Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
File: fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa (raw, json)
Hash identifier: tf3y9irvy7mbZCU3xn0onLyyjIVnVjM3Fo77ZntV88w=
Subject key identifier: B3:A2:B2:BE:F4:79:8D:CB:4D:40:AB:4A:DC:22:D0:8B:C8:B1:FB:39
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B62CEFA409207CC5044CC4875C1D3225761936A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
Signing time: Fri 26 Sep 2025 20:39:53 +0000
ROA not before: Fri 26 Sep 2025 20:39:53 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 00:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:62:ce:fa:40:92:07:cc:50:44:cc:48:75:c1:d3:22:57:61:93:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:53 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=d7af4a1259f2b981792238a24da4df3458f3bdbe48b518eafc1288d2e24a1ecb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:74:64:a7:dc:23:7a:c3:58:6b:2f:6a:3b:
d4:b5:d2:a3:1c:d8:00:8b:98:4e:70:22:62:de:b5:
86:d5:4e:c6:31:9b:31:a3:d0:f2:81:b5:29:42:1b:
35:47:b5:47:25:28:03:e0:12:d8:fe:95:de:8e:ce:
9e:dd:b4:a1:ca:1a:7b:d8:37:b6:21:65:d1:12:5e:
4e:a0:16:62:5c:df:53:fe:60:80:43:77:3e:57:7d:
73:ce:ff:95:36:4f:d4:60:83:2f:b5:c0:2f:50:34:
ae:72:2a:c9:7b:99:58:b7:9a:39:60:5a:c6:52:4a:
f5:96:da:9e:85:d9:ea:f1:13:47:a8:3e:9b:59:d6:
b4:97:c9:69:a6:46:32:b5:f4:35:bb:f3:c5:93:67:
94:6d:14:68:6c:de:e2:70:05:a7:3a:71:0c:4b:68:
86:0d:f9:68:d2:2f:72:44:4b:bf:4d:e2:44:52:d3:
12:b2:13:87:17:a3:9e:07:95:18:b4:cf:58:83:02:
fe:e9:5a:cb:31:e6:b4:68:3b:21:7a:fa:da:36:d6:
6f:68:6c:67:5f:6d:f4:66:b7:45:20:5b:3d:7f:94:
b8:8c:8a:b6:ef:d6:88:96:c9:32:35:6e:ec:ca:17:
98:42:e3:7a:d7:9b:7a:71:49:ea:de:da:bb:46:0f:
2b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:A2:B2:BE:F4:79:8D:CB:4D:40:AB:4A:DC:22:D0:8B:C8:B1:FB:39
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fa9f76b3-644f-4e7b-96b8-a50117fd4d67.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:43:e5:96:c4:ab:2e:18:dd:a1:58:0e:9d:47:a3:ff:f5:34:
15:3e:06:eb:1d:bc:27:91:d7:33:08:7b:62:b3:ef:97:b0:83:
60:e6:db:08:82:9f:e4:3f:62:42:c9:15:95:ec:4e:64:41:b0:
f0:2e:df:ea:eb:ff:97:27:e6:3a:33:17:44:de:63:43:52:72:
b0:15:94:7f:02:a3:f8:69:61:b9:3b:e9:a7:92:3e:13:ef:56:
94:b0:32:cb:e8:c0:c8:8c:76:f3:a5:93:21:bb:a1:81:00:69:
14:a9:2b:d3:7c:29:77:8d:5a:b9:1a:87:cb:06:d5:2e:1a:49:
84:31:fa:fb:70:bf:b2:6e:7c:30:47:ad:a4:23:d9:c1:c2:16:
2e:17:ea:12:02:d2:0c:62:bf:b2:18:7f:07:70:30:58:e1:c7:
41:52:88:50:e7:8a:38:57:f2:12:90:2f:22:34:2d:00:18:eb:
3d:25:c9:5c:83:4c:50:a7:5a:7b:4f:99:00:be:86:56:a4:af:
a8:39:53:de:49:2c:b9:09:f7:68:4c:45:6c:4d:9c:57:ef:71:
09:49:03:30:c9:f6:90:42:d8:f0:90:e9:d5:ef:c3:8e:1a:9f:
01:43:b5:40:89:7a:dc:71:4e:3d:b8:0f:3e:55:00:fc:b2:fd:
08:1a:a6:96
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC2LO+kCSB8xQRMxIdcHTIldhk2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NTNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3YWY0YTEyNTlmMmI5ODE3OTIyMzhhMjRkYTRkZjM0NThmM2JkYmU0OGI1
MThlYWZjMTI4OGQyZTI0YTFlY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5SdGSn3CN6w1hrL2o71LXSoxzYAIuYTnAiYt61htVOxjGbMaPQ8oG1KUIb
NUe1RyUoA+AS2P6V3o7Ont20ocoae9g3tiFl0RJeTqAWYlzfU/5ggEN3Pld9c87/
lTZP1GCDL7XAL1A0rnIqyXuZWLeaOWBaxlJK9ZbanoXZ6vETR6g+m1nWtJfJaaZG
MrX0NbvzxZNnlG0UaGze4nAFpzpxDEtohg35aNIvckRLv03iRFLTErIThxejngeV
GLTPWIMC/ulayzHmtGg7IXr62jbWb2hsZ19t9Ga3RSBbPX+UuIyKtu/WiJbJMjVu
7MoXmELjetebenFJ6t7au0YPK8cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSzorK+
9HmNy01Aq0rcItCLyLH7OTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmE5Zjc2YjMtNjQ0Zi00ZTdiLTk2YjgtYTUwMTE3ZmQ0ZDY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQCMQ+WWxKsuGN2hWA6dR6P/9TQVPgbrHbwnkdczCHti
s++XsINg5tsIgp/kP2JCyRWV7E5kQbDwLt/q6/+XJ+Y6MxdE3mNDUnKwFZR/AqP4
aWG5O+mnkj4T71aUsDLL6MDIjHbzpZMhu6GBAGkUqSvTfCl3jVq5GofLBtUuGkmE
Mfr7cL+ybnwwR62kI9nBwhYuF+oSAtIMYr+yGH8HcDBY4cdBUohQ54o4V/ISkC8i
NC0AGOs9Jclcg0xQp1p7T5kAvoZWpK+oOVPeSSy5CfdoTEVsTZxX73EJSQMwyfaQ
QtjwkOnV78OOGp8BQ7VAiXrccU49uA8+VQD8sv0IGqaW
-----END CERTIFICATE-----
Generated at Fri Oct 17 06:16:07 2025 by rpki-client