Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: Y7TdqEdjXXE02YkPE0INSjmi7xePRu34MFoy9URYvT4=
Subject key identifier: 30:91:0F:EB:5F:6B:05:D5:88:53:50:C4:AC:02:B7:AE:0B:79:AF:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 794FAF803B3078261430C8AEFAE306211D101E6D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Sat 15 Nov 2025 06:40:32 +0000
ROA not before: Sat 15 Nov 2025 06:40:32 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:4f:af:80:3b:30:78:26:14:30:c8:ae:fa:e3:06:21:1d:10:1e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:32 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=4578c49bf3bc0334c52eb9195557f9a859aa22228c155e1626f1b52696d1632b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:86:3c:00:79:ee:ff:36:7d:99:14:c4:79:7a:
78:65:7f:03:79:79:3c:3f:09:03:c2:e8:61:7b:2f:
ae:a6:1d:fb:e5:89:fc:a4:1f:56:67:f5:33:34:bb:
e7:b4:05:3b:47:74:7c:86:3e:2f:c9:65:97:7c:3a:
7b:ca:0a:ae:b6:52:96:8e:4e:c8:71:28:1a:de:e8:
5e:b2:05:af:53:78:86:89:b7:27:ca:96:07:d0:30:
f1:24:49:a5:c3:ce:ab:91:fc:c4:e3:53:96:4c:c2:
6a:67:63:5c:ea:1a:60:72:39:db:c1:1b:a9:56:48:
13:3f:2e:d5:46:68:5c:3c:68:9a:41:38:73:4b:e5:
a7:ad:36:1b:b4:24:0b:3c:c1:74:19:ee:11:ca:22:
c1:f8:ad:8d:47:13:93:44:9b:f2:21:15:e8:67:b2:
cf:7f:27:b4:25:4b:7c:f5:b8:6f:02:66:d9:cb:5b:
10:56:c8:ed:66:9b:8b:c3:27:c9:77:1e:06:ac:81:
e9:6e:43:2e:db:ed:4f:df:89:ff:90:dc:f0:90:d6:
53:3c:e8:68:e1:72:3a:a6:ac:7e:1d:5b:a5:ab:c0:
0a:0e:ba:a0:db:0e:7f:2c:29:44:7b:c5:33:1a:18:
60:a8:ab:7a:02:61:ce:ca:5b:c8:72:ee:6c:62:ef:
60:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:91:0F:EB:5F:6B:05:D5:88:53:50:C4:AC:02:B7:AE:0B:79:AF:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:58:d1:79:87:8e:f4:24:fe:99:12:f4:ca:24:c0:ca:30:aa:
ea:bd:3d:a9:35:c2:18:e8:4e:f7:cc:88:ca:0b:f4:48:be:e1:
13:2b:29:55:b4:47:e2:8b:f6:a0:13:88:c4:89:ab:86:e2:f4:
16:96:d2:b6:c0:ce:0c:af:27:0d:d2:69:25:fc:1f:3c:6b:98:
3d:bd:0e:c7:a6:40:37:89:cb:7d:00:7c:13:4a:df:11:24:06:
e5:b7:05:22:25:d7:55:f8:43:47:dd:5c:06:94:03:88:ad:d2:
ad:e1:ec:85:e2:e5:58:35:75:9d:ce:22:46:eb:cf:82:cb:34:
2f:31:23:24:50:5c:6a:7b:54:48:3a:8b:32:51:60:5d:8a:3a:
cd:b0:3d:7b:e1:01:01:47:70:d1:9c:77:4e:87:f3:9b:b0:d7:
fc:6c:52:53:17:a2:f6:10:17:38:b5:27:58:ee:b5:9e:7a:bf:
2e:d5:5d:40:e3:35:cc:f6:c7:7d:fc:8b:75:9e:c2:d4:3f:47:
5d:ce:27:8a:f7:ec:04:02:2e:9c:d8:cb:39:2d:e3:3a:4e:1f:
40:24:78:ed:eb:8d:09:cb:bd:72:bf:1d:f4:96:a6:db:62:24:
19:bc:b4:84:e2:80:da:94:f8:36:65:a3:a2:58:92:74:4d:a8:
39:a7:4f:00
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeU+vgDsweCYUMMiu+uMGIR0QHm0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwMzJaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NzhjNDliZjNiYzAzMzRjNTJlYjkxOTU1NTdmOWE4NTlhYTIyMjI4YzE1
NWUxNjI2ZjFiNTI2OTZkMTYzMmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCGPAB57v82fZkUxHl6eGV/A3l5PD8JA8LoYXsvrqYd++WJ/KQfVmf1MzS7
57QFO0d0fIY+L8lll3w6e8oKrrZSlo5OyHEoGt7oXrIFr1N4hom3J8qWB9Aw8SRJ
pcPOq5H8xONTlkzCamdjXOoaYHI528EbqVZIEz8u1UZoXDxomkE4c0vlp602G7Qk
CzzBdBnuEcoiwfitjUcTk0Sb8iEV6Geyz38ntCVLfPW4bwJm2ctbEFbI7Wabi8Mn
yXceBqyB6W5DLtvtT9+J/5Dc8JDWUzzoaOFyOqasfh1bpavACg66oNsOfywpRHvF
MxoYYKiregJhzspbyHLubGLvYJ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQwkQ/r
X2sF1YhTUMSsAreuC3mvXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQCKWNF5h470JP6ZEvTKJMDKMKrqvT2pNcIY6E73zIjK
C/RIvuETKylVtEfii/agE4jEiauG4vQWltK2wM4MrycN0mkl/B88a5g9vQ7HpkA3
ict9AHwTSt8RJAbltwUiJddV+ENH3VwGlAOIrdKt4eyF4uVYNXWdziJG68+CyzQv
MSMkUFxqe1RIOosyUWBdijrNsD174QEBR3DRnHdOh/ObsNf8bFJTF6L2EBc4tSdY
7rWeer8u1V1A4zXM9sd9/It1nsLUP0ddzieK9+wEAi6c2Ms5LeM6Th9AJHjt640J
y71yvx30lqbbYiQZvLSE4oDalPg2ZaOiWJJ0Tag5p08A
-----END CERTIFICATE-----
Generated at Sat Nov 15 20:39:47 2025 by rpki-client