Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
File: 3b67bb62-9bcf-4daa-99b5-5374c3285177.roa (raw, json)
Hash identifier: /+XPZ+KKwAGHoOWcTct/qhTLouEMgxACHip4ZkMBHHo=
Subject key identifier: 28:D3:31:E5:C1:B7:07:8C:3B:BD:19:C9:0D:BA:AE:49:2E:17:1E:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3F49AB22C0010FD8E95EC1C9997EBE55E80659B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
Signing time: Fri 26 Sep 2025 20:39:48 +0000
ROA not before: Fri 26 Sep 2025 20:39:48 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:49:ab:22:c0:01:0f:d8:e9:5e:c1:c9:99:7e:be:55:e8:06:59:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:48 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=7cc96a79a04714df8cfff0f52cd4f327ece91483758e4caf13773c1d360f2780, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:4c:af:cf:eb:26:77:0a:6c:d9:df:a0:23:6e:
7d:b0:48:43:90:5d:a7:37:f5:90:fd:d2:76:33:70:
95:f6:57:bb:8e:28:26:0d:99:1c:2a:0b:e1:82:58:
ff:f4:4e:59:57:d6:9c:b2:bf:00:ac:61:7f:d4:df:
35:c4:05:d4:e3:91:0a:f9:7f:66:67:ce:4f:e1:a6:
3d:30:57:97:03:9e:b9:23:9e:47:9e:a3:5e:ab:de:
63:6a:27:46:dd:71:ca:59:28:9c:ba:14:e5:88:8f:
fb:cc:76:d8:b1:df:b7:06:d6:fd:4b:52:4a:c0:6b:
52:2b:b2:fa:eb:e1:3b:1f:56:c1:13:95:df:6b:4a:
2a:5b:13:f4:90:cd:e0:00:1b:3a:18:d6:be:04:46:
38:f5:00:c3:61:5b:20:db:b8:9d:02:46:e0:06:85:
90:22:10:25:5e:06:24:76:b5:70:27:4f:49:7b:ee:
30:d3:b4:ec:fa:53:90:69:62:83:91:1f:7b:be:a5:
53:cc:b4:93:f7:d2:cd:9a:79:ec:8c:21:a0:42:65:
74:b3:f2:ae:b7:d7:b2:4f:47:48:d4:df:c6:ee:eb:
6f:ed:1a:52:8d:ad:2a:a1:3a:9e:51:77:fa:e2:5c:
22:32:0b:69:36:89:fe:91:2a:a4:15:e5:e9:ce:97:
53:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D3:31:E5:C1:B7:07:8C:3B:BD:19:C9:0D:BA:AE:49:2E:17:1E:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3b67bb62-9bcf-4daa-99b5-5374c3285177.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4e:44:e0:49:ca:a7:a6:88:60:a2:2b:9e:f1:ab:dd:42:5e:3f:
8c:ed:7d:15:ec:32:6e:8a:f1:44:35:ff:38:91:d3:9c:56:19:
b7:f0:f2:de:29:05:2e:c0:b8:c6:c1:f5:de:2d:f2:6f:6a:ce:
51:0f:85:b5:bd:eb:11:b3:cf:80:31:db:c3:66:c6:55:6c:29:
59:35:7a:05:71:44:1a:db:08:df:c1:3a:5b:b2:b4:54:3d:4b:
f3:5c:4d:dc:a7:d6:73:af:a1:c1:bc:4f:8a:06:03:f2:cc:0c:
b9:be:93:89:23:c3:48:a5:8e:03:a1:bd:be:6a:53:6c:0d:52:
02:80:78:03:b2:60:22:cf:96:5b:6b:5f:b3:f2:19:dd:15:f7:
77:4a:81:5f:ae:22:9d:e2:c9:06:2f:e5:ac:55:9d:e7:1d:f8:
e1:de:9b:6a:7c:16:de:3e:2a:6a:f3:fc:34:9c:d2:0b:6f:19:
d1:56:6c:4e:85:b0:c2:13:13:a3:16:ca:45:1a:0f:ee:8c:76:
c0:03:99:5a:a9:d2:c0:00:e5:58:5b:ac:de:b1:1a:25:70:ee:
1e:bf:86:2d:fb:fd:fc:7a:5d:fa:21:5e:0c:38:59:d4:d5:22:
d3:bf:f3:04:7b:c4:05:5b:fd:01:65:9a:7d:87:16:dd:bb:39:
5c:6c:b7:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUP0mrIsABD9jpXsHJmX6+VegGWbIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NDhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjYzk2YTc5YTA0NzE0ZGY4Y2ZmZjBmNTJjZDRmMzI3ZWNlOTE0ODM3NThl
NGNhZjEzNzczYzFkMzYwZjI3ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJRMr8/rJncKbNnfoCNufbBIQ5Bdpzf1kP3SdjNwlfZXu44oJg2ZHCoL4YJY
//ROWVfWnLK/AKxhf9TfNcQF1OORCvl/ZmfOT+GmPTBXlwOeuSOeR56jXqveY2on
Rt1xylkonLoU5YiP+8x22LHftwbW/UtSSsBrUiuy+uvhOx9WwROV32tKKlsT9JDN
4AAbOhjWvgRGOPUAw2FbINu4nQJG4AaFkCIQJV4GJHa1cCdPSXvuMNO07PpTkGli
g5Efe76lU8y0k/fSzZp57IwhoEJldLPyrrfXsk9HSNTfxu7rb+0aUo2tKqE6nlF3
+uJcIjILaTaJ/pEqpBXl6c6XU5kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQo0zHl
wbcHjDu9GckNuq5JLhceqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2I2N2JiNjItOWJjZi00ZGFhLTk5YjUtNTM3NGMzMjg1MTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQBOROBJyqemiGCiK57xq91CXj+M7X0V7DJuivFENf84
kdOcVhm38PLeKQUuwLjGwfXeLfJvas5RD4W1vesRs8+AMdvDZsZVbClZNXoFcUQa
2wjfwTpbsrRUPUvzXE3cp9Zzr6HBvE+KBgPyzAy5vpOJI8NIpY4Dob2+alNsDVIC
gHgDsmAiz5Zba1+z8hndFfd3SoFfriKd4skGL+WsVZ3nHfjh3ptqfBbePipq8/w0
nNILbxnRVmxOhbDCExOjFspFGg/ujHbAA5laqdLAAOVYW6zesRolcO4ev4Yt+/38
el36IV4MOFnU1SLTv/MEe8QFW/0BZZp9hxbduzlcbLcL
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:15:48 2025 by rpki-client