Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
File: 6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa (raw, json)
Hash identifier: 679KnVKL8GzAvgel7pLU7kxparvbf95x6uRogTxTSOs=
Subject key identifier: 07:7A:1B:C3:11:ED:D2:78:1A:5B:3F:80:0D:44:59:52:F5:60:0D:14
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 732F00D483F108BB5D513C802AFDB6F0B8492A2A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
Signing time: Mon 29 Sep 2025 15:40:12 +0000
ROA not before: Mon 29 Sep 2025 15:40:12 +0000
ROA not after: Mon 03 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.46.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:2f:00:d4:83:f1:08:bb:5d:51:3c:80:2a:fd:b6:f0:b8:49:2a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 29 15:40:12 2025 GMT
Not After : Nov 3 23:59:59 2025 GMT
Subject: serialNumber=3a9c34d120f0bb4ab7fdf510c7b08c42da805e01b27a770b2f4dcbdb490a2667, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5e:6e:58:28:63:37:a8:38:0e:cd:10:7a:42:
f8:4e:8c:d9:77:31:cb:f3:b2:56:45:80:b0:df:6d:
64:50:1f:a2:b6:dd:1a:5e:e7:b0:51:6e:ab:84:20:
a8:9b:ac:8f:23:0f:c1:c1:46:f3:36:3d:a5:b0:95:
34:02:14:2c:ca:1b:bc:c3:50:1c:4c:49:4b:2f:6a:
a3:d9:a2:82:b3:c6:a1:77:e3:48:a1:ca:ba:b0:39:
1d:f4:6f:c0:68:39:01:2b:a7:30:50:63:19:22:67:
d2:25:cd:2d:58:4d:6c:c5:7b:e4:17:e0:f9:aa:0f:
56:27:d7:72:50:c4:2f:04:78:5b:85:34:4e:5a:52:
f9:1a:ee:33:8c:02:1e:f2:06:c2:6a:ad:95:ef:10:
d0:08:64:b5:98:04:97:16:e6:6f:a3:7c:e3:ae:54:
5c:54:08:55:70:8c:74:4d:49:3c:ed:14:7a:7a:1d:
d9:61:cd:b7:2f:d3:11:ac:00:9a:50:b4:92:7f:dd:
89:a4:b8:c7:d8:b7:b3:f5:4c:90:8a:4a:4e:31:ff:
d0:4e:87:7b:70:a6:ac:65:b3:64:f8:02:54:96:0f:
9e:20:85:a1:11:1a:7b:af:7f:96:4d:3d:63:da:8a:
a5:b1:6d:d8:50:e1:d1:21:27:c1:d1:8e:da:fc:fe:
c9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:7A:1B:C3:11:ED:D2:78:1A:5B:3F:80:0D:44:59:52:F5:60:0D:14
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6252e9a3-4fdc-4c43-b91b-deb58ca2dd7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.46.0.0/15
Signature Algorithm: sha256WithRSAEncryption
09:83:a9:45:a8:43:3d:cd:77:af:8d:98:90:5f:a1:1d:41:d4:
51:58:a1:da:79:83:88:c0:72:de:00:6f:81:c8:11:22:dc:7f:
fe:a4:3a:d7:2f:ae:25:36:22:3d:fc:50:01:4e:5e:24:3d:f5:
15:36:cd:66:46:4c:3d:c3:5e:63:3f:67:ee:4d:e8:4b:77:5a:
23:12:3a:ae:c8:23:e3:00:bf:02:53:f5:27:d5:ab:77:0f:38:
89:16:5e:7f:ba:28:6c:55:2a:77:1c:0e:9f:6c:e1:15:9d:a0:
93:44:ff:4a:d5:a4:d5:23:e1:c4:b5:9b:7e:18:fa:18:22:e2:
2b:ab:00:ea:42:75:28:6b:84:08:bb:24:98:f0:c8:58:42:57:
01:dc:a9:64:1a:af:a5:c8:15:66:ba:85:b9:b6:2e:01:4e:c4:
0d:c8:34:c1:7d:69:75:c5:f9:ff:f6:3b:1c:62:2e:40:65:02:
76:ea:91:d6:dc:1b:46:7d:29:fa:7b:0c:63:bc:c6:fd:5d:17:
a4:d7:92:fb:06:32:af:37:5b:be:cf:70:35:a0:96:1d:86:5a:
d1:e5:94:7a:13:85:34:b7:e8:9d:ea:53:47:df:79:d2:9d:e8:
4f:23:c4:7e:ea:d5:b8:cf:f8:70:41:3c:6b:94:c0:95:4e:e3:
c3:3b:ae:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcy8A1IPxCLtdUTyAKv228LhJKiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjkxNTQwMTJaFw0yNTExMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhOWMzNGQxMjBmMGJiNGFiN2ZkZjUxMGM3YjA4YzQyZGE4MDVlMDFiMjdh
NzcwYjJmNGRjYmRiNDkwYTI2NjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFeblgoYzeoOA7NEHpC+E6M2Xcxy/OyVkWAsN9tZFAforbdGl7nsFFuq4Qg
qJusjyMPwcFG8zY9pbCVNAIULMobvMNQHExJSy9qo9migrPGoXfjSKHKurA5HfRv
wGg5ASunMFBjGSJn0iXNLVhNbMV75Bfg+aoPVifXclDELwR4W4U0TlpS+RruM4wC
HvIGwmqtle8Q0AhktZgElxbmb6N8465UXFQIVXCMdE1JPO0Uenod2WHNty/TEawA
mlC0kn/diaS4x9i3s/VMkIpKTjH/0E6He3CmrGWzZPgCVJYPniCFoREae69/lk09
Y9qKpbFt2FDh0SEnwdGO2vz+ySMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHehvD
Ee3SeBpbP4ANRFlS9WANFDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjI1MmU5YTMtNGZkYy00YzQzLWI5MWItZGViNThjYTJkZDdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMuMA0G
CSqGSIb3DQEBCwUAA4IBAQAJg6lFqEM9zXevjZiQX6EdQdRRWKHaeYOIwHLeAG+B
yBEi3H/+pDrXL64lNiI9/FABTl4kPfUVNs1mRkw9w15jP2fuTehLd1ojEjquyCPj
AL8CU/Un1at3DziJFl5/uihsVSp3HA6fbOEVnaCTRP9K1aTVI+HEtZt+GPoYIuIr
qwDqQnUoa4QIuySY8MhYQlcB3KlkGq+lyBVmuoW5ti4BTsQNyDTBfWl1xfn/9jsc
Yi5AZQJ26pHW3BtGfSn6ewxjvMb9XRek15L7BjKvN1u+z3A1oJYdhlrR5ZR6E4U0
t+id6lNH33nSnehPI8R+6tW4z/hwQTxrlMCVTuPDO65r
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:00:07 2025 by rpki-client