Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
File: 8551266c-ef98-4dd7-801f-d816ee2eeade.roa (raw, json)
Hash identifier: PaOAhC+UeKA5WxzGGA8+Eu3SpSHTOgdn+rTgI4yGEes=
Subject key identifier: 1A:A7:7D:2A:F5:23:82:7E:08:32:FA:56:F8:ED:08:B0:3B:FC:17:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EB38E75D58688F67EA10D52CC00461BF6E33398
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
Signing time: Tue 21 Oct 2025 15:00:05 +0000
ROA not before: Tue 21 Oct 2025 15:00:05 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:b3:8e:75:d5:86:88:f6:7e:a1:0d:52:cc:00:46:1b:f6:e3:33:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:05 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2e03d338373039473d82cc429675408a2e2a737eb193c240f3abc18856ac8ecc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0a:d0:3e:17:3f:7e:f3:01:7d:43:10:31:54:
19:15:20:db:5a:f1:2b:32:e0:4b:bd:51:cd:91:81:
e8:96:8a:9d:fe:8c:fd:54:2f:08:60:14:fd:5d:db:
3b:32:88:f5:01:ed:33:b5:cf:3a:30:c7:12:73:14:
a3:07:fa:b9:17:40:58:e1:5a:4d:cd:46:c9:24:5c:
6a:11:4f:53:5c:ea:ec:3c:ea:30:2b:7d:76:6a:61:
18:41:12:da:b4:b3:f8:25:3c:3d:bc:ed:a0:2e:a0:
fa:04:79:79:35:dc:72:b7:0a:cd:9a:8d:b5:40:85:
51:85:14:5a:34:d7:87:de:67:b7:ee:84:bc:23:a3:
ee:e3:79:32:32:09:e0:66:f6:4b:13:01:87:49:7c:
c9:bc:de:ba:88:c0:83:40:57:db:99:ef:b1:a8:8f:
8b:cd:4c:ca:0a:6c:6c:f5:f7:3d:ab:3d:33:cb:82:
23:14:a7:d0:0b:15:fb:06:98:e4:74:f5:ea:8a:e0:
74:57:95:e4:48:14:63:08:95:a5:0a:4e:91:7a:d9:
7a:10:07:66:71:83:fc:fc:b9:42:ec:5c:8f:64:ca:
97:a1:36:3c:54:a8:e8:78:74:c8:b9:4d:93:db:13:
9e:af:eb:fb:ad:66:2c:40:fd:8c:f3:7c:fb:84:d5:
29:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:A7:7D:2A:F5:23:82:7E:08:32:FA:56:F8:ED:08:B0:3B:FC:17:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8551266c-ef98-4dd7-801f-d816ee2eeade.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
14:8b:ae:35:b6:7b:bb:1b:c1:e9:f1:52:17:dd:43:4b:34:27:
71:2d:fd:25:3c:c7:f6:b5:f5:c4:23:1c:5c:d0:ea:e6:37:96:
83:95:b1:b8:08:0a:d5:5e:9c:12:43:87:54:e4:5b:ae:24:f0:
79:8f:e6:50:73:41:74:7b:13:e4:0f:2e:a8:47:8f:01:b7:7b:
09:6a:0f:30:b3:9a:b0:e4:53:22:86:28:b9:64:40:b9:9f:ce:
e0:70:28:b7:b8:79:af:ec:0e:e4:64:ea:fb:05:41:07:06:23:
72:7c:29:83:77:50:ab:2a:76:87:d9:81:ac:48:2a:e8:79:66:
85:a2:a4:30:26:f3:86:61:c1:25:b6:af:7d:11:f2:00:47:a8:
e4:41:1a:d7:c8:14:40:d9:e2:07:1d:df:23:b1:e9:b9:b0:92:
e0:ce:c6:bc:4f:51:47:e2:bd:f5:61:b2:9a:77:ef:c8:0d:b7:
ff:a4:0f:16:3e:a2:56:e5:8c:05:78:1d:a4:43:20:91:15:89:
9b:05:bd:20:b7:ab:e6:e8:a7:f0:ee:a0:4c:3c:29:f0:be:cd:
d3:3d:8d:06:89:3a:d8:31:8c:3a:21:c0:73:82:da:f6:2c:07:
14:55:55:aa:60:bc:2a:46:9d:74:87:bd:cf:5d:a3:03:bb:a0:
45:eb:62:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTrOOddWGiPZ+oQ1SzABGG/bjM5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMDNkMzM4MzczMDM5NDczZDgyY2M0Mjk2NzU0MDhhMmUyYTczN2ViMTkz
YzI0MGYzYWJjMTg4NTZhYzhlY2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMK0D4XP37zAX1DEDFUGRUg21rxKzLgS71RzZGB6JaKnf6M/VQvCGAU/V3b
OzKI9QHtM7XPOjDHEnMUowf6uRdAWOFaTc1GySRcahFPU1zq7DzqMCt9dmphGEES
2rSz+CU8PbztoC6g+gR5eTXccrcKzZqNtUCFUYUUWjTXh95nt+6EvCOj7uN5MjIJ
4Gb2SxMBh0l8ybzeuojAg0BX25nvsaiPi81MygpsbPX3Pas9M8uCIxSn0AsV+waY
5HT16orgdFeV5EgUYwiVpQpOkXrZehAHZnGD/Py5Quxcj2TKl6E2PFSo6Hh0yLlN
k9sTnq/r+61mLED9jPN8+4TVKV0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQap30q
9SOCfggy+lb47QiwO/wXCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODU1MTI2NmMtZWY5OC00ZGQ3LTgwMWYtZDgxNmVlMmVlYWRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQAUi641tnu7G8Hp8VIX3UNLNCdxLf0lPMf2tfXEIxxc
0OrmN5aDlbG4CArVXpwSQ4dU5FuuJPB5j+ZQc0F0exPkDy6oR48Bt3sJag8ws5qw
5FMihii5ZEC5n87gcCi3uHmv7A7kZOr7BUEHBiNyfCmDd1CrKnaH2YGsSCroeWaF
oqQwJvOGYcEltq99EfIAR6jkQRrXyBRA2eIHHd8jsem5sJLgzsa8T1FH4r31YbKa
d+/IDbf/pA8WPqJW5YwFeB2kQyCRFYmbBb0gt6vm6Kfw7qBMPCnwvs3TPY0GiTrY
MYw6IcBzgtr2LAcUVVWqYLwqRp10h73PXaMDu6BF62K6
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:43:46 2025 by rpki-client