Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: r6fNE5bQ5UB/KJIBRPdMyCIg9UVZL5Se6PnQHoV7hmI=
Subject key identifier: 49:E9:28:B0:4F:74:90:99:0A:FA:30:70:F9:F1:E2:1E:DE:46:A6:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BE49782F0C8B57A46956F884BDDEC8EE884DED4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Sat 15 Nov 2025 06:50:05 +0000
ROA not before: Sat 15 Nov 2025 06:50:05 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:e4:97:82:f0:c8:b5:7a:46:95:6f:88:4b:dd:ec:8e:e8:84:de:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:05 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=b95b64360edb9c460229104b38a074fd51fc0fce87dc5678f5ffa86981f7523c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:66:2d:a8:89:3c:5b:b7:6e:3d:bb:ed:df:82:
a3:d5:05:01:63:07:50:28:e4:62:c4:00:3f:f1:90:
97:7c:aa:4b:2a:04:ea:95:1e:68:9a:19:1e:81:30:
2c:b8:ae:49:ef:d6:76:01:5e:d5:c0:58:00:93:6f:
2e:cf:b9:30:c5:d3:d6:53:fd:95:7f:c5:b6:90:1f:
be:76:4c:8e:e1:4e:b4:0f:80:70:ee:40:99:0f:f4:
e6:f2:59:db:cb:f7:e2:2b:ea:2f:2b:26:b9:70:8a:
c2:c8:1d:c4:d5:17:98:70:fe:77:f2:00:55:e0:28:
5f:d1:86:44:62:be:07:f2:1b:c5:1b:66:87:39:6d:
83:b9:b9:87:c9:9e:00:8d:48:24:d8:40:5a:d2:f9:
39:08:b6:9c:da:d9:a0:94:b8:65:18:35:06:be:c6:
73:bf:9f:6d:49:33:dd:3b:27:60:64:69:f0:7b:cf:
a3:0a:6a:62:70:3c:9b:86:7a:f8:8f:38:3d:73:23:
b3:e9:50:75:34:c3:d2:d3:bc:63:27:6a:a1:69:32:
f8:f9:4e:bc:8b:21:b3:fd:f7:87:06:bd:bb:26:be:
60:93:f7:07:58:c4:98:cd:8e:ba:58:e6:b2:db:28:
6b:7e:2d:dc:24:51:ef:ef:05:72:29:1a:21:35:7e:
3f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E9:28:B0:4F:74:90:99:0A:FA:30:70:F9:F1:E2:1E:DE:46:A6:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:9b:00:bf:19:64:6c:0b:0f:e6:b3:86:5a:df:79:b9:e5:72:
1e:e2:a8:d8:a4:4c:1f:b0:66:5e:53:f6:c7:bd:05:e5:09:54:
7b:9d:b6:be:6a:49:01:ce:fd:66:a8:0c:c2:5d:38:27:fe:33:
13:93:2f:52:e6:58:4c:f1:6c:66:74:08:99:59:2f:25:7e:5e:
fd:0a:33:6d:30:2d:01:36:3d:53:a9:72:7b:5e:7b:42:ba:4f:
03:03:4a:3a:4e:0f:cf:07:95:37:eb:32:55:9e:4c:c9:84:a8:
69:24:0e:f5:62:df:e8:d1:dc:71:e1:8d:73:91:19:d3:61:a7:
99:b2:ce:74:41:79:6d:86:b1:a6:b7:5a:90:74:f9:a5:16:9b:
c6:a6:9a:07:ab:72:a4:01:75:df:5a:ab:98:e6:72:4c:aa:f0:
b1:e1:e2:0e:5d:89:16:bf:ed:b4:5e:d9:6a:86:90:c7:e3:b8:
4c:15:c3:a2:cc:aa:6c:ec:d7:2e:e0:b3:e5:de:d5:aa:11:13:
11:e5:66:fc:fd:e4:e7:ed:e7:54:ef:4e:9a:02:64:a0:41:5c:
b5:d6:17:7b:a9:65:7b:3d:50:5c:ca:1c:70:08:d5:8d:e9:5a:
d1:bc:7d:f1:64:d3:92:f5:99:68:f4:80:f8:72:63:51:60:b3:
6a:7a:6f:4e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa+SXgvDItXpGlW+IS93sjuiE3tQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwMDVaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5NWI2NDM2MGVkYjljNDYwMjI5MTA0YjM4YTA3NGZkNTFmYzBmY2U4N2Rj
NTY3OGY1ZmZhODY5ODFmNzUyM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1mLaiJPFu3bj277d+Co9UFAWMHUCjkYsQAP/GQl3yqSyoE6pUeaJoZHoEw
LLiuSe/WdgFe1cBYAJNvLs+5MMXT1lP9lX/FtpAfvnZMjuFOtA+AcO5AmQ/05vJZ
28v34ivqLysmuXCKwsgdxNUXmHD+d/IAVeAoX9GGRGK+B/IbxRtmhzltg7m5h8me
AI1IJNhAWtL5OQi2nNrZoJS4ZRg1Br7Gc7+fbUkz3TsnYGRp8HvPowpqYnA8m4Z6
+I84PXMjs+lQdTTD0tO8YydqoWky+PlOvIshs/33hwa9uya+YJP3B1jEmM2Ouljm
stsoa34t3CRR7+8FcikaITV+PxsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRJ6Siw
T3SQmQr6MHD58eIe3kamyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQB9mwC/GWRsCw/ms4Za33m55XIe4qjYpEwfsGZeU/bH
vQXlCVR7nba+akkBzv1mqAzCXTgn/jMTky9S5lhM8WxmdAiZWS8lfl79CjNtMC0B
Nj1TqXJ7XntCuk8DA0o6Tg/PB5U36zJVnkzJhKhpJA71Yt/o0dxx4Y1zkRnTYaeZ
ss50QXlthrGmt1qQdPmlFpvGppoHq3KkAXXfWquY5nJMqvCx4eIOXYkWv+20Xtlq
hpDH47hMFcOizKps7Ncu4LPl3tWqERMR5Wb8/eTn7edU706aAmSgQVy11hd7qWV7
PVBcyhxwCNWN6VrRvH3xZNOS9Zlo9ID4cmNRYLNqem9O
-----END CERTIFICATE-----
Generated at Sat Nov 15 22:20:52 2025 by rpki-client