Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
File: 2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa (raw, json)
Hash identifier: 7NnJyF6vt41RiKCxttAajtTTV2+w+I/NvWBat//qxJ0=
Subject key identifier: 6A:5E:4E:AE:BC:83:CF:F1:74:3F:9B:45:35:66:84:ED:72:8E:F8:F5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 605CEAE05D9FF56CE0C1344255B07BDA6780693A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
Signing time: Mon 01 Sep 2025 21:31:15 +0000
ROA not before: Mon 01 Sep 2025 21:31:15 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.127.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:5c:ea:e0:5d:9f:f5:6c:e0:c1:34:42:55:b0:7b:da:67:80:69:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:31:15 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=cbe376fc3c07b417bcd60aa2cee441805291faed498970073c3e5d4c44c4a319, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:96:d0:34:b9:e1:58:fd:2b:0f:c0:3b:a7:25:
4c:32:65:e1:a8:91:39:24:a4:cd:69:6a:69:56:a7:
b5:15:b4:4d:02:81:ba:d6:3a:b5:ec:4b:ce:a1:8c:
f9:ec:ec:c9:7b:c6:d0:a2:3b:9d:e4:d7:2f:b9:08:
65:d1:ad:d5:e2:8d:8d:20:6a:f7:ad:4c:26:f2:41:
0a:62:33:1e:06:e9:64:d9:29:30:46:33:ae:78:38:
b9:11:27:f8:99:db:78:b7:cd:54:f0:34:22:23:36:
a0:39:83:9e:44:7d:60:cb:79:b4:3d:a6:49:27:dd:
ac:91:45:c5:f4:db:0f:d3:70:35:bc:1e:47:0a:e8:
ea:73:aa:97:ca:38:01:64:10:99:5e:39:8c:3a:52:
76:5f:91:91:29:ea:1d:ea:9a:ef:03:fb:22:f9:31:
fc:8d:77:41:be:be:df:8c:69:67:bb:fe:5d:31:f7:
c6:f3:a5:ab:92:91:15:d5:2d:1b:5b:8f:46:35:12:
5e:bc:4a:ea:c9:54:d0:d4:c1:26:65:63:6e:ad:c2:
69:5b:bc:bf:db:b6:39:de:e7:bb:d8:18:fe:ed:f7:
2a:3c:b8:32:02:27:c9:cb:5e:cf:9a:53:eb:cc:2b:
59:97:f2:c9:32:41:81:fb:da:34:e0:19:da:80:a9:
88:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5E:4E:AE:BC:83:CF:F1:74:3F:9B:45:35:66:84:ED:72:8E:F8:F5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2fc6a253-dc60-4611-8bc0-f4b11851ccf1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ac:da:ba:b3:56:2c:a5:eb:5e:d6:b2:0e:33:91:74:01:7c:87:
f6:06:31:ae:79:2f:81:8c:0f:b0:50:09:d5:70:61:3e:2a:53:
5a:a1:ac:48:54:0d:b9:4e:c9:8c:1b:d7:04:8a:aa:fb:13:da:
43:4a:fc:61:c1:62:2e:25:f7:73:64:2a:71:e6:cd:2f:1a:1c:
0f:98:ef:1b:46:4c:59:69:0d:cc:b8:6b:70:d0:6c:62:1f:e8:
28:62:bb:87:7c:76:c0:71:46:10:d1:5a:c3:8e:23:8d:01:59:
45:5d:7d:29:08:31:62:9f:27:cf:b9:d1:c9:7d:b9:a7:17:3c:
3f:e5:29:5e:0c:21:73:64:09:06:cd:9e:2b:6d:62:02:df:50:
21:70:28:4a:6a:90:e8:a0:73:cc:76:fc:03:71:22:43:0c:75:
e5:14:2e:13:5f:c2:70:21:de:ff:a2:1c:a8:df:23:32:34:92:
78:4f:73:4f:93:b4:55:99:dc:0b:b1:c9:f1:30:6b:f4:2e:a1:
67:bb:17:7c:d7:95:c9:55:e5:d3:d0:fa:0e:c4:64:37:9d:94:
58:87:e0:2d:1c:dd:db:e1:af:6c:00:d8:3b:a4:43:78:e9:1f:
8e:a5:9e:60:18:5c:4f:4f:ef:d9:02:a9:cf:0d:c1:bc:ca:19:
54:37:0b:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYFzq4F2f9WzgwTRCVbB72meAaTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMxMTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZTM3NmZjM2MwN2I0MTdiY2Q2MGFhMmNlZTQ0MTgwNTI5MWZhZWQ0OTg5
NzAwNzNjM2U1ZDRjNDRjNGEzMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6W0DS54Vj9Kw/AO6clTDJl4aiROSSkzWlqaVantRW0TQKButY6texLzqGM
+ezsyXvG0KI7neTXL7kIZdGt1eKNjSBq961MJvJBCmIzHgbpZNkpMEYzrng4uREn
+JnbeLfNVPA0IiM2oDmDnkR9YMt5tD2mSSfdrJFFxfTbD9NwNbweRwro6nOql8o4
AWQQmV45jDpSdl+RkSnqHeqa7wP7Ivkx/I13Qb6+34xpZ7v+XTH3xvOlq5KRFdUt
G1uPRjUSXrxK6slU0NTBJmVjbq3CaVu8v9u2Od7nu9gY/u33Kjy4MgInyctez5pT
68wrWZfyyTJBgfvaNOAZ2oCpiAMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqXk6u
vIPP8XQ/m0U1ZoTtco749TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmZjNmEyNTMtZGM2MC00NjExLThiYzAtZjRiMTE4NTFjY2YxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN/MA0G
CSqGSIb3DQEBCwUAA4IBAQCs2rqzViyl617Wsg4zkXQBfIf2BjGueS+BjA+wUAnV
cGE+KlNaoaxIVA25TsmMG9cEiqr7E9pDSvxhwWIuJfdzZCpx5s0vGhwPmO8bRkxZ
aQ3MuGtw0GxiH+goYruHfHbAcUYQ0VrDjiONAVlFXX0pCDFinyfPudHJfbmnFzw/
5SleDCFzZAkGzZ4rbWIC31AhcChKapDooHPMdvwDcSJDDHXlFC4TX8JwId7/ohyo
3yMyNJJ4T3NPk7RVmdwLscnxMGv0LqFnuxd815XJVeXT0PoOxGQ3nZRYh+AtHN3b
4a9sANg7pEN46R+OpZ5gGFxPT+/ZAqnPDcG8yhlUNwu6
-----END CERTIFICATE-----
Generated at Thu Sep 18 09:16:11 2025 by rpki-client