:00:32 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:04:b6:c1:0e:35:4e:36:07:5d:53:d5:85:56:ed:a9:db:b5:dc:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:32 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=30feb9a65f549ed4870a21567465c1f06a32a151cef1f9dc80e42d14c398c6c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:1b:fc:1d:6c:9a:ac:bd:1e:47:72:94:e1:
d5:c2:95:57:b0:7d:b7:31:20:fa:cb:4c:e1:85:f2:
4a:36:9d:9c:8f:9e:a4:a6:e3:85:ac:ab:fd:81:a0:
ba:47:e1:b1:3c:42:7e:fb:04:21:1b:c1:6a:fd:f2:
48:9d:77:2c:81:9d:2a:45:4f:ed:c2:37:5b:28:3d:
78:e2:eb:ed:ae:a7:6c:95:99:13:7f:93:03:5f:72:
57:28:01:53:3e:b2:6a:44:11:84:7c:d4:b6:89:b1:
f9:d5:b4:a0:35:d6:d3:77:a2:7e:72:f0:19:ed:f5:
ca:f7:48:1a:9f:bd:ee:8d:da:4a:9b:09:40:18:53:
92:97:b2:9d:e7:9d:56:2b:87:6c:1d:1a:7c:6c:59:
8d:c5:f7:89:2c:a6:83:e4:b3:af:71:c1:92:e9:31:
8b:21:41:99:ac:69:5e:56:ce:75:70:c5:ce:0d:80:
73:92:24:d2:6f:af:06:a2:39:58:73:51:c9:43:41:
a7:d4:0a:b9:df:99:fc:ec:13:5c:f7:aa:3a:1b:48:
8a:24:f6:d2:1e:ec:7b:6b:e1:b5:4a:bc:16:c7:53:
ec:46:b2:70:b9:81:48:6f:53:4f:95:11:42:08:d6:
72:b5:93:76:08:06:98:8d:74:e4:74:1a:52:ff:dc:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:46:D4:CF:B0:1C:3E:46:03:F3:E2:68:E0:48:1F:BB:B7:0E:36:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:23:37:40:88:bc:ef:80:67:14:ed:c1:5d:11:cf:07:02:49:
1b:84:ea:58:6d:e7:c0:df:96:d8:1b:e7:bb:8d:40:64:e3:24:
75:b1:b0:3d:fe:ce:cb:ff:67:da:85:6f:c7:f5:9a:41:e3:4b:
1d:25:54:29:c7:eb:00:6b:c6:b7:52:9f:86:60:b8:7e:81:f1:
54:eb:8a:51:ec:5c:29:30:8f:c3:dc:9d:75:85:72:fe:bc:2b:
59:a6:ef:68:bd:91:d7:03:fb:56:46:b5:d2:6f:4e:03:07:3a:
c9:39:b1:e9:d8:7b:d3:8a:7e:71:e9:ca:c0:0b:ae:a6:21:c1:
74:1b:a1:c8:06:e1:53:c0:e5:99:c3:0d:74:97:06:c3:67:35:
e2:46:e8:cf:21:f1:0b:4a:c3:18:6f:45:d9:91:c9:95:c5:64:
72:0c:aa:cc:d4:8d:84:6e:04:b4:ec:13:20:c1:ae:d5:c0:8f:
1e:6d:03:d3:c5:13:e7:2e:77:b2:81:23:15:c5:91:75:2b:16:
6f:8c:b3:b7:e0:27:81:79:df:15:e5:da:14:b6:f3:dc:ee:af:
20:a1:3d:64:17:0e:ec:d7:6b:e6:9e:56:f4:b3:bb:2a:30:71:
dd:16:2e:72:cb:f2:d6:98:5d:ce:e5:fb:7d:d5:29:fc:cd:16:
1c:2a:79:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUagS2wQ41TjYHXVPVhVbtqdu13AgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMzJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZmViOWE2NWY1NDllZDQ4NzBhMjE1Njc0NjVjMWYwNmEzMmExNTFjZWYx
ZjlkYzgwZTQyZDE0YzM5OGM2YzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMS1G/wdbJqsvR5HcpTh1cKVV7B9tzEg+stM4YXySjadnI+epKbjhayr/YGg
ukfhsTxCfvsEIRvBav3ySJ13LIGdKkVP7cI3Wyg9eOLr7a6nbJWZE3+TA19yVygB
Uz6yakQRhHzUtomx+dW0oDXW03eifnLwGe31yvdIGp+97o3aSpsJQBhTkpeyneed
ViuHbB0afGxZjcX3iSymg+Szr3HBkukxiyFBmaxpXlbOdXDFzg2Ac5Ik0m+vBqI5
WHNRyUNBp9QKud+Z/OwTXPeqOhtIiiT20h7se2vhtUq8FsdT7EaycLmBSG9TT5UR
QgjWcrWTdggGmI105HQaUv/c5kUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBScRtTP
sBw+RgPz4mjgSB+7tw42mzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQDJIzdAiLzvgGcU7cFdEc8HAkkbhOpYbefA35bYG+e7
jUBk4yR1sbA9/s7L/2fahW/H9ZpB40sdJVQpx+sAa8a3Up+GYLh+gfFU64pR7Fwp
MI/D3J11hXL+vCtZpu9ovZHXA/tWRrXSb04DBzrJObHp2HvTin5x6crAC66mIcF0
G6HIBuFTwOWZww10lwbDZzXiRujPIfELSsMYb0XZkcmVxWRyDKrM1I2EbgS07BMg
wa7VwI8ebQPTxRPnLneygSMVxZF1KxZvjLO34CeBed8V5doUtvPc7q8goT1kFw7s
12vmnlb0s7sqMHHdFi5yy/LWmF3O5ft91Sn8zRYcKnmG
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:30:21 2025 by rpki-client