Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
File: 78e385a6-a7b8-4e63-8222-9119ad4d303f.roa (raw, json)
Hash identifier: v0h3DXMXz+Ixvdn4Oirc0uHwanaimwDjZMpgleHEoqE=
Subject key identifier: 71:9F:7B:9E:22:5E:AC:F4:96:DE:25:00:99:0C:71:36:44:8F:60:0C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F8B5F00B6D5F5C691FBF86D96D81C90C3829474
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
Signing time: Mon 13 Oct 2025 18:00:06 +0000
ROA not before: Mon 13 Oct 2025 18:00:06 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.118.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:8b:5f:00:b6:d5:f5:c6:91:fb:f8:6d:96:d8:1c:90:c3:82:94:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 13 18:00:06 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=0d7c39c5790d9869e2e2ea845cad36a49472c210b152904f217e6cd5ea0e8f32, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9e:4a:c7:2b:91:2e:a4:b8:94:58:eb:97:77:
65:01:1c:84:77:66:22:e1:e7:fe:8c:99:59:e5:75:
ac:93:76:c7:fb:d8:ae:9e:4f:1a:7d:69:a8:4f:71:
22:6a:15:5a:ea:89:15:1d:fb:b2:9e:30:01:1f:94:
80:98:56:bb:fe:ad:d2:0e:51:94:ec:d3:8c:45:59:
57:e3:35:90:0e:5c:8d:cc:98:a0:9c:aa:3d:98:a2:
c8:de:c2:e9:d1:11:ce:34:1a:93:d6:e3:cb:75:7d:
b9:31:be:db:76:a2:94:08:c8:04:74:f1:ef:55:5d:
fa:e7:ff:a7:01:b7:77:7b:43:66:fa:b1:4c:1f:89:
5f:8e:fc:86:67:85:ba:2e:73:13:2b:06:dc:7e:5d:
ed:be:06:91:38:81:91:6c:be:22:63:bf:2e:4b:c4:
d6:04:28:23:0f:11:48:45:2b:8a:98:82:88:5f:80:
53:68:51:c8:b5:bb:a3:21:fa:5e:9f:6f:26:18:3a:
5a:23:bf:ec:aa:0f:68:b4:31:b1:bb:22:40:1e:75:
f3:bd:50:27:02:32:31:49:cb:38:ad:06:97:75:d7:
42:96:66:18:46:89:f5:7b:77:52:ff:1c:23:03:9a:
93:8c:03:f5:50:32:58:ea:63:37:9e:02:e3:a5:da:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9F:7B:9E:22:5E:AC:F4:96:DE:25:00:99:0C:71:36:44:8F:60:0C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78e385a6-a7b8-4e63-8222-9119ad4d303f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
87:04:45:83:43:76:67:a5:26:09:2e:4f:6b:e9:57:62:e5:bf:
e4:51:b7:2d:ed:4a:aa:56:67:cc:e3:ac:4a:7c:bc:67:74:3a:
56:5c:f4:4e:c7:08:8a:56:fb:dd:ba:a7:1d:ba:29:1f:59:d9:
14:77:85:41:60:54:fc:ab:0f:c6:1a:45:f3:67:28:d5:9b:b3:
5c:ad:76:d7:93:2b:6e:f4:6a:f8:63:4e:bc:50:a2:1d:32:fd:
1c:88:9d:32:9d:c0:e6:54:62:e5:6b:45:86:7c:de:70:a3:21:
78:1b:08:ac:9a:97:18:b5:cd:1a:30:64:f6:eb:c8:ce:5a:b8:
c7:b5:62:48:a6:a7:2c:19:bb:9f:98:a8:af:64:da:cd:b1:81:
bd:7b:9b:d4:f7:3a:d7:93:64:d0:63:db:0d:79:6f:82:5c:15:
8b:43:9c:7c:c6:6d:87:ca:35:d0:25:f5:1f:56:f4:f6:c1:ac:
cb:b7:9c:96:f7:56:76:7a:97:28:bf:b0:28:8d:00:9d:d2:28:
f4:18:c2:e3:6f:30:bd:29:a4:76:73:43:bd:a1:96:d6:e6:e1:
f4:93:5e:5d:53:2b:2c:42:09:ff:80:42:c0:37:d6:12:29:45:
7d:24:f5:95:0d:79:94:e0:ad:8a:25:c6:0c:a7:bf:e7:ea:1a:
e4:2b:7c:33
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUb4tfALbV9caR+/htltgckMOClHQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTMxODAwMDZaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkN2MzOWM1NzkwZDk4NjllMmUyZWE4NDVjYWQzNmE0OTQ3MmMyMTBiMTUy
OTA0ZjIxN2U2Y2Q1ZWEwZThmMzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKqeSscrkS6kuJRY65d3ZQEchHdmIuHn/oyZWeV1rJN2x/vYrp5PGn1pqE9x
ImoVWuqJFR37sp4wAR+UgJhWu/6t0g5RlOzTjEVZV+M1kA5cjcyYoJyqPZiiyN7C
6dERzjQak9bjy3V9uTG+23ailAjIBHTx71Vd+uf/pwG3d3tDZvqxTB+JX478hmeF
ui5zEysG3H5d7b4GkTiBkWy+ImO/LkvE1gQoIw8RSEUripiCiF+AU2hRyLW7oyH6
Xp9vJhg6WiO/7KoPaLQxsbsiQB51871QJwIyMUnLOK0Gl3XXQpZmGEaJ9Xt3Uv8c
IwOak4wD9VAyWOpjN54C46Xa3GECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRxn3ue
Il6s9JbeJQCZDHE2RI9gDDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhlMzg1YTYtYTdiOC00ZTYzLTgyMjItOTExOWFkNGQzMDNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQCHBEWDQ3ZnpSYJLk9r6Vdi5b/kUbct7UqqVmfM46xK
fLxndDpWXPROxwiKVvvduqcduikfWdkUd4VBYFT8qw/GGkXzZyjVm7NcrXbXkytu
9Gr4Y068UKIdMv0ciJ0yncDmVGLla0WGfN5woyF4GwismpcYtc0aMGT268jOWrjH
tWJIpqcsGbufmKivZNrNsYG9e5vU9zrXk2TQY9sNeW+CXBWLQ5x8xm2HyjXQJfUf
VvT2wazLt5yW91Z2epcov7AojQCd0ij0GMLjbzC9KaR2c0O9oZbW5uH0k15dUyss
Qgn/gELAN9YSKUV9JPWVDXmU4K2KJcYMp7/n6hrkK3wz
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:05 2025 by rpki-client