Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
File: 09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa (raw, json)
Hash identifier: RA27FdGY/Pz0l7Sw2881xWBeTMtTYPSfA63bwKvbteU=
Subject key identifier: 68:A3:1C:09:A0:C1:5A:3D:B0:7F:51:E9:B9:BD:1E:77:C4:11:A8:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 648A86DF86D42B7C64109DD4ABF8A67AC84F148D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
Signing time: Tue 21 Oct 2025 14:50:02 +0000
ROA not before: Tue 21 Oct 2025 14:50:02 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:8a:86:df:86:d4:2b:7c:64:10:9d:d4:ab:f8:a6:7a:c8:4f:14:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:02 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a388c02f9af5b9d3927ba008923ebb67255f88d75ec5ca396db1f11c11f4e7bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cf:b8:8f:0d:7a:b4:55:25:ab:10:f1:01:4a:
11:ee:17:7e:56:34:8b:25:7f:76:41:b3:98:8e:9a:
e5:77:21:95:e1:d9:a4:23:f9:8d:e8:2f:c3:77:0b:
b3:3d:f0:cb:71:f6:7c:e1:8c:9b:2a:6c:51:27:cf:
05:7d:b3:31:fb:2d:54:96:a3:fe:71:16:61:71:52:
0a:eb:e6:af:3b:e0:4b:16:c4:f6:4d:70:1a:28:b6:
9b:63:f3:87:67:76:78:de:80:62:98:11:1f:4d:25:
dd:31:59:df:19:50:c0:fe:7a:1b:26:ea:38:f9:09:
82:f6:5c:f0:ed:12:a3:1a:c0:25:9d:06:ae:e2:f6:
1a:a1:97:23:9f:53:bc:98:df:46:ba:f3:39:f8:8f:
d8:77:ee:b9:47:9e:02:cf:9c:bd:7b:42:37:db:a1:
95:9c:4a:2c:cc:ca:f9:57:f0:f2:29:47:ba:22:9c:
86:65:98:80:15:3b:36:33:17:04:79:ee:30:92:d2:
75:d7:99:a2:02:13:80:31:91:05:60:e2:00:63:d3:
52:08:41:74:5b:3d:88:bd:ac:7c:fc:f9:0a:3c:70:
04:86:42:61:47:c9:aa:60:eb:07:9a:a4:ee:30:df:
0c:4b:5f:1b:a2:3c:6d:6f:70:6b:cc:fa:40:a1:ee:
c5:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:A3:1C:09:A0:C1:5A:3D:B0:7F:51:E9:B9:BD:1E:77:C4:11:A8:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/09ec97ca-044e-4785-bdd4-fcf9e8d514ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bf:66:fc:a6:69:6b:33:92:ce:0d:01:c8:41:ec:90:9c:40:e1:
53:8f:06:29:e5:6c:c2:3c:b8:05:9b:0e:b6:ff:50:86:11:bc:
49:9c:0a:dd:77:69:6e:d1:2e:6b:cb:74:71:28:e0:a6:42:b1:
ec:3b:8a:95:2b:50:79:a9:ea:a6:1e:dd:14:d2:8f:42:8f:19:
66:87:e6:2d:03:4c:04:e7:df:c5:b8:bf:49:49:4e:f4:47:97:
33:bd:85:b0:01:61:fb:9c:b9:38:61:e0:ca:4e:79:6f:32:36:
f5:8e:9b:ae:63:fc:a4:bf:dc:5f:5d:42:50:07:b6:c0:52:52:
77:ce:35:0a:ca:2c:2e:d6:b5:5f:31:7a:57:e9:f8:7a:11:1c:
91:a8:35:c7:ef:d6:96:59:f5:5c:fe:ef:7a:1f:c7:d9:99:fe:
36:5d:ac:b3:92:71:e8:1b:0f:bd:81:6a:85:0e:24:65:19:69:
63:71:f4:e4:a6:c1:f8:06:25:d7:d5:42:c6:6a:a2:24:0b:1f:
a9:45:a5:5f:e1:99:93:03:3b:86:c2:83:43:ce:ba:56:29:e2:
2b:47:c4:b4:80:c8:18:6e:1e:fd:40:70:43:1c:1e:6c:56:60:
95:7c:c4:74:56:5e:a9:ea:d0:77:82:bc:c3:b8:5e:50:75:63:
dc:f7:61:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZIqG34bUK3xkEJ3Uq/imeshPFI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzODhjMDJmOWFmNWI5ZDM5MjdiYTAwODkyM2ViYjY3MjU1Zjg4ZDc1ZWM1
Y2EzOTZkYjFmMTFjMTFmNGU3YmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALnPuI8NerRVJasQ8QFKEe4XflY0iyV/dkGzmI6a5XchleHZpCP5jegvw3cL
sz3wy3H2fOGMmypsUSfPBX2zMfstVJaj/nEWYXFSCuvmrzvgSxbE9k1wGii2m2Pz
h2d2eN6AYpgRH00l3TFZ3xlQwP56GybqOPkJgvZc8O0SoxrAJZ0GruL2GqGXI59T
vJjfRrrzOfiP2HfuuUeeAs+cvXtCN9uhlZxKLMzK+Vfw8ilHuiKchmWYgBU7NjMX
BHnuMJLSddeZogITgDGRBWDiAGPTUghBdFs9iL2sfPz5CjxwBIZCYUfJqmDrB5qk
7jDfDEtfG6I8bW9wa8z6QKHuxS0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRooxwJ
oMFaPbB/Uem5vR53xBGo1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDllYzk3Y2EtMDQ0ZS00Nzg1LWJkZDQtZmNmOWU4ZDUxNGNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQC/ZvymaWszks4NAchB7JCcQOFTjwYp5WzCPLgFmw62
/1CGEbxJnArdd2lu0S5ry3RxKOCmQrHsO4qVK1B5qeqmHt0U0o9Cjxlmh+YtA0wE
59/FuL9JSU70R5czvYWwAWH7nLk4YeDKTnlvMjb1jpuuY/ykv9xfXUJQB7bAUlJ3
zjUKyiwu1rVfMXpX6fh6ERyRqDXH79aWWfVc/u96H8fZmf42XayzknHoGw+9gWqF
DiRlGWljcfTkpsH4BiXX1ULGaqIkCx+pRaVf4ZmTAzuGwoNDzrpWKeIrR8S0gMgY
bh79QHBDHB5sVmCVfMR0Vl6p6tB3grzDuF5QdWPc92EP
-----END CERTIFICATE-----
Generated at Fri Oct 24 13:18:48 2025 by rpki-client