Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: /vl8NxAlLPTdsbsNcipRwXZaVeO8f/z6gg7P9fbaJjY=
Subject key identifier: 20:44:8F:4A:CC:35:6F:7F:83:A1:EC:2B:DF:62:A2:B4:0C:8C:1A:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C6FC40528BA2A671A5970B5D818D711147D8AA4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Fri 24 Oct 2025 00:40:07 +0000
ROA not before: Fri 24 Oct 2025 00:40:07 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:6f:c4:05:28:ba:2a:67:1a:59:70:b5:d8:18:d7:11:14:7d:8a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:07 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=d764cc871b7e73258e2ccbe8aeaf80303f5c9e53981d459a37763535be7c6978, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f9:54:93:65:72:11:b1:62:49:6f:12:59:15:
3a:7f:6f:59:17:61:e8:f7:43:00:6a:41:03:82:2f:
40:d5:6b:16:31:c0:85:74:61:99:f3:5c:40:72:b9:
fa:c9:7f:4d:e0:c8:d6:44:fd:dd:00:3f:c1:1e:0a:
1d:d2:15:dc:b8:62:94:56:01:31:55:02:57:23:0b:
87:35:63:c0:e1:60:55:c9:83:d5:51:c2:08:58:cd:
e2:b8:1d:c1:94:39:be:1b:b0:d0:76:87:68:7f:41:
e8:d3:d4:b3:0d:e6:10:cb:13:d8:3e:eb:c4:99:a5:
6b:a3:d1:f0:27:7a:7a:32:43:d6:4f:ba:41:ac:ad:
40:04:69:1b:bd:2e:54:d3:41:b3:4a:0c:6c:bb:95:
d7:a9:0e:f0:3d:13:f6:cf:14:b8:8c:d4:92:1a:bd:
9c:3c:3f:59:c6:f1:7e:f3:ea:9d:67:47:75:11:5e:
c4:df:1b:82:b3:56:a6:8c:d7:29:47:e6:6b:29:ff:
dc:fe:97:e0:57:97:32:07:ff:6f:2f:53:37:e1:30:
ee:d8:02:d0:44:80:40:2e:0b:f5:00:de:0f:12:62:
e1:4e:38:36:9c:8e:65:e1:f8:78:d7:43:cb:11:0a:
41:c6:4e:68:96:61:31:8e:00:11:6a:22:8a:49:88:
03:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:44:8F:4A:CC:35:6F:7F:83:A1:EC:2B:DF:62:A2:B4:0C:8C:1A:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:74:83:c8:4f:86:2a:84:05:5f:b2:e4:30:f2:05:eb:8e:0a:
03:be:8e:c6:10:00:8b:a3:ad:38:7b:d7:84:4f:41:44:fe:3f:
57:e8:61:e4:44:7f:12:6b:21:df:e3:a3:e3:70:4d:48:60:82:
50:ad:56:e1:c6:6d:a8:24:d8:3b:24:1e:70:53:d2:cd:48:2b:
1d:a2:c5:94:9f:75:34:a8:ef:4c:de:74:7f:d0:d3:6a:f7:bd:
73:14:82:48:a7:1d:86:58:8b:fc:ff:20:33:ca:98:fe:61:35:
e2:b8:70:77:ca:b5:50:9e:42:6b:3b:87:e5:1e:d0:3f:37:d3:
88:78:a5:65:35:1e:0f:3c:a2:3f:0e:de:f5:38:a6:15:96:79:
d9:1a:5a:34:73:f7:22:96:35:9f:41:e3:d4:81:64:d3:e5:e4:
51:cc:e6:75:2e:eb:1b:03:01:7b:b3:97:9e:cb:b7:7b:6b:4d:
08:53:04:1e:c5:5a:30:20:06:d8:8e:fb:a6:61:6e:e4:bf:ac:
8c:a4:58:8c:53:29:7e:50:8d:f5:a5:74:be:d8:c9:a8:d5:a1:
b0:81:4a:83:5d:11:1a:90:08:50:17:ee:80:67:af:13:18:c5:
8c:a1:d2:f7:a6:aa:f6:af:9c:00:16:e6:d1:36:09:66:f4:91:
eb:11:69:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbG/EBSi6KmcaWXC12BjXERR9iqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMDdaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ3NjRjYzg3MWI3ZTczMjU4ZTJjY2JlOGFlYWY4MDMwM2Y1YzllNTM5ODFk
NDU5YTM3NzYzNTM1YmU3YzY5NzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKX5VJNlchGxYklvElkVOn9vWRdh6PdDAGpBA4IvQNVrFjHAhXRhmfNcQHK5
+sl/TeDI1kT93QA/wR4KHdIV3LhilFYBMVUCVyMLhzVjwOFgVcmD1VHCCFjN4rgd
wZQ5vhuw0HaHaH9B6NPUsw3mEMsT2D7rxJmla6PR8Cd6ejJD1k+6QaytQARpG70u
VNNBs0oMbLuV16kO8D0T9s8UuIzUkhq9nDw/WcbxfvPqnWdHdRFexN8bgrNWpozX
KUfmayn/3P6X4FeXMgf/by9TN+Ew7tgC0ESAQC4L9QDeDxJi4U44NpyOZeH4eNdD
yxEKQcZOaJZhMY4AEWoiikmIA9kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQgRI9K
zDVvf4Oh7CvfYqK0DIwamTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQAOdIPIT4YqhAVfsuQw8gXrjgoDvo7GEACLo604e9eE
T0FE/j9X6GHkRH8SayHf46PjcE1IYIJQrVbhxm2oJNg7JB5wU9LNSCsdosWUn3U0
qO9M3nR/0NNq971zFIJIpx2GWIv8/yAzypj+YTXiuHB3yrVQnkJrO4flHtA/N9OI
eKVlNR4PPKI/Dt71OKYVlnnZGlo0c/ciljWfQePUgWTT5eRRzOZ1LusbAwF7s5ee
y7d7a00IUwQexVowIAbYjvumYW7kv6yMpFiMUyl+UI31pXS+2Mmo1aGwgUqDXREa
kAhQF+6AZ68TGMWModL3pqr2r5wAFubRNglm9JHrEWmn
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:06 2025 by rpki-client