
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: nOFKrBPCLp8EQ5uKFc8uWphM1LFjRMPoA0k4ylpRIHQ=
Subject key identifier: BE:EE:F9:C0:1B:24:03:E3:C1:00:79:6C:A0:B6:F5:FC:E8:81:23:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65B370C6A774E246F5EE57E455F33D0768C17742
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Fri 26 Sep 2025 20:21:20 +0000
ROA not before: Fri 26 Sep 2025 20:21:20 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b3:70:c6:a7:74:e2:46:f5:ee:57:e4:55:f3:3d:07:68:c1:77:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:20 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=05d2af00767105f5936d36a0ca8053b0153485a3b9227282cfc360c4e15dedaa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:82:b8:7a:5c:9e:75:13:5e:1b:6a:ae:2b:20:
38:f3:c1:b6:cc:cd:72:17:d4:9a:5c:8d:55:f3:26:
ff:7f:d4:bc:73:4b:d1:03:c0:32:5d:58:f9:d7:61:
86:92:c4:a1:c0:a7:68:23:b9:a3:11:66:fe:ce:84:
21:d4:a0:db:e1:54:d6:13:be:32:e4:1e:27:a6:db:
95:4a:9a:55:d6:43:83:bd:34:ba:a1:2d:22:d8:13:
22:32:0c:a1:d6:6e:eb:1d:21:27:0d:00:29:8a:15:
01:54:a7:d7:53:2b:a0:01:83:05:a4:d8:db:25:36:
c9:86:cc:5c:88:32:5c:80:36:e0:9c:31:24:65:5f:
b7:33:1f:68:39:f0:e4:aa:9f:92:cc:86:36:f4:b9:
e2:e9:da:5b:6e:d6:9b:fe:f4:fc:b9:62:b2:85:a2:
f1:6f:ef:24:0d:2f:dd:79:73:6e:af:72:28:e5:1e:
25:ed:06:9c:ae:94:0f:c9:9a:b8:c4:c3:29:10:7e:
bf:3c:f0:76:b8:74:3c:39:0e:2c:f4:c0:af:c0:d9:
ac:ab:12:0f:6b:c5:4c:02:0e:49:cc:48:47:69:10:
dc:95:87:94:89:e3:a6:8a:bc:21:ea:ff:f7:67:2a:
26:18:e5:e5:92:03:0c:98:9f:fc:4b:bb:b9:7b:09:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:EE:F9:C0:1B:24:03:E3:C1:00:79:6C:A0:B6:F5:FC:E8:81:23:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:71:b7:cb:41:c0:0b:e8:17:8c:cc:fd:30:b6:3f:bd:32:ec:
1e:60:de:55:17:96:91:a4:29:06:2d:f7:ce:28:74:2f:51:de:
42:2d:e9:68:2e:03:9b:6b:d6:d2:1d:75:98:fb:f9:07:20:77:
ac:c1:c8:b8:b0:9d:9d:b4:93:2c:a8:c6:94:9e:fa:14:c8:d7:
1e:bf:68:44:a8:95:f3:e4:b1:24:a8:7e:65:40:56:d0:98:7e:
07:30:23:5d:50:ba:5f:61:3c:b1:bb:64:2b:98:f6:d6:da:c4:
a1:6d:c2:7d:dd:ad:97:ca:45:3b:fa:a6:60:aa:42:81:90:3f:
87:44:b0:c9:48:e7:37:11:8b:a4:04:38:b1:e8:8b:db:fe:7d:
f5:89:0b:6f:f6:86:57:4f:f1:85:c2:20:23:a5:44:64:24:43:
5f:ad:49:24:52:cd:8d:7e:7e:e5:47:d2:b9:60:59:db:af:e9:
bf:37:f5:9d:91:a2:54:db:88:66:08:1a:c2:ed:4b:3b:27:9a:
5c:21:f7:b6:f2:1f:0f:c9:a1:b0:28:2f:8f:03:20:1d:e7:ad:
a0:61:4c:92:a1:89:6f:0f:01:0a:73:fa:aa:06:77:5e:9f:fe:
6e:d5:f3:2b:09:71:e3:b7:6f:fa:7f:2c:f7:9f:9b:ff:11:83:
37:6a:96:e1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZbNwxqd04kb17lfkVfM9B2jBd0IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMjBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA1ZDJhZjAwNzY3MTA1ZjU5MzZkMzZhMGNhODA1M2IwMTUzNDg1YTNiOTIy
NzI4MmNmYzM2MGM0ZTE1ZGVkYWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANeCuHpcnnUTXhtqrisgOPPBtszNchfUmlyNVfMm/3/UvHNL0QPAMl1Y+ddh
hpLEocCnaCO5oxFm/s6EIdSg2+FU1hO+MuQeJ6bblUqaVdZDg700uqEtItgTIjIM
odZu6x0hJw0AKYoVAVSn11MroAGDBaTY2yU2yYbMXIgyXIA24JwxJGVftzMfaDnw
5KqfksyGNvS54unaW27Wm/70/LlisoWi8W/vJA0v3Xlzbq9yKOUeJe0GnK6UD8ma
uMTDKRB+vzzwdrh0PDkOLPTAr8DZrKsSD2vFTAIOScxIR2kQ3JWHlInjpoq8Ier/
92cqJhjl5ZIDDJif/Eu7uXsJ8NUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS+7vnA
GyQD48EAeWygtvX86IEjojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQCtcbfLQcAL6BeMzP0wtj+9MuweYN5VF5aRpCkGLffO
KHQvUd5CLeloLgOba9bSHXWY+/kHIHeswci4sJ2dtJMsqMaUnvoUyNcev2hEqJXz
5LEkqH5lQFbQmH4HMCNdULpfYTyxu2QrmPbW2sShbcJ93a2XykU7+qZgqkKBkD+H
RLDJSOc3EYukBDix6Ivb/n31iQtv9oZXT/GFwiAjpURkJENfrUkkUs2Nfn7lR9K5
YFnbr+m/N/WdkaJU24hmCBrC7Us7J5pcIfe28h8PyaGwKC+PAyAd562gYUySoYlv
DwEKc/qqBnden/5u1fMrCXHjt2/6fyz3n5v/EYM3apbh
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:53:36 2025 by rpki-client