Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
File: 46b220b9-837f-4174-97e6-c711958273ea.roa (raw, json)
Hash identifier: 9VtmRYvjXi38AvOfrtYXYOSqcl7wpeO78DXkYz1n9pQ=
Subject key identifier: 27:73:F7:8D:EA:54:F6:42:1D:B0:B9:FE:B0:6B:B7:49:81:04:1C:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EF7377F7B5CBFE7143B7166488BE4EF9F3DC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
Signing time: Fri 26 Sep 2025 20:39:54 +0000
ROA not before: Fri 26 Sep 2025 20:39:54 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.78.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:f7:37:7f:7b:5c:bf:e7:14:3b:71:66:48:8b:e4:ef:9f:3d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:54 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=0f5c62e3473f566ada98c4ca30c9388b0ba9b2936be74327faac2dd2b949666a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:4c:c0:6f:5e:9a:b3:e5:d2:c2:d9:66:32:
81:a9:fc:3e:61:59:31:2c:fc:57:b5:f4:7b:32:55:
33:ad:9a:ba:18:64:4b:c0:4a:3c:7f:82:ee:b8:4a:
24:96:61:28:b4:93:c9:92:d7:42:b3:d9:55:26:2f:
48:24:96:78:80:55:cb:6e:ee:28:ac:aa:dd:71:63:
2c:1f:2e:93:a2:35:7a:19:22:69:32:b0:21:02:4a:
c8:ec:a9:68:41:77:04:c1:27:78:72:e7:37:24:67:
ba:a4:f8:67:aa:6d:a1:e4:f0:89:5c:7b:19:b9:c2:
4c:19:ff:68:78:3a:b1:4b:c6:9e:02:e4:6b:53:10:
97:ae:3c:7f:c1:24:bb:b1:4c:b9:a9:a3:0d:40:0e:
2f:98:d3:35:f5:ab:64:46:48:99:78:a9:26:08:9d:
9e:64:3f:7d:ce:e1:f4:f5:b9:83:a7:29:08:6f:e6:
70:09:91:dc:fb:f2:b8:ac:cd:79:0a:da:36:3a:3d:
6a:4d:52:e8:9d:a9:1a:6b:ad:30:e5:4e:3b:18:8e:
43:49:a9:9f:2e:a5:0d:57:f6:7d:1f:38:00:a9:36:
bf:e5:f3:a1:5c:65:42:39:29:53:93:e0:0a:32:6c:
2c:c0:c2:8b:ad:6c:67:7d:be:11:e6:0d:fd:75:ca:
0d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:73:F7:8D:EA:54:F6:42:1D:B0:B9:FE:B0:6B:B7:49:81:04:1C:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/46b220b9-837f-4174-97e6-c711958273ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.78.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:a8:d2:e1:0f:0d:12:c1:15:0c:fb:b3:b2:ef:42:e2:5e:79:
91:77:d8:cb:8a:25:7f:f3:82:0b:ac:2f:44:e7:22:b3:e4:01:
a5:c3:d6:26:13:90:2b:24:fb:96:60:19:4b:22:37:96:d0:05:
3f:d5:5a:68:4c:47:1f:ab:ed:f2:36:f2:9d:aa:96:40:aa:58:
41:eb:d6:52:cb:9a:07:3a:3f:80:74:87:e6:8c:88:8a:fb:0e:
ec:bc:4c:95:af:d0:c4:d0:40:b5:9d:0a:48:0c:2d:92:3c:90:
c8:35:23:9a:48:42:8c:4b:b0:3c:45:b8:d0:fe:eb:3b:cb:13:
55:c7:5c:cd:9d:1b:18:be:e7:50:8c:23:b9:12:97:14:67:b3:
f6:1a:2e:71:66:9c:ae:43:5d:e0:8a:dc:02:22:b8:bf:a2:b7:
5f:5a:41:90:b1:7a:cf:71:4c:67:83:17:5d:b1:8f:c2:c5:43:
ef:9c:83:ed:ff:94:de:01:ba:01:e7:aa:6e:5e:90:f0:b0:5b:
5c:77:ba:b1:66:28:60:42:76:7f:be:32:99:41:3b:81:cb:cd:
10:e6:a0:4b:5b:97:47:f1:6d:9b:b4:08:41:0d:39:94:35:9d:
1e:53:47:0f:6e:b3:6d:47:40:05:88:e7:1e:e0:10:b2:9c:67:
0d:44:6a:44
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgITXvc3f3tcv+cUO3FmSIvk7589xTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI1MDkyNjIwMzk1NFoXDTI1MTAzMTIzNTk1OVowejFJMEcGA1UE
BRNAMGY1YzYyZTM0NzNmNTY2YWRhOThjNGNhMzBjOTM4OGIwYmE5YjI5MzZiZTc0
MzI3ZmFhYzJkZDJiOTQ5NjY2YTEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsBJMwG9emrPl0sLZZjKBqfw+YVkxLPxXtfR7MlUzrZq6GGRLwEo8f4LuuEok
lmEotJPJktdCs9lVJi9IJJZ4gFXLbu4orKrdcWMsHy6TojV6GSJpMrAhAkrI7Klo
QXcEwSd4cuc3JGe6pPhnqm2h5PCJXHsZucJMGf9oeDqxS8aeAuRrUxCXrjx/wSS7
sUy5qaMNQA4vmNM19atkRkiZeKkmCJ2eZD99zuH09bmDpykIb+ZwCZHc+/K4rM15
Cto2Oj1qTVLonakaa60w5U47GI5DSamfLqUNV/Z9HzgAqTa/5fOhXGVCOSlTk+AK
MmwswMKLrWxnfb4R5g39dcoNPQIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFCdz943q
VPZCHbC5/rBrt0mBBByTMB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy80
NmIyMjBiOS04MzdmLTQxNzQtOTdlNi1jNzExOTU4MjczZWEucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAM04wDQYJ
KoZIhvcNAQELBQADggEBADao0uEPDRLBFQz7s7LvQuJeeZF32MuKJX/zggusL0Tn
IrPkAaXD1iYTkCsk+5ZgGUsiN5bQBT/VWmhMRx+r7fI28p2qlkCqWEHr1lLLmgc6
P4B0h+aMiIr7Duy8TJWv0MTQQLWdCkgMLZI8kMg1I5pIQoxLsDxFuND+6zvLE1XH
XM2dGxi+51CMI7kSlxRns/YaLnFmnK5DXeCK3AIiuL+it19aQZCxes9xTGeDF12x
j8LFQ++cg+3/lN4BugHnqm5ekPCwW1x3urFmKGBCdn++MplBO4HLzRDmoEtbl0fx
bZu0CEENOZQ1nR5TRw9us21HQAWI5x7gELKcZw1EakQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:05 2025 by rpki-client