Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: zt+FfrMjlxUNlNW8yYTyrG2tJTbvWjtvh0tXljaGlKc=
Subject key identifier: 58:39:80:8F:C4:C2:70:CD:92:0F:5E:92:9C:4F:5F:C5:44:24:EC:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13AC38C30AEBE8CDC1E07468EC249E1602E10F6F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Tue 05 Aug 2025 20:30:11 +0000
ROA not before: Tue 05 Aug 2025 20:30:11 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:ac:38:c3:0a:eb:e8:cd:c1:e0:74:68:ec:24:9e:16:02:e1:0f:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:11 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=166891ef9466d9e2f1eea4319ad928efeec4c75cb6b1ff1aa020e652960d1b16, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2e:00:ba:eb:17:06:81:8c:1e:02:f9:05:b7:
8e:6a:a0:6c:1c:53:33:1f:25:ec:80:04:d4:b3:35:
61:53:2e:c0:9a:44:69:bc:bc:6b:c7:16:66:b1:3b:
6e:bf:0d:83:6d:dc:a6:40:0b:92:cc:26:8d:f3:17:
4f:04:c5:4b:2b:81:47:4a:85:46:2e:b3:8e:61:07:
e6:37:b3:c5:5b:3e:0a:e0:3b:4a:0f:72:13:ae:eb:
ab:52:c3:f7:ef:94:4f:da:59:64:cd:da:1d:11:1c:
03:da:fb:ea:95:4f:28:cb:87:49:d1:57:ee:c9:04:
c7:8e:bf:ba:d1:77:82:a1:b5:94:c7:1b:b3:a3:38:
23:45:1c:6a:24:66:6e:71:eb:85:3f:5c:ef:d1:3c:
20:10:0f:81:64:f5:31:88:79:cb:05:1b:40:be:06:
9c:bf:e3:22:4b:8b:45:2d:99:cc:57:e8:6f:b8:34:
19:f9:8b:f0:7a:75:c3:2b:8b:7b:34:60:09:5a:6a:
b2:0d:f9:52:78:28:4c:e3:40:1f:94:39:99:f9:01:
45:4b:af:32:f2:a9:97:a3:1e:93:a7:e6:6a:76:8c:
cc:d8:fc:6c:35:cc:c2:3b:47:a2:44:0d:91:f2:84:
7e:cb:13:30:00:c6:4a:fd:0e:2d:3c:84:26:15:83:
53:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:39:80:8F:C4:C2:70:CD:92:0F:5E:92:9C:4F:5F:C5:44:24:EC:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8f:bb:b2:12:32:ef:8e:ab:cc:b5:a6:40:5f:b6:01:bd:c8:b8:
85:bc:dc:7f:99:fc:03:e1:3c:b0:83:26:e0:64:50:1b:28:c1:
60:98:01:a1:7f:68:58:6f:1d:56:f5:8a:2b:ef:61:ec:c6:40:
a9:44:88:38:93:eb:32:ba:e2:69:f4:4f:36:4a:7c:fc:49:c8:
17:f5:5d:24:20:c5:3f:b1:15:be:b3:bc:7d:64:4c:88:1b:4d:
ba:b7:9e:c9:a8:48:3e:3a:e7:5d:04:02:c4:ed:5b:3f:0f:a7:
10:be:c7:3a:b7:ab:4d:bb:61:70:9b:3b:b7:1e:12:30:1f:c8:
63:09:16:1c:dd:02:04:26:8e:d8:b0:2c:91:bf:85:2c:13:fc:
a0:49:d3:fa:54:86:60:8f:84:f9:21:3b:c6:33:d3:6c:9e:76:
a9:d4:49:e5:d2:31:69:63:98:5f:b1:61:77:2b:17:c5:8b:20:
6d:cd:05:04:29:a3:db:01:f2:81:97:88:12:96:e4:e6:94:13:
d2:5c:78:8f:e9:0a:b8:95:22:2e:71:3e:88:61:58:d2:f7:bf:
e3:c7:d0:57:a4:7d:d9:82:33:a1:63:49:42:b5:c5:5c:50:92:
28:ec:d3:58:0a:3f:bd:53:d0:a9:5c:2a:b3:ac:4a:05:99:ef:
d4:76:9c:be
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE6w4wwrr6M3B4HRo7CSeFgLhD28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwMTFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2Njg5MWVmOTQ2NmQ5ZTJmMWVlYTQzMTlhZDkyOGVmZWVjNGM3NWNiNmIx
ZmYxYWEwMjBlNjUyOTYwZDFiMTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAuALrrFwaBjB4C+QW3jmqgbBxTMx8l7IAE1LM1YVMuwJpEaby8a8cWZrE7
br8Ng23cpkALkswmjfMXTwTFSyuBR0qFRi6zjmEH5jezxVs+CuA7Sg9yE67rq1LD
9++UT9pZZM3aHREcA9r76pVPKMuHSdFX7skEx46/utF3gqG1lMcbs6M4I0UcaiRm
bnHrhT9c79E8IBAPgWT1MYh5ywUbQL4GnL/jIkuLRS2ZzFfob7g0GfmL8Hp1wyuL
ezRgCVpqsg35UngoTONAH5Q5mfkBRUuvMvKpl6Mek6fmanaMzNj8bDXMwjtHokQN
kfKEfssTMADGSv0OLTyEJhWDUxECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRYOYCP
xMJwzZIPXpKcT1/FRCTsrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQCPu7ISMu+Oq8y1pkBftgG9yLiFvNx/mfwD4Tywgybg
ZFAbKMFgmAGhf2hYbx1W9Yor72HsxkCpRIg4k+syuuJp9E82Snz8ScgX9V0kIMU/
sRW+s7x9ZEyIG026t57JqEg+OuddBALE7Vs/D6cQvsc6t6tNu2Fwmzu3HhIwH8hj
CRYc3QIEJo7YsCyRv4UsE/ygSdP6VIZgj4T5ITvGM9Nsnnap1Enl0jFpY5hfsWF3
KxfFiyBtzQUEKaPbAfKBl4gSluTmlBPSXHiP6Qq4lSIucT6IYVjS97/jx9BXpH3Z
gjOhY0lCtcVcUJIo7NNYCj+9U9CpXCqzrEoFme/Udpy+
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:51 2025 by rpki-client