Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: Ts7DD10CbRwFY17IBXsor8CMT6fbz6mCh3cP0nOYcKo=
Subject key identifier: 76:8B:21:D8:D5:D8:1F:6D:1E:40:65:C8:2F:62:C4:27:C1:43:05:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E455BBB23C2F109B87DECE90CF594C7F36B61DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Tue 21 Oct 2025 14:40:32 +0000
ROA not before: Tue 21 Oct 2025 14:40:32 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 21:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:45:5b:bb:23:c2:f1:09:b8:7d:ec:e9:0c:f5:94:c7:f3:6b:61:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:32 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=c22231c2a074953a8f392f5e467b0b0df12b4a70e4dcc66993aad016f178ef46, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:92:ad:1a:77:33:d3:27:6c:c7:24:e7:7b:1a:
da:e1:a8:31:75:61:9e:89:ed:85:ef:7b:99:cc:cb:
19:f1:7e:71:d3:15:05:96:0d:7b:e2:c2:bc:92:07:
a8:e9:5c:e6:d6:e1:46:46:8b:43:2b:6e:80:4f:f7:
e0:a4:00:7c:0a:03:fa:63:ff:53:9a:9f:d6:87:ba:
7d:c7:54:f2:93:c5:6a:24:49:0c:1a:20:da:a9:9e:
2e:3a:ae:67:db:1b:e0:3d:b3:7c:4b:d8:4f:e7:b7:
ed:21:16:66:79:a3:5b:ac:b3:b5:9e:2a:ac:fe:72:
18:3f:85:99:7c:8f:51:bf:00:63:91:a9:4f:50:eb:
c4:b1:5c:84:e8:0d:40:b1:8d:ef:4a:69:8c:5c:a3:
c9:d0:bc:5c:ba:45:71:c6:57:eb:ce:a9:a7:e8:a7:
e4:1c:2b:05:98:9b:2e:35:cb:14:5a:c7:66:b4:2e:
e0:a5:9c:d0:67:48:dc:18:2a:20:4b:7c:c4:4f:a3:
d5:42:e2:b2:1f:17:bc:32:76:b2:6a:b8:a9:19:fd:
e7:e4:79:73:a4:51:0b:1e:2e:0b:90:59:fd:23:1d:
53:66:67:32:0e:eb:97:cb:6c:66:72:bf:e2:91:ea:
cf:9c:e0:b1:15:1c:89:89:b1:9c:14:08:86:0d:0a:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:8B:21:D8:D5:D8:1F:6D:1E:40:65:C8:2F:62:C4:27:C1:43:05:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:97:15:16:1c:46:08:14:a4:8a:c2:68:7c:ae:84:0a:b4:2d:
65:93:7d:2f:60:f6:df:55:71:46:0a:5f:4f:e6:86:4e:db:dd:
a0:64:11:80:d5:ab:cd:b4:7d:aa:5c:3b:40:6b:87:70:67:35:
29:3f:fc:1d:c7:b3:41:bd:10:4a:4c:fe:a1:17:87:7d:5b:73:
79:7c:cb:3d:7b:13:ec:73:99:71:fd:eb:00:72:c8:c1:26:92:
24:e3:81:74:f6:30:9f:5c:28:14:dc:39:d6:bc:b6:e4:f4:e1:
83:72:2b:ef:66:dc:d0:e6:96:65:c2:8f:d7:35:ba:d9:fd:43:
e3:e6:a1:3c:79:49:0c:18:bf:18:dd:6d:d3:bb:e3:12:42:93:
7e:f8:fc:70:53:59:f4:bd:90:a8:44:48:cf:3e:ce:51:23:a2:
a0:8e:2b:2a:63:7c:e0:5b:a4:79:c8:19:b1:72:ef:79:8f:4d:
65:41:4c:bc:0a:ac:ce:5d:a2:a2:67:0a:6c:dd:b6:ad:f5:bb:
a1:bd:32:ab:6f:47:fa:16:09:43:f8:2a:bf:d3:b0:0f:df:33:
8b:98:e6:2d:8f:eb:66:9e:63:29:a3:a1:b7:b9:80:73:0c:f2:
84:8a:90:0c:e1:58:34:70:e0:a7:85:29:7a:74:b4:dd:0e:7e:
68:1d:ad:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTkVbuyPC8Qm4fezpDPWUx/NrYd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMjIzMWMyYTA3NDk1M2E4ZjM5MmY1ZTQ2N2IwYjBkZjEyYjRhNzBlNGRj
YzY2OTkzYWFkMDE2ZjE3OGVmNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSSrRp3M9MnbMck53sa2uGoMXVhnonthe97mczLGfF+cdMVBZYNe+LCvJIH
qOlc5tbhRkaLQytugE/34KQAfAoD+mP/U5qf1oe6fcdU8pPFaiRJDBog2qmeLjqu
Z9sb4D2zfEvYT+e37SEWZnmjW6yztZ4qrP5yGD+FmXyPUb8AY5GpT1DrxLFchOgN
QLGN70ppjFyjydC8XLpFccZX686pp+in5BwrBZibLjXLFFrHZrQu4KWc0GdI3Bgq
IEt8xE+j1ULish8XvDJ2smq4qRn95+R5c6RRCx4uC5BZ/SMdU2ZnMg7rl8tsZnK/
4pHqz5zgsRUciYmxnBQIhg0K9m8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2iyHY
1dgfbR5AZcgvYsQnwUMFDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQChlxUWHEYIFKSKwmh8roQKtC1lk30vYPbfVXFGCl9P
5oZO292gZBGA1avNtH2qXDtAa4dwZzUpP/wdx7NBvRBKTP6hF4d9W3N5fMs9exPs
c5lx/esAcsjBJpIk44F09jCfXCgU3DnWvLbk9OGDcivvZtzQ5pZlwo/XNbrZ/UPj
5qE8eUkMGL8Y3W3Tu+MSQpN++PxwU1n0vZCoREjPPs5RI6KgjisqY3zgW6R5yBmx
cu95j01lQUy8CqzOXaKiZwps3bat9buhvTKrb0f6FglD+Cq/07AP3zOLmOYtj+tm
nmMpo6G3uYBzDPKEipAM4Vg0cOCnhSl6dLTdDn5oHa0+
-----END CERTIFICATE-----
Generated at Sun Nov 2 00:57:04 2025 by rpki-client