Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
File: 8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa (raw, json)
Hash identifier: iSrfMWrEw7QSSTGvldYTN9RBgMtXF36/xtfKzJWjJoQ=
Subject key identifier: CC:DE:05:E0:18:9D:57:AD:4E:D6:49:01:FB:0D:9D:B3:7F:96:5F:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08BEA3E9675FF0DCF9DC28FBDF1BD7245DBCAC6A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
Signing time: Sat 15 Nov 2025 06:50:21 +0000
ROA not before: Sat 15 Nov 2025 06:50:21 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 23:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:be:a3:e9:67:5f:f0:dc:f9:dc:28:fb:df:1b:d7:24:5d:bc:ac:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:21 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=7754ec27f4527ebef357e0b8b785ba643a8febc718526401e83231903481ecd6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6d:93:62:44:c9:3f:6c:18:d2:e8:17:4b:6c:
fe:6c:4c:1a:2a:af:1b:b6:06:da:de:42:69:48:5b:
ee:a8:b9:7f:c6:2e:f8:73:50:dc:3d:af:1a:13:e4:
7d:20:8d:f9:32:53:dc:08:0f:ca:94:a0:b8:e9:c6:
dd:dd:ac:4c:b2:21:b8:c2:d5:b9:87:59:64:1f:ba:
09:65:86:02:cb:f4:76:8b:1a:93:ce:30:02:37:de:
65:ab:db:ea:cf:74:bd:58:47:45:81:89:e2:49:fc:
2a:dd:15:56:8b:ce:2c:0b:5b:56:46:f2:82:0b:d8:
08:cd:44:f0:83:ae:43:33:b4:d3:2a:ce:ba:a4:5a:
50:2d:17:47:a8:95:d6:0c:dd:9a:67:a0:a1:8a:3a:
84:03:0d:bd:56:13:96:19:8a:6e:61:e2:6c:bf:4e:
1b:00:9e:be:1d:18:54:f4:b0:b3:a0:e1:e4:d4:13:
55:0f:17:48:7d:78:ae:86:54:f2:2e:95:78:69:1c:
2d:36:06:b7:e1:fa:c1:21:c0:28:6d:9e:fa:de:ca:
95:7c:8c:55:4d:d8:b0:cf:3c:71:6b:9f:97:b4:7d:
55:3b:7d:29:b5:4d:ff:bf:5e:7a:aa:5e:c8:77:4d:
6f:63:d7:05:ec:aa:0a:ee:d3:8c:da:07:bb:7c:fc:
29:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DE:05:E0:18:9D:57:AD:4E:D6:49:01:FB:0D:9D:B3:7F:96:5F:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8dcd1031-0c8d-4ee4-9563-57ddb63e1678.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
15:39:ba:b8:40:54:fc:bc:bf:85:c1:43:f2:c0:04:e5:59:5a:
da:ca:16:62:a7:4b:eb:39:5d:c4:63:8a:e2:a4:47:af:9b:ed:
51:74:e4:6b:ab:df:0d:db:fb:b8:65:48:48:26:a6:30:2d:23:
38:64:62:14:bf:40:28:36:0b:03:ad:83:0b:b1:ab:27:3e:d7:
62:3e:22:b8:13:1a:59:20:d9:0d:49:40:6c:c6:36:ec:c7:a8:
c0:21:2f:fa:40:7e:14:2b:dd:dd:42:bb:9e:2f:96:18:06:91:
89:a6:b8:1c:0f:bc:ef:df:3f:ed:13:c7:ab:73:5d:c7:b1:ff:
a8:96:52:d3:4c:2b:ed:37:31:70:3b:50:22:48:8e:fd:c3:37:
2d:d5:b1:e9:66:67:1b:0f:3b:3c:39:17:3b:82:30:48:5e:9e:
91:cf:83:c2:f2:22:ca:cb:7d:97:93:6a:3c:65:e3:7f:f8:0e:
e9:67:c7:e4:8a:77:11:29:31:06:e5:49:c8:b1:77:f0:b2:70:
57:7d:38:71:4b:b0:b3:aa:d9:5c:d1:cb:be:51:69:90:d7:1b:
6d:6b:81:3a:33:6b:90:88:ac:3b:70:3d:ba:fd:b5:f2:f4:e0:
eb:2a:bc:91:14:35:7b:e5:e0:b8:3c:df:b6:d5:c5:b7:44:a8:
18:76:05:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCL6j6Wdf8Nz53Cj73xvXJF28rGowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwMjFaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3NTRlYzI3ZjQ1MjdlYmVmMzU3ZTBiOGI3ODViYTY0M2E4ZmViYzcxODUy
NjQwMWU4MzIzMTkwMzQ4MWVjZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMptk2JEyT9sGNLoF0ts/mxMGiqvG7YG2t5CaUhb7qi5f8Yu+HNQ3D2vGhPk
fSCN+TJT3AgPypSguOnG3d2sTLIhuMLVuYdZZB+6CWWGAsv0dosak84wAjfeZavb
6s90vVhHRYGJ4kn8Kt0VVovOLAtbVkbyggvYCM1E8IOuQzO00yrOuqRaUC0XR6iV
1gzdmmegoYo6hAMNvVYTlhmKbmHibL9OGwCevh0YVPSws6Dh5NQTVQ8XSH14roZU
8i6VeGkcLTYGt+H6wSHAKG2e+t7KlXyMVU3YsM88cWufl7R9VTt9KbVN/79eeqpe
yHdNb2PXBeyqCu7TjNoHu3z8KYkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTM3gXg
GJ1XrU7WSQH7DZ2zf5ZfJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRjZDEwMzEtMGM4ZC00ZWU0LTk1NjMtNTdkZGI2M2UxNjc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQAVObq4QFT8vL+FwUPywATlWVrayhZip0vrOV3EY4ri
pEevm+1RdORrq98N2/u4ZUhIJqYwLSM4ZGIUv0AoNgsDrYMLsasnPtdiPiK4ExpZ
INkNSUBsxjbsx6jAIS/6QH4UK93dQrueL5YYBpGJprgcD7zv3z/tE8erc13Hsf+o
llLTTCvtNzFwO1AiSI79wzct1bHpZmcbDzs8ORc7gjBIXp6Rz4PC8iLKy32Xk2o8
ZeN/+A7pZ8fkincRKTEG5UnIsXfwsnBXfThxS7Czqtlc0cu+UWmQ1xtta4E6M2uQ
iKw7cD26/bXy9ODrKryRFDV75eC4PN+21cW3RKgYdgW7
-----END CERTIFICATE-----
Generated at Tue Nov 18 08:05:42 2025 by rpki-client