Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: ek3279JfPIaVY3Fe3JWt2OFQFTFMj1Ocqd59xi4xu44=
Subject key identifier: 5F:AA:E6:F2:9C:87:33:63:1F:D0:77:BF:D2:A2:91:A4:7C:66:1C:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1610AA68698455110F01AFF14C312EF6DF4C8ED3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Mon 06 Oct 2025 18:10:35 +0000
ROA not before: Mon 06 Oct 2025 18:10:35 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:10:aa:68:69:84:55:11:0f:01:af:f1:4c:31:2e:f6:df:4c:8e:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:35 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=dc8d3dbb1e7da7311075bcc1bdf60c295b02fcf50f68ab377b39f40025717a47, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:75:af:63:61:69:cb:23:f5:8f:6c:5d:dc:bb:
d0:e1:69:3c:59:dc:b9:f1:4a:a8:1c:e6:e7:43:d7:
f6:ef:e9:05:a9:aa:aa:0b:d3:95:cb:80:d3:ff:d9:
48:5e:82:8b:13:be:bb:46:6e:a6:e2:e8:3f:16:c2:
cd:e4:db:21:16:f3:14:16:b8:43:17:01:33:6e:31:
26:9c:d0:94:4c:36:20:e1:97:ca:73:b1:c7:4a:09:
d5:b4:01:ff:35:a7:cb:c8:67:f1:6d:1f:a3:d6:b4:
61:d1:76:c3:ea:1e:10:3f:3b:01:34:e7:5c:66:28:
93:d5:20:8b:a0:b4:6d:c6:d0:7e:a2:17:15:94:34:
44:fc:0b:9d:66:3d:9c:c3:4d:fb:de:48:c4:3a:04:
41:7d:bf:c5:49:ca:99:a5:1c:a0:99:c1:32:a4:7c:
02:ef:81:01:d6:be:77:8d:df:8f:54:5b:06:57:e6:
63:84:bc:e6:6b:9b:ae:e7:2c:b8:31:2d:84:af:75:
f0:ec:ab:92:5f:81:35:2c:13:14:24:b5:84:3c:1f:
5b:e4:ce:ab:9c:20:5f:a7:5b:f3:cc:35:80:70:d8:
24:f3:53:3e:66:b7:6d:a9:1f:b3:06:95:ad:0b:1b:
f7:c1:5d:d0:ab:d2:4d:09:68:07:ef:e1:2a:d5:9d:
f3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AA:E6:F2:9C:87:33:63:1F:D0:77:BF:D2:A2:91:A4:7C:66:1C:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bd:7d:04:dd:03:7d:c0:1b:f8:4b:59:e7:ba:14:b1:d5:2a:39:
bd:73:5f:81:38:b6:21:3d:25:c7:dd:c9:63:4e:12:99:0f:17:
bc:aa:31:ec:f8:78:fa:e5:68:91:45:c8:50:b8:81:88:ee:b7:
eb:1b:08:7b:c0:10:a9:57:b8:55:38:bb:e0:8f:e3:41:17:a1:
88:4b:50:a2:4d:09:d9:13:27:4d:16:bf:3f:4a:35:70:d8:1e:
9e:d6:d7:d8:74:2a:5f:08:3d:26:c0:39:2e:c2:9b:88:73:39:
bf:d1:62:30:ee:94:de:53:cd:c4:b0:18:44:16:b7:47:2e:1b:
20:31:e1:4e:1f:1e:36:8a:be:9d:0e:e7:60:8a:5b:1f:e3:1f:
5a:ef:2f:d3:2b:b2:4b:e5:3a:a6:66:bb:0e:d3:52:59:42:37:
76:4a:c2:a0:b4:26:b2:0d:94:bc:fb:43:9e:2d:46:fb:e3:ae:
59:6b:2e:e4:f5:9e:d4:79:0d:5b:81:64:27:89:a0:2d:52:f8:
16:df:c2:d8:10:6a:a4:58:dc:c0:93:8f:f5:9d:d2:10:98:41:
f3:a7:88:0c:9f:f5:79:4c:e9:de:3c:e5:df:e7:a5:97:81:0e:
1a:d3:cf:9f:69:09:25:77:44:81:63:b4:74:31:cf:14:28:a2:
5d:fb:22:19
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFhCqaGmEVREPAa/xTDEu9t9MjtMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjOGQzZGJiMWU3ZGE3MzExMDc1YmNjMWJkZjYwYzI5NWIwMmZjZjUwZjY4
YWIzNzdiMzlmNDAwMjU3MTdhNDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ11r2Nhacsj9Y9sXdy70OFpPFncufFKqBzm50PX9u/pBamqqgvTlcuA0//Z
SF6CixO+u0ZupuLoPxbCzeTbIRbzFBa4QxcBM24xJpzQlEw2IOGXynOxx0oJ1bQB
/zWny8hn8W0fo9a0YdF2w+oeED87ATTnXGYok9Ugi6C0bcbQfqIXFZQ0RPwLnWY9
nMNN+95IxDoEQX2/xUnKmaUcoJnBMqR8Au+BAda+d43fj1RbBlfmY4S85mubrucs
uDEthK918Oyrkl+BNSwTFCS1hDwfW+TOq5wgX6db88w1gHDYJPNTPma3bakfswaV
rQsb98Fd0KvSTQloB+/hKtWd878CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRfquby
nIczYx/Qd7/SopGkfGYcSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQC9fQTdA33AG/hLWee6FLHVKjm9c1+BOLYhPSXH3clj
ThKZDxe8qjHs+Hj65WiRRchQuIGI7rfrGwh7wBCpV7hVOLvgj+NBF6GIS1CiTQnZ
EydNFr8/SjVw2B6e1tfYdCpfCD0mwDkuwpuIczm/0WIw7pTeU83EsBhEFrdHLhsg
MeFOHx42ir6dDudgilsf4x9a7y/TK7JL5TqmZrsO01JZQjd2SsKgtCayDZS8+0Oe
LUb7465Zay7k9Z7UeQ1bgWQniaAtUvgW38LYEGqkWNzAk4/1ndIQmEHzp4gMn/V5
TOnePOXf56WXgQ4a08+faQkld0SBY7R0Mc8UKKJd+yIZ
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:04:11 2025 by rpki-client