Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: H6Clg1yyoPqsoEuC4MJURDcGHhZHcvJI2+UJLACd8cg=
Subject key identifier: 64:0B:A1:A9:53:A9:CA:71:12:09:CA:BE:98:28:91:AF:DB:93:E6:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3361B6C2D10BEF49A8B17C688A3F4DE41889DD20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Fri 26 Sep 2025 20:39:38 +0000
ROA not before: Fri 26 Sep 2025 20:39:38 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:61:b6:c2:d1:0b:ef:49:a8:b1:7c:68:8a:3f:4d:e4:18:89:dd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:38 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=4d7a722018fd013639fe9f27c5d054b839845778853dbec7e46b1aa143c1780c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6d:31:22:cd:8b:7d:0f:fb:75:03:de:8d:66:
b7:e9:46:de:e4:82:6c:89:0e:e7:c7:45:c8:08:57:
69:f4:1a:72:16:d4:6b:20:ae:ad:23:4d:cf:e1:06:
be:75:87:9d:eb:c2:59:fa:03:9f:86:d6:dd:45:27:
6e:da:53:ef:ef:08:8b:d8:d8:9f:5f:41:a3:60:69:
e1:5f:b0:b0:1b:99:a7:2a:4b:52:87:d9:ae:29:41:
68:32:20:5a:a9:29:c6:64:9c:2b:7a:c7:c1:db:a3:
cf:33:a9:b3:3d:52:7c:4c:20:37:c5:53:1f:3e:af:
b3:9d:a9:dc:2c:94:a2:9f:e5:93:45:6a:7e:ae:28:
a7:e8:30:26:89:0d:04:31:c7:69:33:f9:ed:f3:6d:
51:36:37:90:43:bd:4b:96:1a:9c:b3:47:7c:dc:ef:
38:18:e4:e4:0a:3c:e9:a1:a1:8e:ee:90:fd:78:71:
50:ef:0d:37:c8:c7:44:23:a5:66:27:b9:a6:08:bb:
95:bc:43:28:a0:ce:c0:94:40:25:31:1f:12:f4:bd:
e4:69:2c:fa:44:2a:d3:69:2f:18:06:0a:bd:d6:51:
0c:86:06:c4:94:3b:f6:cc:19:44:e1:65:22:43:bd:
9a:ac:88:e0:0f:52:24:2a:34:db:42:3f:19:af:d8:
9d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:0B:A1:A9:53:A9:CA:71:12:09:CA:BE:98:28:91:AF:DB:93:E6:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
11:d2:f7:15:16:b3:c1:22:5b:99:80:6b:4b:c1:e8:de:29:22:
4e:34:1b:e7:8f:1b:05:0f:3a:a9:54:f6:3d:a2:94:78:2f:d3:
c8:c5:57:e8:fb:d0:1d:ea:e0:43:56:68:73:77:fa:79:f2:ef:
ea:55:b5:be:27:b9:29:40:e2:9b:ed:76:c5:87:5d:be:63:b3:
65:17:ec:cb:79:9f:92:c0:45:36:eb:c8:9c:2a:d2:55:da:9b:
db:09:8d:0a:99:5d:8d:79:ce:37:e5:89:b8:20:5c:f1:10:f2:
95:74:59:f1:0c:6b:4c:18:79:c2:0b:8f:5b:62:79:80:c7:af:
56:31:61:b0:cb:9e:e3:1c:37:b1:82:0d:b6:69:52:3d:c2:bd:
ca:5c:36:76:7e:31:57:c8:9d:ef:13:9e:68:44:1e:a8:6f:aa:
e1:9f:9d:a4:56:a9:b5:ba:c2:c3:02:95:e0:39:13:49:cb:23:
17:9e:c9:f4:24:32:cd:2b:41:d8:48:9c:1a:73:e0:82:77:0c:
72:ee:70:50:32:90:f8:81:47:e1:cc:e6:25:99:00:07:78:b8:
f4:b9:9e:21:f4:30:2c:01:ad:2d:1c:fe:83:35:1a:be:a2:0c:
be:5a:a1:ee:60:94:8a:89:bc:20:cb:75:0e:4d:7a:bf:6e:86:
51:b0:4e:5c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM2G2wtEL70mosXxoij9N5BiJ3SAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5MzhaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkN2E3MjIwMThmZDAxMzYzOWZlOWYyN2M1ZDA1NGI4Mzk4NDU3Nzg4NTNk
YmVjN2U0NmIxYWExNDNjMTc4MGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALttMSLNi30P+3UD3o1mt+lG3uSCbIkO58dFyAhXafQachbUayCurSNNz+EG
vnWHnevCWfoDn4bW3UUnbtpT7+8Ii9jYn19Bo2Bp4V+wsBuZpypLUofZrilBaDIg
WqkpxmScK3rHwdujzzOpsz1SfEwgN8VTHz6vs52p3CyUop/lk0Vqfq4op+gwJokN
BDHHaTP57fNtUTY3kEO9S5YanLNHfNzvOBjk5Ao86aGhju6Q/XhxUO8NN8jHRCOl
Zie5pgi7lbxDKKDOwJRAJTEfEvS95Gks+kQq02kvGAYKvdZRDIYGxJQ79swZROFl
IkO9mqyI4A9SJCo020I/Ga/YnRMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRkC6Gp
U6nKcRIJyr6YKJGv25PmQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQAR0vcVFrPBIluZgGtLwejeKSJONBvnjxsFDzqpVPY9
opR4L9PIxVfo+9Ad6uBDVmhzd/p58u/qVbW+J7kpQOKb7XbFh12+Y7NlF+zLeZ+S
wEU268icKtJV2pvbCY0KmV2Nec435Ym4IFzxEPKVdFnxDGtMGHnCC49bYnmAx69W
MWGwy57jHDexgg22aVI9wr3KXDZ2fjFXyJ3vE55oRB6ob6rhn52kVqm1usLDApXg
ORNJyyMXnsn0JDLNK0HYSJwac+CCdwxy7nBQMpD4gUfhzOYlmQAHeLj0uZ4h9DAs
Aa0tHP6DNRq+ogy+WqHuYJSKibwgy3UOTXq/boZRsE5c
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:47 2025 by rpki-client