Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
File: ef3e6945-57bf-41fe-9e98-2db6c2800547.roa (raw, json)
Hash identifier: bKTIZ+jcYPEnJWq2gttYOa7EQEHLLGeFKMFDd7gCGnk=
Subject key identifier: D8:17:9E:12:54:EE:D2:29:7A:B0:39:9F:6A:C9:B2:3D:79:1B:EB:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F38A33B379542FB1C9D2CC9B4F549606EF955E1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
Signing time: Fri 26 Sep 2025 20:20:41 +0000
ROA not before: Fri 26 Sep 2025 20:20:41 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.208.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 22:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:38:a3:3b:37:95:42:fb:1c:9d:2c:c9:b4:f5:49:60:6e:f9:55:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:41 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ee363108f6ac012a15dcc93767f997edb35a5344bc337f958c73cc2be9150abe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:40:f0:22:cb:89:95:cf:d5:09:b0:40:7d:
1b:5f:77:9d:14:21:90:62:74:84:08:f9:71:fd:33:
bb:29:f0:ac:30:e0:d1:8f:0c:1d:7a:cf:6d:54:00:
32:b7:d2:8f:dd:ad:cb:84:a5:d8:b1:77:74:a8:55:
20:3f:83:cc:56:c2:91:00:e3:a6:60:24:32:7d:cc:
ba:ca:91:32:4f:1e:08:2a:bc:f4:1c:28:51:63:6a:
f0:17:6f:51:6b:e9:c7:82:e6:c7:a6:09:45:70:31:
17:89:a8:1a:c4:a9:dd:59:c1:9c:53:d2:34:49:4f:
0b:e1:40:55:3a:25:10:9b:66:f1:27:2d:5e:8b:e6:
d0:0e:ad:b8:2f:ec:50:11:a5:ce:46:05:f3:4a:63:
cd:97:68:f0:3d:f0:a9:10:08:a1:fd:69:19:5c:30:
fa:43:46:57:c5:c3:bd:b6:b6:e3:e3:5f:ea:c2:57:
db:99:07:de:6e:f6:b6:dc:81:cf:2f:c5:f7:3f:3a:
db:92:c8:a1:aa:0f:c3:1e:24:17:52:0f:b6:67:fe:
9d:ea:b9:76:2d:16:eb:f3:90:21:48:a3:64:4d:09:
4d:b0:67:15:fe:ec:7d:e4:ea:0d:f0:b0:ae:57:e7:
4f:b3:77:cb:a8:e1:e6:13:f4:38:d3:de:ee:ec:75:
4d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:17:9E:12:54:EE:D2:29:7A:B0:39:9F:6A:C9:B2:3D:79:1B:EB:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ef3e6945-57bf-41fe-9e98-2db6c2800547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ad:87:f4:eb:a9:43:35:0d:23:4e:bd:65:af:80:9d:87:48:7e:
f8:55:34:1e:e2:e8:be:2e:a6:7f:41:24:0d:4f:f2:81:c6:cf:
05:eb:23:e2:46:11:3e:fa:1e:df:22:2c:7b:e2:b0:69:bb:7e:
f0:26:52:9c:9b:99:76:fc:69:9f:e2:ef:6e:b2:42:55:4d:4f:
55:9c:c1:3b:bd:cc:91:f2:f1:82:bd:63:ae:f0:2a:e6:e4:b9:
09:b6:d2:fa:fc:bb:ca:87:e2:5c:d2:f5:2f:d5:5f:f4:2c:ff:
e3:98:f8:4b:38:36:c2:67:13:f8:f1:19:8c:af:96:c2:79:f4:
3f:b7:62:f9:07:02:56:1b:0f:33:d4:c8:07:f7:ad:99:c7:f8:
28:a5:4d:e7:63:81:a9:19:dd:dd:35:dd:6e:b4:57:0b:ac:ae:
0f:1c:da:0c:03:56:ca:d6:dc:40:e6:4c:e3:ca:72:3d:e2:3f:
54:71:2f:cc:f5:15:4c:17:94:6a:46:66:c6:62:24:bb:6f:e9:
ab:09:7d:bf:0a:cf:ea:58:2b:ca:c7:d3:3d:2c:f6:93:31:15:
13:51:d5:a2:0e:26:ad:0e:1a:28:50:40:12:89:7b:24:92:9c:
80:7c:68:4f:99:e5:65:5a:b1:e2:7e:f7:41:d3:a7:97:7f:54:
2d:4b:a9:79
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDzijOzeVQvscnSzJtPVJYG75VeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNDFaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMzYzMTA4ZjZhYzAxMmExNWRjYzkzNzY3Zjk5N2VkYjM1YTUzNDRiYzMz
N2Y5NThjNzNjYzJiZTkxNTBhYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALWSQPAiy4mVz9UJsEB9G193nRQhkGJ0hAj5cf0zuynwrDDg0Y8MHXrPbVQA
MrfSj92ty4Sl2LF3dKhVID+DzFbCkQDjpmAkMn3MusqRMk8eCCq89BwoUWNq8Bdv
UWvpx4Lmx6YJRXAxF4moGsSp3VnBnFPSNElPC+FAVTolEJtm8SctXovm0A6tuC/s
UBGlzkYF80pjzZdo8D3wqRAIof1pGVww+kNGV8XDvba24+Nf6sJX25kH3m72ttyB
zy/F9z8625LIoaoPwx4kF1IPtmf+neq5di0W6/OQIUijZE0JTbBnFf7sfeTqDfCw
rlfnT7N3y6jh5hP0ONPe7ux1TccCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTYF54S
VO7SKXqwOZ9qybI9eRvrQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWYzZTY5NDUtNTdiZi00MWZlLTllOTgtMmRiNmMyODAwNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPQMA0G
CSqGSIb3DQEBCwUAA4IBAQCth/TrqUM1DSNOvWWvgJ2HSH74VTQe4ui+LqZ/QSQN
T/KBxs8F6yPiRhE++h7fIix74rBpu37wJlKcm5l2/Gmf4u9uskJVTU9VnME7vcyR
8vGCvWOu8Crm5LkJttL6/LvKh+Jc0vUv1V/0LP/jmPhLODbCZxP48RmMr5bCefQ/
t2L5BwJWGw8z1MgH962Zx/gopU3nY4GpGd3dNd1utFcLrK4PHNoMA1bK1txA5kzj
ynI94j9UcS/M9RVMF5RqRmbGYiS7b+mrCX2/Cs/qWCvKx9M9LPaTMRUTUdWiDiat
DhooUEASiXskkpyAfGhPmeVlWrHifvdB06eXf1QtS6l5
-----END CERTIFICATE-----
Generated at Thu Oct 16 06:56:50 2025 by rpki-client