Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: Czwp927QYiQ4EyBPS7Sfz4MoJp+iTQ21AesGrwgVvpA=
Subject key identifier: 2F:F8:20:3E:AC:0D:85:2F:5D:42:C2:09:98:8E:D1:9A:48:11:91:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A7BBBAC38B2BD4588A64E24405C96FE69B58566
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Sat 15 Nov 2025 06:40:35 +0000
ROA not before: Sat 15 Nov 2025 06:40:35 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 21:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:7b:bb:ac:38:b2:bd:45:88:a6:4e:24:40:5c:96:fe:69:b5:85:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:35 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=96838e442fe7a7de12d0aed5e703d1d1a921273a7fb107398ab7a03ff5ad12ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:e2:c1:30:66:97:9c:de:61:43:e1:fd:1d:c8:
e0:19:15:46:b7:63:3f:20:37:71:16:46:46:94:b4:
71:b2:4d:54:ee:e5:fc:5f:bc:6a:86:0a:e0:fc:a8:
c3:da:7a:b6:f9:5f:bf:17:8e:10:61:da:57:1e:0c:
76:ca:91:ef:03:37:fe:02:9f:41:82:5d:d0:07:fb:
5b:9a:4f:1b:3c:59:46:ff:29:b4:9a:22:50:56:8a:
a9:1f:19:c9:43:46:b2:a0:01:af:96:8a:a9:95:ed:
69:b2:39:69:8d:c4:1b:e4:49:59:15:f5:31:df:42:
40:8b:48:c6:3d:40:28:cd:d8:8e:50:75:60:62:87:
86:1e:d6:9b:b7:30:b2:45:0f:91:8f:ba:c6:f6:eb:
5d:bf:b1:68:31:e5:19:a0:cb:2b:ff:47:b7:bf:88:
e1:56:ae:ff:14:18:1a:52:eb:e3:59:b6:14:e9:4b:
f5:48:08:66:d9:43:05:89:14:c0:4a:2d:63:17:1e:
81:13:39:aa:14:28:84:10:da:4e:76:24:a4:65:82:
e6:67:c5:db:e0:5e:42:79:76:1d:1d:4f:9b:6c:84:
84:ee:9f:2b:20:f4:83:54:1e:d3:bd:df:a0:c5:cb:
f0:06:10:28:3f:c2:25:c1:72:ab:37:73:14:51:66:
95:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F8:20:3E:AC:0D:85:2F:5D:42:C2:09:98:8E:D1:9A:48:11:91:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
51:67:2b:47:5b:07:44:42:1c:b0:94:54:7c:54:b9:39:b2:98:
fa:36:c9:78:6a:f5:cc:95:4a:c9:56:89:65:64:d0:76:a3:ad:
c2:8d:29:78:f6:7b:5b:a3:03:1d:b2:f0:33:14:67:60:b5:94:
8d:aa:d6:f8:aa:a8:51:f3:3f:4c:89:9c:07:03:43:c3:fb:46:
c2:5f:25:8e:37:25:70:82:82:24:22:b8:e4:a2:70:ad:51:ac:
ea:c8:91:c7:d4:9c:af:76:7a:9c:e3:86:84:da:b7:3b:98:3e:
a9:cd:d9:34:94:f0:63:2b:e3:92:d9:9c:46:83:d1:9d:00:39:
5e:06:21:16:91:59:d3:76:1d:c7:dd:db:7d:ad:75:55:50:f7:
cd:69:08:63:80:81:15:e7:05:eb:62:c1:d6:22:b6:f8:1d:93:
a2:e7:6d:9b:79:09:47:9b:f9:19:85:c0:e4:49:98:00:09:20:
2a:67:8d:3a:86:c1:69:c0:a8:fa:0d:4d:c5:5a:a1:42:1c:d4:
6f:40:bf:b3:86:8c:d1:92:f9:3a:77:5e:b9:77:7c:24:72:ac:
51:35:a0:f3:6e:ca:16:51:89:25:d1:fc:41:cd:61:fa:87:ce:
e0:2c:73:0a:c8:0d:67:e1:a5:29:06:c9:44:00:9e:8b:7a:25:
09:97:84:28
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOnu7rDiyvUWIpk4kQFyW/mm1hWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwMzVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2ODM4ZTQ0MmZlN2E3ZGUxMmQwYWVkNWU3MDNkMWQxYTkyMTI3M2E3ZmIx
MDczOThhYjdhMDNmZjVhZDEyYWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMziwTBml5zeYUPh/R3I4BkVRrdjPyA3cRZGRpS0cbJNVO7l/F+8aoYK4Pyo
w9p6tvlfvxeOEGHaVx4MdsqR7wM3/gKfQYJd0Af7W5pPGzxZRv8ptJoiUFaKqR8Z
yUNGsqABr5aKqZXtabI5aY3EG+RJWRX1Md9CQItIxj1AKM3YjlB1YGKHhh7Wm7cw
skUPkY+6xvbrXb+xaDHlGaDLK/9Ht7+I4Vau/xQYGlLr41m2FOlL9UgIZtlDBYkU
wEotYxcegRM5qhQohBDaTnYkpGWC5mfF2+BeQnl2HR1Pm2yEhO6fKyD0g1Qe073f
oMXL8AYQKD/CJcFyqzdzFFFmlX8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQv+CA+
rA2FL11CwgmYjtGaSBGRiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQBRZytHWwdEQhywlFR8VLk5spj6Nsl4avXMlUrJVoll
ZNB2o63CjSl49ntbowMdsvAzFGdgtZSNqtb4qqhR8z9MiZwHA0PD+0bCXyWONyVw
goIkIrjkonCtUazqyJHH1Jyvdnqc44aE2rc7mD6pzdk0lPBjK+OS2ZxGg9GdADle
BiEWkVnTdh3H3dt9rXVVUPfNaQhjgIEV5wXrYsHWIrb4HZOi522beQlHm/kZhcDk
SZgACSAqZ406hsFpwKj6DU3FWqFCHNRvQL+zhozRkvk6d165d3wkcqxRNaDzbsoW
UYkl0fxBzWH6h87gLHMKyA1n4aUpBslEAJ6LeiUJl4Qo
-----END CERTIFICATE-----
Generated at Sun Nov 16 01:24:07 2025 by rpki-client