Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: xFKLbOitczw2dGXj+DqCqnEZFFb+DkG03Ath7gOKPJs=
Subject key identifier: 9E:F9:15:BA:9A:3B:00:E5:03:4D:6A:28:C9:8D:18:E6:CA:0C:3E:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 035B727D14B4671A1FDE1C3CFC3A6AA69FA7E417
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Mon 06 Oct 2025 18:10:37 +0000
ROA not before: Mon 06 Oct 2025 18:10:37 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:5b:72:7d:14:b4:67:1a:1f:de:1c:3c:fc:3a:6a:a6:9f:a7:e4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:37 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=a9c3aa3307cc89b887e62455631cfc0b8e246ea2392b6f9112ccc893959cec85, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fb:4a:75:20:df:55:87:db:1c:15:da:51:b3:
c9:c4:ea:1d:a0:f5:30:2b:24:73:8d:d4:fb:e4:d4:
f6:76:96:61:e7:8a:b1:be:09:b0:26:82:d9:77:b7:
b7:78:53:a7:50:6d:60:cc:a3:71:9b:c9:20:0f:c8:
d2:13:43:5e:07:b7:10:38:d3:b6:f9:ce:94:52:8b:
dc:f1:db:49:32:6a:5b:a6:29:d6:a3:20:7f:aa:cc:
cc:36:a5:d0:e6:3d:a1:1f:9b:b5:a8:6f:aa:88:a3:
b9:d3:f8:bc:ae:43:38:dd:0b:75:9a:5d:46:f6:04:
78:34:84:ef:4c:0a:fe:5e:d8:77:3c:81:7a:7c:d9:
bf:12:20:66:93:bd:c7:11:f4:06:72:ed:15:71:dc:
cd:05:87:10:87:cb:95:03:f1:7c:88:35:83:2f:99:
a9:8c:50:f6:a5:84:d2:8e:b8:b4:c0:95:f4:cc:60:
0a:25:e8:23:89:b1:f5:cf:74:49:42:13:87:31:27:
5f:a8:71:5c:10:18:16:c2:9b:45:bc:8c:f8:84:e4:
bd:65:86:8c:bc:5b:3a:9f:89:16:aa:4c:03:51:f9:
b2:fe:68:f1:ee:6a:57:15:1a:93:1c:b9:80:d8:1b:
eb:70:8d:59:ef:4b:f4:cd:99:0c:15:c6:69:0f:ec:
26:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:F9:15:BA:9A:3B:00:E5:03:4D:6A:28:C9:8D:18:E6:CA:0C:3E:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a7:3a:5f:b8:c7:20:df:4d:f4:e6:17:b2:40:34:d9:71:04:d7:
ba:30:20:c4:36:e9:c4:cd:f4:dc:f8:b0:4e:ff:98:b4:93:b0:
4d:bb:77:53:de:bd:2a:9e:5a:73:87:a2:4c:58:94:be:a9:e2:
52:54:13:e1:20:e1:46:53:e5:bf:90:e8:48:57:48:79:d5:61:
42:94:91:c7:bf:74:1e:92:5e:c8:69:03:d5:d9:c6:5b:1e:89:
49:9e:12:23:d9:72:75:59:9a:b2:45:62:6c:c1:97:af:83:c6:
bb:f8:18:53:82:1c:97:64:f7:26:61:bc:f1:84:9e:e6:ed:45:
02:a6:6d:33:53:bc:a1:57:b4:59:97:36:c3:85:b2:90:66:8d:
ea:ed:aa:5c:ba:47:8e:ef:42:e5:19:f1:0d:d5:5b:e7:99:fd:
88:41:82:1e:88:bc:35:f6:40:93:11:1a:c5:32:70:fb:7f:97:
9f:b9:11:19:75:d2:a0:2c:b9:8d:78:de:56:5f:a2:e4:5b:6c:
c1:a3:af:65:35:52:76:c2:93:a2:b5:0f:47:26:9a:ed:f9:c7:
ee:f3:04:e1:63:ad:ce:ef:c5:18:bb:7c:2e:3b:bf:8a:1c:9c:
cf:19:e9:bf:73:06:58:76:5b:c5:93:af:31:0d:e4:9f:5c:f5:
8a:31:94:cc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA1tyfRS0Zxof3hw8/Dpqpp+n5BcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzdaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5YzNhYTMzMDdjYzg5Yjg4N2U2MjQ1NTYzMWNmYzBiOGUyNDZlYTIzOTJi
NmY5MTEyY2NjODkzOTU5Y2VjODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/7SnUg31WH2xwV2lGzycTqHaD1MCskc43U++TU9naWYeeKsb4JsCaC2Xe3
t3hTp1BtYMyjcZvJIA/I0hNDXge3EDjTtvnOlFKL3PHbSTJqW6Yp1qMgf6rMzDal
0OY9oR+btahvqoijudP4vK5DON0LdZpdRvYEeDSE70wK/l7YdzyBenzZvxIgZpO9
xxH0BnLtFXHczQWHEIfLlQPxfIg1gy+ZqYxQ9qWE0o64tMCV9MxgCiXoI4mx9c90
SUIThzEnX6hxXBAYFsKbRbyM+ITkvWWGjLxbOp+JFqpMA1H5sv5o8e5qVxUakxy5
gNgb63CNWe9L9M2ZDBXGaQ/sJgcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSe+RW6
mjsA5QNNaijJjRjmygw+bTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCnOl+4xyDfTfTmF7JANNlxBNe6MCDENunEzfTc+LBO
/5i0k7BNu3dT3r0qnlpzh6JMWJS+qeJSVBPhIOFGU+W/kOhIV0h51WFClJHHv3Qe
kl7IaQPV2cZbHolJnhIj2XJ1WZqyRWJswZevg8a7+BhTghyXZPcmYbzxhJ7m7UUC
pm0zU7yhV7RZlzbDhbKQZo3q7apcukeO70LlGfEN1Vvnmf2IQYIeiLw19kCTERrF
MnD7f5efuREZddKgLLmNeN5WX6LkW2zBo69lNVJ2wpOitQ9HJprt+cfu8wThY63O
78UYu3wuO7+KHJzPGem/cwZYdlvFk68xDeSfXPWKMZTM
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:06:49 2025 by rpki-client