Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
File: 46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa (raw, json)
Hash identifier: UZdUyyNGso3SODIWOs0dJFhZ6+2MHjT2zd7XfNrjR/Y=
Subject key identifier: 48:33:45:B2:75:C2:AB:E0:AF:AA:47:8C:F1:AB:77:51:7B:2F:26:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C62E6C5D41DCE98198A27EC80958503CA564BF7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
Signing time: Mon 06 Oct 2025 18:10:34 +0000
ROA not before: Mon 06 Oct 2025 18:10:34 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.108.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:62:e6:c5:d4:1d:ce:98:19:8a:27:ec:80:95:85:03:ca:56:4b:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:34 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=1752e4c2d96d1bb5d4b85cebdb8ec29e236d9e35a70957931ab8ceab2f486013, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fc:8e:4c:a9:5d:f4:99:93:05:e3:a7:d2:86:
36:0c:d2:9e:a3:3e:0c:84:c1:e9:3e:22:8c:26:a5:
ee:8c:ea:4f:f1:a2:f2:bc:81:ad:2d:47:10:0f:80:
d1:8b:61:3c:49:9a:83:9d:c5:cc:0d:55:1f:f0:0d:
3e:82:2d:ca:18:d6:02:ca:7e:79:9a:93:1e:4d:d9:
4c:3c:bb:5e:58:fc:32:08:7e:05:d7:2f:be:a7:d8:
9f:d6:f5:30:0e:07:ef:69:14:9c:a5:31:74:63:56:
b5:9e:d8:7c:82:4d:5b:9a:d7:62:7e:93:32:ee:4f:
62:4a:59:56:ff:5e:5b:09:3e:d6:72:87:a2:23:55:
57:28:6b:ac:d3:f2:4e:a7:8b:2c:6a:06:7f:0b:e9:
03:01:c1:f2:4f:17:f8:40:d8:ad:af:64:e0:c4:20:
ec:9a:90:1f:c3:03:00:88:58:71:f3:55:3f:f7:4e:
94:69:20:8a:f8:f2:38:85:e5:6a:f0:98:b1:42:36:
15:d1:65:35:06:d2:cf:6d:6f:7d:ca:fb:f0:ef:ea:
68:48:f8:24:75:67:cb:36:9f:61:2a:03:c5:b9:dc:
69:fe:61:7b:e9:63:ed:19:da:06:ed:2e:37:52:0c:
dc:fa:cf:16:94:ea:76:b5:57:38:4f:58:5f:21:f4:
0b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:33:45:B2:75:C2:AB:E0:AF:AA:47:8C:F1:AB:77:51:7B:2F:26:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46eb8bb9-8a91-491d-8f3f-9cc4afcf5ecd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.108.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:5f:68:8e:6a:af:ae:0a:52:02:3b:43:ad:0c:ea:91:2a:44:
ba:b9:57:cb:3d:fd:01:0b:46:3f:e1:13:ef:2b:c2:57:b2:70:
12:7c:92:07:7c:f3:0b:fa:e5:2d:9a:5e:cf:9f:7e:77:44:49:
4e:3d:a1:7f:d2:c1:fe:e0:48:9a:8d:ab:4f:ec:b1:f3:f8:a0:
e1:b1:44:10:1c:6e:10:cc:a4:a7:7d:ef:36:dc:9d:17:9b:71:
95:5b:58:6e:bd:85:84:df:19:98:16:41:b2:33:dc:98:e6:cd:
89:7a:87:53:95:3f:ae:70:a9:14:01:ec:58:47:d6:df:90:1a:
4e:bc:e8:64:64:bc:c8:f9:bc:2a:5c:d3:71:33:61:37:1b:4a:
be:3d:d5:8b:96:42:01:17:a0:70:df:23:58:16:ad:13:4a:9e:
f4:f8:2b:17:0b:96:91:65:62:1d:9d:37:78:8a:78:5f:6b:35:
e2:2d:59:ed:32:30:60:15:c9:aa:66:b0:7c:e8:93:d6:13:b4:
70:22:0a:69:04:46:a2:11:7f:f6:e2:24:9a:8f:6a:a3:66:ed:
9f:c3:28:75:f3:ff:f6:60:4a:8e:a8:8e:f4:04:61:e6:aa:c6:
94:86:63:e7:36:68:8b:35:40:d6:e2:16:a7:1d:c6:89:f0:2d:
39:7e:32:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbGLmxdQdzpgZiifsgJWFA8pWS/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NTJlNGMyZDk2ZDFiYjVkNGI4NWNlYmRiOGVjMjllMjM2ZDllMzVhNzA5
NTc5MzFhYjhjZWFiMmY0ODYwMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANf8jkypXfSZkwXjp9KGNgzSnqM+DITB6T4ijCal7ozqT/Gi8ryBrS1HEA+A
0YthPEmag53FzA1VH/ANPoItyhjWAsp+eZqTHk3ZTDy7Xlj8Mgh+BdcvvqfYn9b1
MA4H72kUnKUxdGNWtZ7YfIJNW5rXYn6TMu5PYkpZVv9eWwk+1nKHoiNVVyhrrNPy
TqeLLGoGfwvpAwHB8k8X+EDYra9k4MQg7JqQH8MDAIhYcfNVP/dOlGkgivjyOIXl
avCYsUI2FdFlNQbSz21vfcr78O/qaEj4JHVnyzafYSoDxbncaf5he+lj7RnaBu0u
N1IM3PrPFpTqdrVXOE9YXyH0C7UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRIM0Wy
dcKr4K+qR4zxq3dRey8mmjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDZlYjhiYjktOGE5MS00OTFkLThmM2YtOWNjNGFmY2Y1ZWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNsMA0G
CSqGSIb3DQEBCwUAA4IBAQDDX2iOaq+uClICO0OtDOqRKkS6uVfLPf0BC0Y/4RPv
K8JXsnASfJIHfPML+uUtml7Pn353RElOPaF/0sH+4EiajatP7LHz+KDhsUQQHG4Q
zKSnfe823J0Xm3GVW1huvYWE3xmYFkGyM9yY5s2JeodTlT+ucKkUAexYR9bfkBpO
vOhkZLzI+bwqXNNxM2E3G0q+PdWLlkIBF6Bw3yNYFq0TSp70+CsXC5aRZWIdnTd4
inhfazXiLVntMjBgFcmqZrB86JPWE7RwIgppBEaiEX/24iSaj2qjZu2fwyh18//2
YEqOqI70BGHmqsaUhmPnNmiLNUDW4hanHcaJ8C05fjIM
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:39 2025 by rpki-client