Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
File: 9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa (raw, json)
Hash identifier: GzxWpPdmdMGrCVIoxwkWpheN57zTUKvhweqIFlf5uJg=
Subject key identifier: 1F:6E:F0:7D:13:9F:C4:FE:4C:EB:47:59:4D:EE:F4:99:E4:1D:FF:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B47F2E4E20547E16FF959DFFFE0A77D809BA36B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
Signing time: Sat 15 Nov 2025 06:40:36 +0000
ROA not before: Sat 15 Nov 2025 06:40:36 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 01:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:47:f2:e4:e2:05:47:e1:6f:f9:59:df:ff:e0:a7:7d:80:9b:a3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:36 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=225b787ebf19a13d37526b0ace45e0b416e6c8d06c26af40f909a775cc5090ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a7:89:63:f3:87:f8:48:07:9b:a6:bf:38:72:
63:e5:b6:de:f2:70:1c:2d:8a:4e:b5:ec:58:97:25:
7a:8b:ff:d9:e1:81:74:76:8e:f3:c0:96:9e:ef:d2:
5d:63:a8:a0:81:03:04:29:8f:32:90:2d:30:f3:0e:
88:06:6a:03:27:0b:85:be:ab:ec:81:88:3e:46:0d:
62:db:0e:07:90:f5:5c:0c:a5:73:f5:7e:5f:9b:76:
db:5f:14:e2:d4:1a:c9:a2:b6:81:b9:5f:ea:33:b8:
93:f5:d3:2c:a6:07:31:b0:e5:c7:f8:80:9e:40:81:
ca:59:c1:0c:1b:5c:04:4d:93:ac:b5:ed:6c:d2:d2:
b6:42:fd:3e:d2:82:f1:73:01:c2:8a:0d:72:fc:ce:
58:99:43:6d:c7:7b:3e:64:4e:1c:20:0d:fd:21:e7:
0a:32:a2:47:75:49:e0:46:20:e1:ea:92:d0:7e:cb:
54:ba:4b:e4:44:82:0c:fe:0d:60:9a:86:d8:4c:a2:
bd:e6:16:63:75:55:fa:e1:9f:01:66:9d:01:fd:d1:
95:35:ca:c5:06:3d:b0:e9:e4:eb:e0:dc:49:1b:fc:
61:08:fb:3f:5f:c5:85:a4:f4:4d:c8:f5:07:53:26:
75:c1:b4:ee:1e:1b:c3:87:fa:6c:d0:c3:5d:dc:2e:
50:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6E:F0:7D:13:9F:C4:FE:4C:EB:47:59:4D:EE:F4:99:E4:1D:FF:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a3eae5c-027e-4c38-ab8e-330b3e5bad97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:8f:82:64:ed:5a:03:2b:df:67:25:34:72:b8:45:5b:dd:8e:
b6:04:bf:a9:a9:3e:11:4c:b9:a4:eb:96:ee:ee:83:91:f8:8f:
16:2d:b1:9f:9c:88:6e:f6:9d:b2:52:3a:6a:51:fa:35:fb:87:
a2:4f:1d:ff:af:ed:5e:72:ad:80:a3:26:cd:11:56:66:ee:e1:
d6:1c:6d:ac:03:6a:9e:aa:25:72:c1:13:b4:24:2e:de:7b:9d:
70:f2:59:3a:eb:ec:ad:06:f1:88:51:5f:d8:09:77:5d:31:93:
d5:71:29:59:25:e7:ad:54:41:50:22:f0:fe:ca:58:8a:eb:c6:
bc:c9:94:08:f5:f6:a6:45:eb:5c:f6:6d:95:df:89:90:eb:2d:
7d:cf:70:13:61:54:3a:cb:c0:79:89:5f:14:19:64:df:ad:b0:
1b:a4:88:fb:ad:4a:53:cd:53:d1:79:06:7f:6d:30:db:d6:8e:
09:94:8f:8d:d3:6b:bd:de:c7:76:00:f9:92:7a:95:4b:15:42:
56:e7:f8:32:0b:10:23:97:c1:ad:b3:f4:18:30:1b:db:5b:3b:
65:2a:e9:55:2b:5f:38:4b:e3:28:aa:f0:dd:b5:ac:ea:20:ef:
5e:5a:41:6a:a9:d3:dd:d6:23:40:be:aa:f8:ef:22:eb:8a:1f:
86:fc:03:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa0fy5OIFR+Fv+Vnf/+CnfYCbo2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwMzZaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNWI3ODdlYmYxOWExM2QzNzUyNmIwYWNlNDVlMGI0MTZlNmM4ZDA2YzI2
YWY0MGY5MDlhNzc1Y2M1MDkwY2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPKniWPzh/hIB5umvzhyY+W23vJwHC2KTrXsWJcleov/2eGBdHaO88CWnu/S
XWOooIEDBCmPMpAtMPMOiAZqAycLhb6r7IGIPkYNYtsOB5D1XAylc/V+X5t2218U
4tQayaK2gblf6jO4k/XTLKYHMbDlx/iAnkCBylnBDBtcBE2TrLXtbNLStkL9PtKC
8XMBwooNcvzOWJlDbcd7PmROHCAN/SHnCjKiR3VJ4EYg4eqS0H7LVLpL5ESCDP4N
YJqG2EyiveYWY3VV+uGfAWadAf3RlTXKxQY9sOnk6+DcSRv8YQj7P1/FhaT0Tcj1
B1MmdcG07h4bw4f6bNDDXdwuUJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQfbvB9
E5/E/kzrR1lN7vSZ5B3/dTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEzZWFlNWMtMDI3ZS00YzM4LWFiOGUtMzMwYjNlNWJhZDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCmj4Jk7VoDK99nJTRyuEVb3Y62BL+pqT4RTLmk65bu
7oOR+I8WLbGfnIhu9p2yUjpqUfo1+4eiTx3/r+1ecq2AoybNEVZm7uHWHG2sA2qe
qiVywRO0JC7ee51w8lk66+ytBvGIUV/YCXddMZPVcSlZJeetVEFQIvD+yliK68a8
yZQI9famRetc9m2V34mQ6y19z3ATYVQ6y8B5iV8UGWTfrbAbpIj7rUpTzVPReQZ/
bTDb1o4JlI+N02u93sd2APmSepVLFUJW5/gyCxAjl8Gts/QYMBvbWztlKulVK184
S+MoqvDdtazqIO9eWkFqqdPd1iNAvqr47yLrih+G/APm
-----END CERTIFICATE-----
Generated at Sat Nov 15 10:38:49 2025 by rpki-client