Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
File: 2b51d415-1366-43ea-8ce9-f13b63a2c827.roa (raw, json)
Hash identifier: BhEvzX+Wrdwdg3c3OTTfbkeumKsUf9Fk8GiiNflbQPY=
Subject key identifier: 6E:C3:A9:B7:10:95:CD:92:3A:2A:92:5B:7A:48:D0:71:30:E7:89:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DFC5DD529A2BB172316FCD75351D96199B45433
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
Signing time: Fri 24 Oct 2025 00:40:05 +0000
ROA not before: Fri 24 Oct 2025 00:40:05 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.45.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:fc:5d:d5:29:a2:bb:17:23:16:fc:d7:53:51:d9:61:99:b4:54:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:05 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=b99c494e20dabab44df62f3fcb3db3bd2c2e779a2dbd77ec63558ccfe44a60dc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ee:04:a6:56:f7:20:42:5c:26:52:84:92:19:
01:c7:81:e7:7b:9e:ee:51:af:b2:4c:8f:4d:7e:82:
76:f4:c0:d0:91:c7:d8:4e:14:8e:4b:80:de:0b:d0:
db:fd:b4:f4:e0:95:19:cb:f0:c5:23:30:40:ff:67:
d3:b1:57:63:e4:6f:d5:32:52:aa:d0:95:7d:03:f5:
7d:6f:f7:bc:2c:58:2d:da:4a:8f:e7:38:72:8a:f7:
03:cb:d6:a0:d4:8b:cb:b6:7f:a3:3a:c4:57:b3:e0:
87:e9:c3:88:58:8f:c1:7d:dd:1f:45:e2:89:d4:47:
e6:63:c9:ac:ac:07:82:b1:88:71:3d:fe:80:40:7b:
6a:9f:fa:07:f7:04:42:8e:1d:96:98:6d:e5:b1:54:
c7:03:a6:88:4a:c6:2a:60:b2:11:0e:9d:85:50:fc:
5d:38:24:3d:76:60:43:a2:53:99:24:d0:91:d7:6b:
d8:e5:cb:8b:83:55:19:a7:dc:5c:c1:ef:bf:3f:3c:
68:90:e6:a3:e3:b4:35:87:01:d7:25:d2:46:be:04:
12:79:42:1c:11:81:0f:2e:06:ce:c0:53:fd:56:a9:
2b:97:f0:45:06:43:a0:ca:81:f6:d2:e7:1a:be:ae:
81:ba:fb:93:27:b9:82:20:9e:21:60:e1:e3:35:95:
c9:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C3:A9:B7:10:95:CD:92:3A:2A:92:5B:7A:48:D0:71:30:E7:89:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2b51d415-1366-43ea-8ce9-f13b63a2c827.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.45.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ab:ae:db:80:cf:5f:38:d9:53:f3:c4:b2:97:7d:45:88:c9:12:
bc:80:35:12:5a:7c:32:81:f0:5b:53:6b:7f:04:6b:a8:0e:fb:
45:c1:c0:20:2f:fe:31:b1:a0:64:de:38:cc:71:a1:5a:6d:6e:
91:84:87:9d:48:58:7c:6a:95:c7:d0:3f:c0:e2:4a:90:b1:c2:
63:47:ae:ed:0f:88:9b:22:c7:03:51:e8:0f:18:7f:d5:89:92:
69:14:69:5e:e2:62:8a:0f:f7:ff:24:ee:d6:75:c2:70:31:57:
9a:fc:35:15:7a:4b:e1:22:ec:60:6b:c6:ca:bf:e1:82:6c:11:
c2:5a:67:be:c3:51:dd:82:6d:5d:e1:ea:8f:9d:52:43:2d:84:
1b:2e:5f:95:c9:00:e5:4b:4c:74:5a:79:02:d3:36:79:ff:bf:
62:23:98:13:49:29:c3:8e:85:b7:10:53:9c:ec:af:3e:8e:a7:
89:9a:69:8b:05:40:8e:e6:38:07:76:4a:c5:f7:52:e8:30:92:
f2:98:c6:95:42:d0:da:fb:70:1d:18:e4:5c:f8:1a:37:60:ad:
5b:7e:88:d0:5c:d7:f3:d5:aa:c6:3c:13:c1:a3:72:9e:2b:fa:
9b:5f:91:16:28:35:55:11:75:0a:f0:af:8a:85:61:36:b6:f5:
a9:40:50:b9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDfxd1SmiuxcjFvzXU1HZYZm0VDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMDVaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5OWM0OTRlMjBkYWJhYjQ0ZGY2MmYzZmNiM2RiM2JkMmMyZTc3OWEyZGJk
NzdlYzYzNTU4Y2NmZTQ0YTYwZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMPuBKZW9yBCXCZShJIZAceB53ue7lGvskyPTX6CdvTA0JHH2E4UjkuA3gvQ
2/209OCVGcvwxSMwQP9n07FXY+Rv1TJSqtCVfQP1fW/3vCxYLdpKj+c4cor3A8vW
oNSLy7Z/ozrEV7Pgh+nDiFiPwX3dH0XiidRH5mPJrKwHgrGIcT3+gEB7ap/6B/cE
Qo4dlpht5bFUxwOmiErGKmCyEQ6dhVD8XTgkPXZgQ6JTmSTQkddr2OXLi4NVGafc
XMHvvz88aJDmo+O0NYcB1yXSRr4EEnlCHBGBDy4GzsBT/VapK5fwRQZDoMqB9tLn
Gr6ugbr7kye5giCeIWDh4zWVyRkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRuw6m3
EJXNkjoqklt6SNBxMOeJdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmI1MWQ0MTUtMTM2Ni00M2VhLThjZTktZjEzYjYzYTJjODI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMtMA0G
CSqGSIb3DQEBCwUAA4IBAQCrrtuAz1842VPzxLKXfUWIyRK8gDUSWnwygfBbU2t/
BGuoDvtFwcAgL/4xsaBk3jjMcaFabW6RhIedSFh8apXH0D/A4kqQscJjR67tD4ib
IscDUegPGH/ViZJpFGle4mKKD/f/JO7WdcJwMVea/DUVekvhIuxga8bKv+GCbBHC
Wme+w1Hdgm1d4eqPnVJDLYQbLl+VyQDlS0x0WnkC0zZ5/79iI5gTSSnDjoW3EFOc
7K8+jqeJmmmLBUCO5jgHdkrF91LoMJLymMaVQtDa+3AdGORc+Bo3YK1bfojQXNfz
1arGPBPBo3KeK/qbX5EWKDVVEXUK8K+KhWE2tvWpQFC5
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:25:51 2025 by rpki-client