Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
File: 2229ee03-08c0-4c87-acab-bbf5abf49264.roa (raw, json)
Hash identifier: N4XE+AL6e6448E8vPjw8j6rIVQ3y0gJu9S0lglx7Z6E=
Subject key identifier: 89:A2:17:C9:68:81:D4:38:5A:E9:12:B2:C5:AD:55:59:34:D0:50:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E52ABB616CC7200D1FBA9A9D35D21517191B8B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
Signing time: Fri 24 Oct 2025 00:40:09 +0000
ROA not before: Fri 24 Oct 2025 00:40:09 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.86.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:52:ab:b6:16:cc:72:00:d1:fb:a9:a9:d3:5d:21:51:71:91:b8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:09 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=1937f28e13faaf4d461393e9a94ec310fefa2e79645e259df5c5a73260cb2463, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c6:e2:72:6a:12:86:a7:e4:77:fe:ae:36:96:
4a:87:46:b5:11:76:63:ad:42:f9:d3:da:32:61:27:
e0:d8:f2:01:c9:25:30:f7:5d:95:97:4e:63:24:9c:
a8:e5:e3:66:82:9e:65:72:f2:5a:ed:a3:da:62:7f:
2a:60:01:92:8e:76:95:01:cb:4c:24:55:4c:5f:b9:
7a:9c:81:4d:cd:9c:7e:47:21:2c:50:dc:8f:bf:ac:
ca:16:d5:d4:d6:c4:5f:64:46:b3:7a:f7:6b:a2:7a:
71:99:96:00:6f:15:84:71:25:a1:97:b7:54:dd:b3:
fa:01:5a:98:2d:01:54:20:6e:16:36:c6:49:29:5a:
05:4d:50:5b:cf:82:f0:e8:a6:bc:4d:c1:7f:6d:c0:
e8:40:fe:22:62:b2:06:e1:42:69:4e:30:82:06:07:
c7:78:62:83:ae:11:f3:00:d7:93:45:20:cf:e6:73:
21:92:43:a9:d2:d3:bb:53:45:bd:6a:82:e9:4b:31:
bc:7d:3f:d2:f0:d4:7b:87:16:bd:61:ca:1b:52:0c:
67:1b:7d:a1:6e:2b:1e:0e:96:ab:2d:a4:d4:cd:3e:
c3:3b:8d:57:0b:20:2c:9d:0d:e6:d4:84:88:29:a8:
cf:0f:7c:e7:67:81:84:1a:af:94:ed:02:09:49:24:
1b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A2:17:C9:68:81:D4:38:5A:E9:12:B2:C5:AD:55:59:34:D0:50:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2229ee03-08c0-4c87-acab-bbf5abf49264.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.86.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9c:ce:86:7b:b4:cb:ec:36:00:46:16:21:7a:96:ba:11:73:10:
c1:92:39:84:9e:fc:ba:0f:98:3a:ce:97:99:4d:45:65:ce:84:
16:c5:9d:65:64:d5:15:5d:b1:c8:56:d3:24:2a:30:a4:27:f2:
88:0a:8c:a7:72:79:4b:04:5e:a0:c3:79:bf:05:3f:6a:c2:04:
a7:43:7b:5e:ad:40:3c:35:c5:1b:33:d4:f8:ae:1d:3a:78:18:
35:ea:db:8b:1d:ef:41:54:3f:27:30:db:b9:4d:9f:03:53:f1:
f5:49:98:b6:ed:72:29:e1:ae:74:b2:14:83:76:35:ff:7a:e3:
4f:55:49:e3:f9:16:37:c2:92:6a:e9:4d:57:fc:67:71:8c:f3:
0f:ec:50:ce:c2:e5:51:f0:4b:0a:f7:c6:a4:11:95:83:aa:c5:
19:c5:e9:70:7c:bf:98:19:da:36:11:20:87:38:b6:6e:0e:e3:
5b:a3:66:93:ae:f5:00:be:d0:f2:64:7a:cd:ec:43:9a:54:01:
d9:8c:44:18:4d:01:b1:53:d1:67:f3:fc:bd:85:c5:63:0d:6b:
d4:b8:3e:a9:df:e2:58:7d:d1:de:c2:e1:4d:94:3b:96:7c:f9:
e4:82:ce:3b:de:52:61:de:d3:5d:04:e6:15:18:a0:6f:4f:c9:
f5:de:5e:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHlKrthbMcgDR+6mp010hUXGRuLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMDlaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE5MzdmMjhlMTNmYWFmNGQ0NjEzOTNlOWE5NGVjMzEwZmVmYTJlNzk2NDVl
MjU5ZGY1YzVhNzMyNjBjYjI0NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANDG4nJqEoan5Hf+rjaWSodGtRF2Y61C+dPaMmEn4NjyAcklMPddlZdOYySc
qOXjZoKeZXLyWu2j2mJ/KmABko52lQHLTCRVTF+5epyBTc2cfkchLFDcj7+syhbV
1NbEX2RGs3r3a6J6cZmWAG8VhHEloZe3VN2z+gFamC0BVCBuFjbGSSlaBU1QW8+C
8OimvE3Bf23A6ED+ImKyBuFCaU4wggYHx3hig64R8wDXk0Ugz+ZzIZJDqdLTu1NF
vWqC6UsxvH0/0vDUe4cWvWHKG1IMZxt9oW4rHg6Wqy2k1M0+wzuNVwsgLJ0N5tSE
iCmozw9852eBhBqvlO0CCUkkG6ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSJohfJ
aIHUOFrpErLFrVVZNNBQ+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjIyOWVlMDMtMDhjMC00Yzg3LWFjYWItYmJmNWFiZjQ5MjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNWMA0G
CSqGSIb3DQEBCwUAA4IBAQCczoZ7tMvsNgBGFiF6lroRcxDBkjmEnvy6D5g6zpeZ
TUVlzoQWxZ1lZNUVXbHIVtMkKjCkJ/KICoyncnlLBF6gw3m/BT9qwgSnQ3terUA8
NcUbM9T4rh06eBg16tuLHe9BVD8nMNu5TZ8DU/H1SZi27XIp4a50shSDdjX/euNP
VUnj+RY3wpJq6U1X/GdxjPMP7FDOwuVR8EsK98akEZWDqsUZxelwfL+YGdo2ESCH
OLZuDuNbo2aTrvUAvtDyZHrN7EOaVAHZjEQYTQGxU9Fn8/y9hcVjDWvUuD6p3+JY
fdHewuFNlDuWfPnkgs473lJh3tNdBOYVGKBvT8n13l5j
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:44:46 2025 by rpki-client