Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: xP4OLjgVZarjLFnR1lVVU2k53cTUMqrCM8jrrVktSac=
Subject key identifier: 10:47:84:D4:6C:68:38:C0:45:CC:FF:61:C3:4B:01:74:95:79:3C:23
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2DB5E6EDABC6BCDC1E985EC4410C3A54744E73FD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Tue 05 Aug 2025 20:30:07 +0000
ROA not before: Tue 05 Aug 2025 20:30:07 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:b5:e6:ed:ab:c6:bc:dc:1e:98:5e:c4:41:0c:3a:54:74:4e:73:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:07 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f174fb800b23a1c560f50fb726bc61128073728c7b0a0221e43c5de382341826, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7f:40:da:6a:c9:d7:73:b8:a4:f4:62:49:35:
ab:4a:2a:e8:29:5d:7a:30:4c:24:a2:e4:f3:c1:57:
4d:87:4b:3d:e3:9a:60:9c:b7:5f:b0:ec:09:6d:8b:
5d:f2:f9:59:5c:03:a2:55:32:3f:e3:71:86:26:be:
ec:23:e6:ef:5c:02:b7:c2:a6:a0:e8:7c:07:c4:ec:
fd:0c:2e:ea:03:66:27:be:bf:ad:63:a4:ca:2f:0c:
e7:f3:a2:b5:25:d5:a5:e3:0f:67:28:ea:2a:33:0a:
e7:93:f9:11:ed:8c:c4:34:27:26:62:5c:6b:0c:49:
2d:25:2c:92:c1:d7:0f:26:85:fd:c1:ef:91:34:03:
bd:b9:43:c3:40:b9:75:de:3a:0f:4f:80:e7:c1:46:
61:09:17:ba:3c:18:ae:14:7c:b1:97:c9:7a:6b:77:
23:a1:5c:69:f9:e8:53:3f:70:39:13:76:0c:d4:18:
67:e5:67:fb:9c:9a:c7:2e:9d:98:78:59:93:99:f6:
7f:8a:d2:3a:e2:d1:bc:0e:52:78:9e:1a:ef:c4:73:
73:d3:c3:41:68:21:31:1a:24:15:ab:ec:a4:cb:fa:
c3:9b:25:3f:4b:c0:ff:99:00:f9:26:55:57:4a:f0:
ec:b5:13:a1:1f:f1:a7:7e:66:0f:2b:51:52:1d:88:
56:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:47:84:D4:6C:68:38:C0:45:CC:FF:61:C3:4B:01:74:95:79:3C:23
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
21:fc:d4:5d:ff:69:1d:f2:17:08:99:18:12:50:95:f2:40:87:
da:42:1a:1c:6f:6c:16:8b:46:d5:25:30:4d:05:85:6e:2e:46:
7b:aa:b6:f9:16:cb:b1:fe:22:09:3d:66:6b:1e:1b:06:10:04:
3e:8f:93:c6:2e:3c:f7:c3:c5:37:91:40:db:a8:f9:d0:f3:69:
2e:7e:5f:21:fb:b0:64:b2:a7:ca:08:dc:b8:05:16:e4:8d:3e:
e3:04:a0:75:c6:77:be:c9:d6:17:68:37:40:36:f0:70:0e:50:
3c:62:09:24:aa:b8:4e:a7:08:90:f3:08:6a:f9:00:f9:6d:33:
da:16:2c:34:44:35:77:d0:20:09:4e:f8:7a:63:84:b7:4c:b3:
19:59:d2:bc:00:92:7e:b0:6f:1e:1e:a3:15:e8:97:f4:04:13:
d0:d5:46:85:a5:c6:33:58:af:bc:55:00:3a:af:1a:ac:6e:b1:
fa:b9:21:e6:67:68:b1:c5:ae:e7:f4:d7:2f:50:76:26:c0:0e:
51:3b:d6:34:2d:25:03:b3:d4:38:e8:f6:2a:d5:9b:2f:0f:e9:
71:24:22:61:15:e6:d8:82:71:64:4d:15:64:61:66:6d:83:14:
20:9d:4d:a3:c6:65:4c:1e:8f:5e:de:9a:a3:35:ab:e5:b8:6e:
3d:13:20:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULbXm7avGvNwemF7EQQw6VHROc/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxNzRmYjgwMGIyM2ExYzU2MGY1MGZiNzI2YmM2MTEyODA3MzcyOGM3YjBh
MDIyMWU0M2M1ZGUzODIzNDE4MjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMJ/QNpqyddzuKT0Ykk1q0oq6CldejBMJKLk88FXTYdLPeOaYJy3X7DsCW2L
XfL5WVwDolUyP+Nxhia+7CPm71wCt8KmoOh8B8Ts/Qwu6gNmJ76/rWOkyi8M5/Oi
tSXVpeMPZyjqKjMK55P5Ee2MxDQnJmJcawxJLSUsksHXDyaF/cHvkTQDvblDw0C5
dd46D0+A58FGYQkXujwYrhR8sZfJemt3I6FcafnoUz9wORN2DNQYZ+Vn+5yaxy6d
mHhZk5n2f4rSOuLRvA5SeJ4a78Rzc9PDQWghMRokFavspMv6w5slP0vA/5kA+SZV
V0rw7LUToR/xp35mDytRUh2IVqUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQR4TU
bGg4wEXM/2HDSwF0lXk8IzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQAh/NRd/2kd8hcImRgSUJXyQIfaQhocb2wWi0bVJTBN
BYVuLkZ7qrb5Fsux/iIJPWZrHhsGEAQ+j5PGLjz3w8U3kUDbqPnQ82kufl8h+7Bk
sqfKCNy4BRbkjT7jBKB1xne+ydYXaDdANvBwDlA8YgkkqrhOpwiQ8whq+QD5bTPa
Fiw0RDV30CAJTvh6Y4S3TLMZWdK8AJJ+sG8eHqMV6Jf0BBPQ1UaFpcYzWK+8VQA6
rxqsbrH6uSHmZ2ixxa7n9NcvUHYmwA5RO9Y0LSUDs9Q46PYq1ZsvD+lxJCJhFebY
gnFkTRVkYWZtgxQgnU2jxmVMHo9e3pqjNavluG49EyCC
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:15 2025 by rpki-client