Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json)
Hash identifier: vvxoxYjNHLvO0vU7s8o/KctuJlGu7hBQNOxVIXCzRTk=
Subject key identifier: B1:7C:67:39:26:D8:42:EB:8B:8B:9E:B3:BF:00:D9:E0:F2:F1:B9:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 081EA97BFB06E66D4A10DDFCCA42547393264BA5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
Signing time: Fri 26 Sep 2025 20:39:39 +0000
ROA not before: Fri 26 Sep 2025 20:39:39 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1e:a9:7b:fb:06:e6:6d:4a:10:dd:fc:ca:42:54:73:93:26:4b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:39 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e0884ae001ee3d45f70376112cb435ac7701acc347e917c4d92250a9ed1ae000, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cb:be:e9:39:8c:d9:0d:65:f1:bc:be:c3:0f:
9a:14:ee:d5:02:80:e3:b3:da:6f:de:d3:63:ee:f0:
60:b2:af:86:d8:fe:18:72:3a:e0:24:b2:f1:20:b9:
47:2a:69:4f:ce:56:a0:2f:6f:13:a2:bb:01:04:36:
74:cc:a0:ab:e1:d5:58:cf:29:25:40:38:8c:1c:3d:
47:2c:b3:fc:f7:da:a4:53:ad:93:1b:d8:a7:88:19:
99:c0:7e:75:44:b8:b1:41:cc:98:52:54:a1:69:21:
ad:4a:56:31:8c:c7:6b:c2:f2:ad:35:65:e4:87:81:
17:36:36:93:d6:3f:1a:96:71:f2:98:88:06:49:97:
9d:67:94:83:cc:81:80:26:3b:77:2e:55:f6:b3:1d:
82:a4:0c:43:60:5f:45:e3:37:23:b9:c5:d7:59:4b:
fa:97:75:f0:1b:58:a4:29:a3:15:50:83:2d:65:d0:
92:cb:05:a6:b8:b7:80:1d:29:c4:3e:28:88:48:e3:
2e:c1:2c:a6:d9:a0:b0:b2:de:1b:ed:e4:5b:58:f2:
7d:2e:d0:9c:49:28:de:d8:41:a3:60:46:87:4e:7e:
fb:e7:04:d5:75:37:b9:13:2f:dd:75:75:35:fe:78:
7c:eb:42:4b:c2:e7:59:04:77:31:ec:50:75:49:4d:
0c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:7C:67:39:26:D8:42:EB:8B:8B:9E:B3:BF:00:D9:E0:F2:F1:B9:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
d7:ad:c1:52:17:43:2b:87:21:d3:08:6a:29:be:c7:b6:64:ab:
65:cd:0b:3d:ae:6e:e6:51:07:1b:75:6b:a2:31:f8:e1:a1:e3:
a6:87:2c:ce:d2:c0:42:63:e4:1b:23:26:e9:e1:49:8b:59:86:
7a:d3:b5:e2:6a:b6:6b:a2:26:c6:af:67:7a:00:17:2d:c6:26:
23:26:4d:65:8f:db:24:94:d7:f9:77:9e:53:6e:60:e2:fe:19:
a1:af:60:86:d2:da:fc:b6:8c:2b:2c:34:a6:9e:dc:bc:0e:15:
71:65:14:13:48:fa:9a:48:bd:23:71:bf:bb:ad:2d:58:ee:b2:
18:8e:6d:20:ca:b4:d7:70:92:2b:84:20:9b:12:e6:d4:f2:b6:
7b:f6:2e:34:1a:c4:45:4a:ff:0a:8e:3b:23:ee:36:8f:49:1b:
55:85:c4:ca:b9:2a:fc:59:b9:43:81:77:a6:6c:ad:15:8f:23:
cc:00:b0:f1:4c:63:25:62:4f:aa:85:db:79:07:d1:4a:d9:2a:
dc:25:e5:0a:e4:e9:c5:83:29:8c:8f:d4:40:cb:e6:96:49:75:
cf:83:50:fc:6f:ee:37:36:06:c9:e7:d2:90:d8:e5:d6:a5:bc:
ad:0a:8c:d5:46:49:22:b9:8f:2e:41:2f:d8:96:32:5f:d0:e1:
90:4d:d8:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCB6pe/sG5m1KEN38ykJUc5MmS6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5MzlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwODg0YWUwMDFlZTNkNDVmNzAzNzYxMTJjYjQzNWFjNzcwMWFjYzM0N2U5
MTdjNGQ5MjI1MGE5ZWQxYWUwMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzLvuk5jNkNZfG8vsMPmhTu1QKA47Pab97TY+7wYLKvhtj+GHI64CSy8SC5
RyppT85WoC9vE6K7AQQ2dMygq+HVWM8pJUA4jBw9Ryyz/PfapFOtkxvYp4gZmcB+
dUS4sUHMmFJUoWkhrUpWMYzHa8LyrTVl5IeBFzY2k9Y/GpZx8piIBkmXnWeUg8yB
gCY7dy5V9rMdgqQMQ2BfReM3I7nF11lL+pd18BtYpCmjFVCDLWXQkssFpri3gB0p
xD4oiEjjLsEsptmgsLLeG+3kW1jyfS7QnEko3thBo2BGh05+++cE1XU3uRMv3XV1
Nf54fOtCS8LnWQR3MexQdUlNDPcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSxfGc5
JthC64uLnrO/ANng8vG5xDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQDXrcFSF0MrhyHTCGopvse2ZKtlzQs9rm7mUQcbdWui
MfjhoeOmhyzO0sBCY+QbIybp4UmLWYZ607XiarZroibGr2d6ABctxiYjJk1lj9sk
lNf5d55TbmDi/hmhr2CG0tr8towrLDSmnty8DhVxZRQTSPqaSL0jcb+7rS1Y7rIY
jm0gyrTXcJIrhCCbEubU8rZ79i40GsRFSv8Kjjsj7jaPSRtVhcTKuSr8WblDgXem
bK0VjyPMALDxTGMlYk+qhdt5B9FK2SrcJeUK5OnFgymMj9RAy+aWSXXPg1D8b+43
NgbJ59KQ2OXWpbytCozVRkkiuY8uQS/YljJf0OGQTdgb
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:34:37 2025 by rpki-client