Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
File: b39e8644-b3a5-4477-b7b6-d340235a9010.roa (raw, json)
Hash identifier: +I/20TRVfN+/pFKjV7UkulZbmH+W+IYBchOlUaFcbyo=
Subject key identifier: 23:83:D7:86:09:78:D8:FB:90:B3:1B:FB:18:E1:00:B4:38:8D:D4:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B0AD116B79E87EFE7ED812A1B384CE113A42B9B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
Signing time: Fri 17 Oct 2025 20:00:31 +0000
ROA not before: Fri 17 Oct 2025 20:00:31 +0000
ROA not after: Fri 21 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.168.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:0a:d1:16:b7:9e:87:ef:e7:ed:81:2a:1b:38:4c:e1:13:a4:2b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 17 20:00:31 2025 GMT
Not After : Nov 21 23:59:59 2025 GMT
Subject: serialNumber=71bc9ec9334059c994e796c7bdd68f6008967db6c6bbed4f10e9ee8523688eaa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6b:86:d2:19:0a:fb:c5:be:e7:54:1c:e3:46:
ab:34:90:b0:7b:41:c0:60:c1:b0:be:4e:c1:7d:26:
17:ad:65:39:f8:ab:2e:3c:b8:6e:dd:d3:c7:c8:ef:
d8:0f:b4:37:d3:6c:f9:75:6c:62:59:fe:3e:a4:84:
f3:8b:d0:d0:73:19:d8:d4:09:53:12:0c:45:5d:c4:
09:91:79:d2:33:95:65:ab:c3:bb:80:0d:cd:d0:ae:
6b:66:07:1b:81:32:e4:c6:b0:a6:86:cb:0b:ad:2b:
94:48:10:cc:fd:11:44:8d:e5:7c:9b:89:29:17:22:
d6:49:ec:59:56:bb:37:a7:ad:f2:0e:e4:e8:52:a1:
95:92:a4:45:0a:8d:71:d1:b2:36:ee:d3:cb:23:d1:
9d:3a:4a:ab:80:7e:76:6c:dd:77:f1:5d:f0:7d:79:
40:85:75:8e:cd:30:11:98:9d:d6:62:a4:07:99:13:
39:38:c4:64:71:ba:d7:8b:f9:e9:09:e4:7f:eb:0d:
7f:81:e9:b2:e7:0b:e1:1f:5e:07:55:df:3f:9a:55:
7f:72:3b:a5:9e:96:db:49:c5:98:df:36:a7:ac:4c:
67:78:17:6a:63:fa:e9:4f:56:bd:0b:ba:ae:b4:56:
10:d0:9b:57:f1:f1:68:c8:c5:ba:eb:db:08:f2:1d:
92:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:83:D7:86:09:78:D8:FB:90:B3:1B:FB:18:E1:00:B4:38:8D:D4:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b39e8644-b3a5-4477-b7b6-d340235a9010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
34:fb:be:ce:4e:37:4b:44:c2:01:5c:3c:47:35:a0:00:2a:2e:
66:7b:71:6c:9c:61:4d:8a:86:f1:60:1f:ec:9b:1d:b1:44:5f:
13:46:1b:93:9c:c7:b3:9b:42:e3:c1:35:f9:50:9d:34:0b:02:
ad:e6:65:02:05:dc:79:a2:24:22:ab:81:f4:17:71:29:1e:bd:
f3:54:f5:31:39:81:af:5d:61:16:5e:bb:3f:63:d8:27:14:b9:
a5:5a:f5:c2:0e:f8:f2:84:3a:51:e5:92:22:16:57:15:17:9b:
9c:1d:6f:d4:47:ed:f5:15:6c:85:37:f9:b0:a6:05:39:e2:79:
38:43:39:2a:97:66:5d:c4:1f:3e:ce:e3:10:ef:a1:0a:55:58:
a5:8b:8d:98:8a:42:1b:d6:76:ec:5b:dc:2e:14:f7:3a:9a:99:
00:df:93:ae:06:30:04:1b:b0:2d:e8:53:99:af:bb:ad:ff:58:
be:f4:57:4d:7a:b7:45:9e:93:66:25:1b:52:3f:49:f8:e0:9a:
31:7f:46:fb:cc:91:05:74:2b:88:bf:4e:b1:ef:0a:da:3e:00:
7d:0b:0f:d5:27:6e:c6:89:4f:81:08:dc:7b:c4:68:67:b7:45:
89:d1:11:8d:3d:25:31:2f:12:d0:3d:93:1a:76:26:b6:65:88:
ee:2a:96:6c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUewrRFreeh+/n7YEqGzhM4ROkK5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTcyMDAwMzFaFw0yNTExMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDcxYmM5ZWM5MzM0MDU5Yzk5NGU3OTZjN2JkZDY4ZjYwMDg5NjdkYjZjNmJi
ZWQ0ZjEwZTllZTg1MjM2ODhlYWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJrhtIZCvvFvudUHONGqzSQsHtBwGDBsL5OwX0mF61lOfirLjy4bt3Tx8jv
2A+0N9Ns+XVsYln+PqSE84vQ0HMZ2NQJUxIMRV3ECZF50jOVZavDu4ANzdCua2YH
G4Ey5MawpobLC60rlEgQzP0RRI3lfJuJKRci1knsWVa7N6et8g7k6FKhlZKkRQqN
cdGyNu7TyyPRnTpKq4B+dmzdd/Fd8H15QIV1js0wEZid1mKkB5kTOTjEZHG614v5
6Qnkf+sNf4HpsucL4R9eB1XfP5pVf3I7pZ6W20nFmN82p6xMZ3gXamP66U9WvQu6
rrRWENCbV/HxaMjFuuvbCPIdkvcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjg9eG
CXjY+5CzG/sY4QC0OI3UkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjM5ZTg2NDQtYjNhNS00NDc3LWI3YjYtZDM0MDIzNWE5MDEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQA0+77OTjdLRMIBXDxHNaAAKi5me3FsnGFNiobxYB/s
mx2xRF8TRhuTnMezm0LjwTX5UJ00CwKt5mUCBdx5oiQiq4H0F3EpHr3zVPUxOYGv
XWEWXrs/Y9gnFLmlWvXCDvjyhDpR5ZIiFlcVF5ucHW/UR+31FWyFN/mwpgU54nk4
Qzkql2ZdxB8+zuMQ76EKVVili42YikIb1nbsW9wuFPc6mpkA35OuBjAEG7At6FOZ
r7ut/1i+9FdNerdFnpNmJRtSP0n44Joxf0b7zJEFdCuIv06x7wraPgB9Cw/VJ27G
iU+BCNx7xGhnt0WJ0RGNPSUxLxLQPZMadia2ZYjuKpZs
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:45 2025 by rpki-client