Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: ajaXTiZMF7I3VPPSGLT3W9VG+I/XwUyIkmYkyUgtdME=
Subject key identifier: 66:7D:59:8C:B4:BC:6A:E0:5D:35:15:A7:67:88:8B:97:F0:41:35:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6A67DAC27257204A05E439CC2E9B608857AEF3FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Fri 26 Sep 2025 20:39:55 +0000
ROA not before: Fri 26 Sep 2025 20:39:55 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:67:da:c2:72:57:20:4a:05:e4:39:cc:2e:9b:60:88:57:ae:f3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:55 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=e080aac96b307dcbf3e0349726e52c802413e1c3ffd6aca1384f558a0a3cd3f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:26:ad:8f:07:ef:e3:93:e7:f0:eb:89:51:b7:
b6:ed:50:b2:96:2a:e4:42:38:af:7b:8f:2c:0c:d4:
71:02:1b:40:25:de:f4:0c:4a:3e:da:71:3d:dd:2b:
a8:c7:51:72:59:09:30:b9:2b:00:8a:4b:72:64:5c:
46:a1:58:f9:58:21:72:ee:d6:42:59:65:3c:c2:2c:
9d:57:6f:1b:c1:47:7f:c3:d5:93:b6:da:28:f8:df:
68:e9:d6:81:d0:82:f8:8e:ef:c1:5d:1d:f9:0e:87:
11:53:68:4f:00:f5:92:9b:1e:aa:3e:60:5e:f3:22:
73:e5:b6:07:41:5f:fa:d4:87:e5:93:31:e6:72:b7:
4d:13:06:a1:e2:96:65:f7:09:b0:33:96:19:df:70:
8a:16:57:36:63:2d:86:d1:70:cf:e1:8b:a2:7d:f0:
04:b5:72:00:e4:d9:e4:58:b5:6a:5b:de:57:81:95:
91:f3:c4:7f:bd:67:b0:d9:4e:c8:1d:0b:a1:ba:eb:
b7:a8:03:b8:fb:bc:37:e1:0f:0f:8b:c2:89:c6:0d:
72:92:fa:32:fe:67:f1:ac:af:47:c8:81:2c:f5:d1:
ca:0b:2c:b1:d7:be:1b:b0:ff:2a:42:00:43:23:93:
17:6e:c7:c0:ea:27:db:fd:e5:cd:01:fc:fb:5a:dc:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7D:59:8C:B4:BC:6A:E0:5D:35:15:A7:67:88:8B:97:F0:41:35:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
46:32:a9:d8:22:c8:88:db:c1:9d:ac:3c:43:e4:a4:d7:31:6b:
72:c4:49:d0:55:79:ca:04:fb:43:3d:b1:a4:97:6b:94:68:21:
90:bf:a3:8b:46:75:a6:d9:e2:19:0c:ea:1b:8c:78:9e:a7:5b:
77:7e:29:3f:9e:6b:ac:c8:d7:d2:6d:52:3c:a0:5c:4c:c3:86:
73:7a:42:08:e3:2f:25:e6:2b:2a:d0:e2:cd:5d:79:12:10:9c:
2c:dd:2f:0e:80:8f:80:a2:db:79:8a:88:4d:9a:d9:1a:10:13:
a2:d0:4b:aa:9f:e8:9f:c7:34:7a:99:91:8b:da:57:15:e9:0f:
e1:6c:7e:89:f8:d9:97:b0:ad:ac:d9:a8:3c:c1:90:be:a3:5b:
53:b8:9b:4b:e7:a3:84:b0:f4:d8:bf:c7:a6:e4:bd:0f:da:c2:
7d:05:de:69:b4:a5:94:db:dd:5a:c0:a9:8f:cf:d8:09:52:ed:
5b:d3:cc:75:34:d2:a9:93:3d:91:c7:f8:f1:24:e7:f2:ec:6a:
cd:3f:ae:6c:7c:94:3d:51:4c:1d:e9:7b:24:9c:97:d5:18:6d:
41:d2:91:c7:4d:21:ec:bf:40:9b:e4:4b:72:ef:ad:39:bd:07:
ec:3a:43:4d:c7:95:5d:dd:64:99:f4:7b:93:1d:89:3e:35:6a:
e8:60:07:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUamfawnJXIEoF5DnMLptgiFeu8/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwODBhYWM5NmIzMDdkY2JmM2UwMzQ5NzI2ZTUyYzgwMjQxM2UxYzNmZmQ2
YWNhMTM4NGY1NThhMGEzY2QzZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsmrY8H7+OT5/DriVG3tu1QspYq5EI4r3uPLAzUcQIbQCXe9AxKPtpxPd0r
qMdRclkJMLkrAIpLcmRcRqFY+Vghcu7WQlllPMIsnVdvG8FHf8PVk7baKPjfaOnW
gdCC+I7vwV0d+Q6HEVNoTwD1kpseqj5gXvMic+W2B0Ff+tSH5ZMx5nK3TRMGoeKW
ZfcJsDOWGd9wihZXNmMthtFwz+GLon3wBLVyAOTZ5Fi1alveV4GVkfPEf71nsNlO
yB0Lobrrt6gDuPu8N+EPD4vCicYNcpL6Mv5n8ayvR8iBLPXRygsssde+G7D/KkIA
QyOTF27HwOon2/3lzQH8+1rc4c0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmfVmM
tLxq4F01FadniIuX8EE10jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBGMqnYIsiI28GdrDxD5KTXMWtyxEnQVXnKBPtDPbGk
l2uUaCGQv6OLRnWm2eIZDOobjHiep1t3fik/nmusyNfSbVI8oFxMw4ZzekII4y8l
5isq0OLNXXkSEJws3S8OgI+Aott5iohNmtkaEBOi0Euqn+ifxzR6mZGL2lcV6Q/h
bH6J+NmXsK2s2ag8wZC+o1tTuJtL56OEsPTYv8em5L0P2sJ9Bd5ptKWU291awKmP
z9gJUu1b08x1NNKpkz2Rx/jxJOfy7GrNP65sfJQ9UUwd6XsknJfVGG1B0pHHTSHs
v0Cb5Ety7605vQfsOkNNx5Vd3WSZ9HuTHYk+NWroYAcR
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:04:35 2025 by rpki-client