Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
File: 83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa (raw, json)
Hash identifier: a0kqoIn+VOjCy5i/4sUC/JRdd8sbct9vhBkKyuIn/Yg=
Subject key identifier: 8B:AB:BF:F4:D8:38:79:DC:FC:47:D7:D1:08:81:DD:35:CB:B6:F6:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 50E9A68C54A4745D5296E10FC709735F8CE2BF07
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
Signing time: Tue 21 Oct 2025 14:50:22 +0000
ROA not before: Tue 21 Oct 2025 14:50:22 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.150.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:e9:a6:8c:54:a4:74:5d:52:96:e1:0f:c7:09:73:5f:8c:e2:bf:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:22 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=cbc416c02c1da7c2d4abca75afa91fc475b8afb768e75daf6e80e6157baf9258, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:de:6c:8b:7c:5e:4a:ea:23:b9:fa:b9:4d:01:
24:1c:80:de:0b:0c:fa:69:43:1b:1f:14:c3:66:21:
2b:c8:4f:2b:ff:4b:13:d6:f9:6d:a1:0a:04:eb:78:
a6:48:cf:40:b4:16:56:18:c7:0f:54:3b:e6:f7:f4:
c2:07:dd:ea:32:f4:98:59:f5:0d:67:18:91:95:f5:
a0:79:53:69:2e:99:19:82:77:22:1f:eb:bd:a2:34:
ac:94:a1:21:b6:d9:12:43:e8:aa:49:fa:c1:7c:87:
87:e3:bc:be:55:3d:1d:e6:ef:74:17:57:b6:65:8f:
a9:62:4a:da:50:5b:cf:6e:1d:cb:b6:2c:89:6b:b6:
4a:01:d6:98:98:f3:41:6c:87:c4:21:f4:90:95:ac:
e9:93:53:68:84:72:26:4d:70:c4:46:b1:0e:f8:29:
9e:e8:d6:6e:e9:da:33:10:a2:c5:eb:3c:66:b1:4b:
7f:c8:df:c2:8e:00:f9:9f:f7:e9:cb:7b:e6:6f:87:
c0:b7:d3:50:03:43:55:84:83:2f:4e:9f:16:d6:d3:
92:d1:52:62:07:84:0f:07:75:2e:da:51:51:61:ec:
cc:14:07:2b:f0:ff:24:db:f4:2b:6c:87:8c:bc:73:
f4:5b:7a:27:63:e1:b2:41:d4:7d:36:e3:ec:68:96:
6c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:AB:BF:F4:D8:38:79:DC:FC:47:D7:D1:08:81:DD:35:CB:B6:F6:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83c9f9c4-39a2-4f5f-9188-1a9e0dccf209.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.150.0.0/16
Signature Algorithm: sha256WithRSAEncryption
07:c0:99:5b:a7:fa:a2:86:5c:6f:71:12:58:7c:b2:8e:d8:84:
ac:43:62:3e:c4:82:7c:93:ed:29:4b:81:04:84:90:63:1c:06:
07:5d:5a:fc:81:57:28:36:59:bf:ae:88:f7:cf:f8:e3:dd:7a:
c2:1c:79:4c:dc:23:22:40:1f:ed:78:1e:20:43:bc:47:76:56:
9e:3e:e0:d8:e2:5c:73:f1:e4:c0:53:51:51:0a:08:eb:5a:25:
bd:89:d6:36:0a:48:c3:af:c7:4b:7e:b3:7b:66:6d:df:0a:ad:
da:fe:85:6b:06:81:a9:7a:5f:c0:13:0e:63:c0:12:dc:e1:04:
7b:2e:f5:22:41:56:1b:78:4a:90:f7:2b:ff:d1:73:42:bd:ee:
1d:f2:e8:2c:42:be:f8:1f:41:ec:5e:7b:60:ca:19:57:77:1f:
4f:37:e1:c1:15:86:82:39:0c:8f:68:2f:1b:59:92:1d:42:06:
f4:b4:d4:46:37:33:8a:3e:5c:1c:67:e8:1c:32:4e:8b:98:75:
c3:b4:74:9a:a8:81:cf:64:7b:b2:f3:1f:62:8d:00:95:5c:64:
65:3c:7f:12:f9:58:80:07:4a:06:c0:86:f1:b9:30:ec:ec:55:
7f:26:c8:f8:cf:f7:34:f8:97:b0:ab:f8:d4:d9:ba:96:a6:0b:
a0:ed:cc:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUOmmjFSkdF1SluEPxwlzX4zivwcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMjJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiYzQxNmMwMmMxZGE3YzJkNGFiY2E3NWFmYTkxZmM0NzViOGFmYjc2OGU3
NWRhZjZlODBlNjE1N2JhZjkyNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXebIt8XkrqI7n6uU0BJByA3gsM+mlDGx8Uw2YhK8hPK/9LE9b5baEKBOt4
pkjPQLQWVhjHD1Q75vf0wgfd6jL0mFn1DWcYkZX1oHlTaS6ZGYJ3Ih/rvaI0rJSh
IbbZEkPoqkn6wXyHh+O8vlU9HebvdBdXtmWPqWJK2lBbz24dy7YsiWu2SgHWmJjz
QWyHxCH0kJWs6ZNTaIRyJk1wxEaxDvgpnujWbunaMxCixes8ZrFLf8jfwo4A+Z/3
6ct75m+HwLfTUANDVYSDL06fFtbTktFSYgeEDwd1LtpRUWHszBQHK/D/JNv0K2yH
jLxz9Ft6J2PhskHUfTbj7GiWbMcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSLq7/0
2Dh53PxH19EIgd01y7b2+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNjOWY5YzQtMzlhMi00ZjVmLTkxODgtMWE5ZTBkY2NmMjA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOWMA0G
CSqGSIb3DQEBCwUAA4IBAQAHwJlbp/qihlxvcRJYfLKO2ISsQ2I+xIJ8k+0pS4EE
hJBjHAYHXVr8gVcoNlm/roj3z/jj3XrCHHlM3CMiQB/teB4gQ7xHdlaePuDY4lxz
8eTAU1FRCgjrWiW9idY2CkjDr8dLfrN7Zm3fCq3a/oVrBoGpel/AEw5jwBLc4QR7
LvUiQVYbeEqQ9yv/0XNCve4d8ugsQr74H0HsXntgyhlXdx9PN+HBFYaCOQyPaC8b
WZIdQgb0tNRGNzOKPlwcZ+gcMk6LmHXDtHSaqIHPZHuy8x9ijQCVXGRlPH8S+ViA
B0oGwIbxuTDs7FV/Jsj4z/c0+Jewq/jU2bqWpgug7czR
-----END CERTIFICATE-----
Generated at Sat Oct 25 15:35:42 2025 by rpki-client