Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: vcLHSCw4mdjNfi7TM3Gp6jCO9hsTiA1BWUHDk5jKgkM=
Subject key identifier: 2F:7D:3B:B9:E4:04:E8:DA:A3:40:2E:D5:84:09:1F:45:BC:6E:A6:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E8636E6E1E58C77745586F52C38B70DE7B6BB1E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Sat 15 Nov 2025 06:40:09 +0000
ROA not before: Sat 15 Nov 2025 06:40:09 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:86:36:e6:e1:e5:8c:77:74:55:86:f5:2c:38:b7:0d:e7:b6:bb:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:09 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=86c1bb65cec2e40ed7e9f1582c1ed7d342f1b61e17ef3304ccb7c9a76edd244e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ee:28:8c:9a:7a:73:d7:8e:28:76:42:f1:c3:
e1:23:d9:6c:b4:f0:2b:45:61:d8:75:0a:e3:ff:47:
e7:ac:ad:c2:1e:72:09:14:f5:89:98:23:48:75:01:
d3:d5:12:cd:04:80:8d:72:b3:0b:3d:35:f8:61:62:
a6:a4:62:d0:66:f0:b2:52:ca:5d:ba:8c:05:5b:4f:
3c:2a:87:71:c7:c9:fb:43:7d:1f:07:84:e4:89:57:
cb:60:b6:42:fe:31:db:54:6a:22:39:1b:a6:98:2e:
9a:fa:39:04:d4:15:18:8c:22:2a:a0:9c:e2:cd:e9:
42:c1:74:7a:6d:31:65:0d:c7:5c:fa:1b:e7:b5:49:
2e:ff:07:4a:17:27:0b:38:3b:c8:32:ef:db:a2:7c:
fc:97:c9:07:40:56:f3:80:9a:74:1e:65:90:0b:b6:
20:c0:d6:ed:14:da:49:99:b1:a9:6f:fe:a2:09:b4:
03:58:94:9d:2b:38:e6:a4:40:d4:47:69:6e:21:0f:
db:22:a2:9a:4f:b2:c9:10:3d:d5:ad:2b:bd:a8:ce:
2e:23:7c:11:a9:8b:02:4c:29:a3:39:0a:ed:13:aa:
a0:0f:19:76:a5:f6:ab:cc:4f:61:61:a0:26:0a:e6:
f9:e7:80:54:3a:a8:0b:46:0f:48:b5:45:ba:33:a4:
89:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:7D:3B:B9:E4:04:E8:DA:A3:40:2E:D5:84:09:1F:45:BC:6E:A6:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4b:ac:de:5b:c9:ee:3f:de:c0:0f:ef:25:a0:9b:3d:13:e8:fc:
d0:e0:7f:38:be:98:1c:b0:64:2a:10:03:60:cb:43:8e:3d:c1:
b8:9c:65:bd:ce:6d:56:17:be:fc:8a:f4:09:15:af:36:cd:5c:
b2:be:38:ee:6a:14:1e:d0:6d:70:69:81:0a:78:fb:df:0d:de:
11:f6:0c:e9:de:4d:a4:71:91:05:17:97:bf:a2:7a:a7:68:08:
8b:30:7b:13:f7:2e:32:ec:04:04:99:4d:c3:bf:a6:fa:62:fe:
51:2f:04:1d:e9:f2:d8:96:78:8f:a6:41:bd:33:c9:d8:bc:e6:
66:f6:47:0d:f2:a9:d7:0b:d2:6a:ee:ac:e2:c0:d9:38:81:d8:
80:55:04:0d:32:6e:20:2c:57:91:f2:5a:19:3f:d7:9a:5a:77:
ca:a3:0d:7d:84:25:3c:c6:9b:33:2c:bc:c5:45:5d:1a:06:cc:
ee:a0:ac:46:2b:bc:a8:8e:99:22:23:78:65:0f:69:7f:6e:fb:
97:36:87:6c:12:64:ea:0e:35:3a:97:0f:7e:91:de:d7:91:c1:
90:f3:27:32:c4:8a:3c:b7:da:9c:79:53:6c:3f:94:48:bc:22:
de:23:06:1f:e8:32:b7:00:aa:1f:96:98:96:39:1d:e2:21:99:
27:c1:32:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUToY25uHljHd0VYb1LDi3Dee2ux4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwMDlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YzFiYjY1Y2VjMmU0MGVkN2U5ZjE1ODJjMWVkN2QzNDJmMWI2MWUxN2Vm
MzMwNGNjYjdjOWE3NmVkZDI0NGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7uKIyaenPXjih2QvHD4SPZbLTwK0Vh2HUK4/9H56ytwh5yCRT1iZgjSHUB
09USzQSAjXKzCz01+GFipqRi0GbwslLKXbqMBVtPPCqHccfJ+0N9HweE5IlXy2C2
Qv4x21RqIjkbppgumvo5BNQVGIwiKqCc4s3pQsF0em0xZQ3HXPob57VJLv8HShcn
Czg7yDLv26J8/JfJB0BW84CadB5lkAu2IMDW7RTaSZmxqW/+ogm0A1iUnSs45qRA
1EdpbiEP2yKimk+yyRA91a0rvajOLiN8EamLAkwpozkK7ROqoA8ZdqX2q8xPYWGg
Jgrm+eeAVDqoC0YPSLVFujOkicMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvfTu5
5ATo2qNALtWECR9FvG6mgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQBLrN5bye4/3sAP7yWgmz0T6PzQ4H84vpgcsGQqEANg
y0OOPcG4nGW9zm1WF778ivQJFa82zVyyvjjuahQe0G1waYEKePvfDd4R9gzp3k2k
cZEFF5e/onqnaAiLMHsT9y4y7AQEmU3Dv6b6Yv5RLwQd6fLYlniPpkG9M8nYvOZm
9kcN8qnXC9Jq7qziwNk4gdiAVQQNMm4gLFeR8loZP9eaWnfKow19hCU8xpszLLzF
RV0aBszuoKxGK7yojpkiI3hlD2l/bvuXNodsEmTqDjU6lw9+kd7XkcGQ8ycyxIo8
t9qceVNsP5RIvCLeIwYf6DK3AKoflpiWOR3iIZknwTJm
-----END CERTIFICATE-----
Generated at Sat Nov 15 16:24:34 2025 by rpki-client