Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: c0qR1wl+enq/VRFYBs0ESGB3G1ID7tBK/PIpGMJIKZk=
Subject key identifier: 1B:8A:E6:54:91:FA:7F:BD:E7:D6:D3:18:B4:28:71:C7:1F:BF:BB:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0908DF73B61D1B70949146E9815E0C2DE60C2768
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Mon 06 Oct 2025 18:10:39 +0000
ROA not before: Mon 06 Oct 2025 18:10:39 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:08:df:73:b6:1d:1b:70:94:91:46:e9:81:5e:0c:2d:e6:0c:27:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:39 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=8c4a9d19020ebf4c6f6655deb533971e2b63aaf387e31fa3cf02cf66bdf2e5b7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ca:be:8b:73:ab:00:4f:e6:e6:72:b0:3a:43:
37:11:02:31:c4:71:8b:fd:99:31:5b:3e:59:2b:d0:
39:c7:1d:46:66:41:51:01:07:d8:f3:a2:a6:be:f0:
59:7c:e8:f5:c9:10:79:67:47:66:02:58:ba:f9:36:
f8:19:eb:b2:a0:71:ae:ac:51:7c:3e:71:47:c3:f6:
c0:aa:f3:00:c1:58:b0:ce:8d:34:b9:9f:13:a0:67:
10:fe:9d:5f:d2:a4:8b:12:a0:21:f2:16:8a:6b:62:
25:4e:b0:a6:4f:5d:0d:b6:37:ec:19:2e:ce:2f:f2:
93:2a:53:17:50:04:0e:1c:eb:1c:e6:63:b1:67:51:
1a:c0:66:9d:e7:21:7c:16:e8:e1:0a:fd:49:7c:71:
72:b0:f1:10:c3:31:a0:da:b5:0e:e6:53:0c:fc:03:
6a:b6:61:02:eb:f8:4c:a6:19:4d:87:2a:68:60:52:
40:62:97:c4:a2:51:88:9a:87:5e:7a:95:58:50:94:
e8:c0:a2:0c:a6:ee:ff:4a:6d:27:8c:1e:ab:bc:88:
b7:5b:e6:5a:94:e2:39:19:e9:b6:7b:52:00:0b:83:
58:69:8b:11:00:9e:90:fd:90:72:cd:ed:0b:e8:9f:
31:73:89:d7:1f:88:27:65:7e:97:5e:00:fc:e8:cb:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8A:E6:54:91:FA:7F:BD:E7:D6:D3:18:B4:28:71:C7:1F:BF:BB:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
60:d0:84:90:24:60:80:85:fc:16:b7:c4:22:92:ec:63:20:dd:
81:fe:38:f7:b3:e7:2b:7d:e3:2c:c8:9b:9b:dc:77:8b:a0:bf:
f3:f6:93:c1:50:e9:33:c5:23:b7:59:46:ab:0c:ba:d5:e5:e3:
40:25:af:6a:31:14:60:b7:71:0d:b1:94:a3:48:ae:43:da:a7:
e0:63:00:19:ab:e3:5e:cf:58:87:5a:de:a3:f6:07:e8:52:dd:
5a:4d:f2:b2:a7:4a:a2:3f:34:92:02:20:92:ae:db:0e:8b:da:
6c:35:c5:fd:3f:fb:fb:1a:d6:18:ee:4d:bf:45:8a:84:5e:f8:
22:eb:cc:e8:4a:5c:96:72:4d:56:2d:bb:a9:39:50:fc:57:c5:
e5:44:63:5c:77:bc:03:78:05:ae:0f:a5:28:91:1b:92:8a:70:
4a:28:62:7d:3f:75:52:99:22:5e:5e:3a:d2:36:53:65:ae:65:
5f:81:d0:5e:d7:8f:b1:94:b8:ee:12:47:a5:a4:75:b7:75:fc:
a8:f0:3d:10:f9:20:94:42:5e:34:5d:f4:cb:2b:8d:60:a4:22:
6b:70:b7:ea:07:18:7e:42:83:7b:c9:d3:77:30:78:07:e8:56:
d3:15:c3:66:06:25:f0:5c:cf:7f:7c:55:c7:8b:ef:45:7e:03:
2d:d6:12:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCQjfc7YdG3CUkUbpgV4MLeYMJ2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhjNGE5ZDE5MDIwZWJmNGM2ZjY2NTVkZWI1MzM5NzFlMmI2M2FhZjM4N2Uz
MWZhM2NmMDJjZjY2YmRmMmU1YjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJHKvotzqwBP5uZysDpDNxECMcRxi/2ZMVs+WSvQOccdRmZBUQEH2POipr7w
WXzo9ckQeWdHZgJYuvk2+BnrsqBxrqxRfD5xR8P2wKrzAMFYsM6NNLmfE6BnEP6d
X9KkixKgIfIWimtiJU6wpk9dDbY37Bkuzi/ykypTF1AEDhzrHOZjsWdRGsBmnech
fBbo4Qr9SXxxcrDxEMMxoNq1DuZTDPwDarZhAuv4TKYZTYcqaGBSQGKXxKJRiJqH
XnqVWFCU6MCiDKbu/0ptJ4weq7yIt1vmWpTiORnptntSAAuDWGmLEQCekP2Qcs3t
C+ifMXOJ1x+IJ2V+l14A/OjLaRMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQbiuZU
kfp/vefW0xi0KHHHH7+7sDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQBg0ISQJGCAhfwWt8QikuxjIN2B/jj3s+crfeMsyJub
3HeLoL/z9pPBUOkzxSO3WUarDLrV5eNAJa9qMRRgt3ENsZSjSK5D2qfgYwAZq+Ne
z1iHWt6j9gfoUt1aTfKyp0qiPzSSAiCSrtsOi9psNcX9P/v7GtYY7k2/RYqEXvgi
68zoSlyWck1WLbupOVD8V8XlRGNcd7wDeAWuD6UokRuSinBKKGJ9P3VSmSJeXjrS
NlNlrmVfgdBe14+xlLjuEkelpHW3dfyo8D0Q+SCUQl40XfTLK41gpCJrcLfqBxh+
QoN7ydN3MHgH6FbTFcNmBiXwXM9/fFXHi+9FfgMt1hIK
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:41 2025 by rpki-client