Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: sbkaMVbV/QFtAQKeHv78GZMmU887YtZZg77ZoBIXbw8=
Subject key identifier: 95:40:55:DC:B1:56:B9:DE:9C:D2:12:51:FD:26:6D:0F:F1:38:57:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 551AE82EEF317B240EF099A540E1DE4A5D095076
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Tue 05 Aug 2025 20:20:10 +0000
ROA not before: Tue 05 Aug 2025 20:20:10 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:1a:e8:2e:ef:31:7b:24:0e:f0:99:a5:40:e1:de:4a:5d:09:50:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:10 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=d6e9e453017442921f55ad6fc2a21afd659bfde2a0b6f99dd3061ecfc4ca2118, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:c0:01:b2:ad:f3:48:56:45:08:6b:e0:7c:
4b:a2:6a:f9:2f:ba:75:2d:81:ff:ce:a7:5c:dc:e4:
ec:34:f5:73:ea:b1:30:3b:a7:cc:a7:ec:2d:00:4f:
d2:63:a9:8d:94:8f:b5:90:fc:d7:27:69:5a:b2:d7:
d6:55:0c:fa:d5:36:d5:41:29:c4:76:54:9b:58:d6:
bc:8a:fa:a1:d0:c0:ab:7f:40:84:3e:12:e6:4e:96:
a2:bf:d9:14:e1:24:b8:cc:cd:2e:0f:8e:18:b7:7b:
eb:19:b4:74:c3:45:33:3d:b7:a9:f1:09:20:1d:9d:
bd:08:c9:4a:ae:63:4e:81:65:d2:6a:08:1e:96:98:
b0:cb:36:49:92:44:88:9b:5d:4e:82:b1:fc:b2:7f:
dd:3c:b1:84:79:f9:88:b5:da:7e:51:09:06:14:05:
9b:e7:bf:04:51:e3:77:3e:be:65:aa:48:57:18:bf:
11:86:ba:ca:42:8c:a2:2d:05:bd:35:83:73:66:b1:
43:6f:a7:ad:ae:10:3b:d3:2e:a6:a0:3a:f4:83:50:
b6:d6:79:01:41:75:3e:52:3f:30:2a:86:03:4e:12:
3f:24:3a:f1:18:0d:ac:b5:91:77:54:d5:b9:cf:90:
7d:f9:63:3f:ca:f3:54:ee:a1:09:50:8a:a5:de:1d:
75:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:40:55:DC:B1:56:B9:DE:9C:D2:12:51:FD:26:6D:0F:F1:38:57:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ba:a2:a7:38:10:e1:a4:d6:18:92:05:c7:71:93:9a:31:33:0a:
5f:d5:f2:4d:75:cc:20:20:15:46:c6:1b:23:65:27:aa:dd:11:
ec:15:f2:8e:fa:45:0b:8b:22:62:64:c3:27:62:fe:52:c8:da:
53:e6:a4:10:fa:c1:0c:0d:92:5f:9f:09:dd:c5:7c:49:f6:67:
81:22:7c:91:b6:00:f6:49:21:3d:9f:5b:db:57:aa:f8:2c:7d:
4c:22:c9:51:aa:a9:32:3f:a7:1f:a5:85:3c:0a:e8:bf:70:bd:
52:48:59:83:e3:80:54:b4:c1:15:02:ee:00:58:a2:9d:0a:75:
e3:e3:e1:60:34:04:d0:7b:ca:4e:d9:b0:c6:31:14:bf:1a:46:
9e:10:32:c7:01:f9:31:6c:90:4b:2e:5d:d1:b7:5f:6d:0d:c7:
f1:c5:eb:10:39:4b:ab:7a:53:56:d1:0d:b9:70:46:1c:d4:f4:
32:9c:b3:a7:21:3f:a4:09:6e:fc:de:f5:db:4d:6e:b6:dd:ca:
da:33:5a:03:cb:b4:9e:d6:a8:b6:6c:c3:0d:5a:f6:20:4b:cc:
02:bb:50:05:3f:72:c7:bf:0c:af:1a:28:42:5d:f3:b7:18:c7:
64:96:51:43:ad:00:cd:c5:08:08:56:7c:f7:ba:19:e4:c8:9b:
1d:4a:1e:35
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVRroLu8xeyQO8JmlQOHeSl0JUHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2ZTllNDUzMDE3NDQyOTIxZjU1YWQ2ZmMyYTIxYWZkNjU5YmZkZTJhMGI2
Zjk5ZGQzMDYxZWNmYzRjYTIxMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALO9wAGyrfNIVkUIa+B8S6Jq+S+6dS2B/86nXNzk7DT1c+qxMDunzKfsLQBP
0mOpjZSPtZD81ydpWrLX1lUM+tU21UEpxHZUm1jWvIr6odDAq39AhD4S5k6Wor/Z
FOEkuMzNLg+OGLd76xm0dMNFMz23qfEJIB2dvQjJSq5jToFl0moIHpaYsMs2SZJE
iJtdToKx/LJ/3TyxhHn5iLXaflEJBhQFm+e/BFHjdz6+ZapIVxi/EYa6ykKMoi0F
vTWDc2axQ2+nra4QO9MupqA69INQttZ5AUF1PlI/MCqGA04SPyQ68RgNrLWRd1TV
uc+QffljP8rzVO6hCVCKpd4ddR0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSVQFXc
sVa53pzSElH9Jm0P8ThX7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQC6oqc4EOGk1hiSBcdxk5oxMwpf1fJNdcwgIBVGxhsj
ZSeq3RHsFfKO+kULiyJiZMMnYv5SyNpT5qQQ+sEMDZJfnwndxXxJ9meBInyRtgD2
SSE9n1vbV6r4LH1MIslRqqkyP6cfpYU8Cui/cL1SSFmD44BUtMEVAu4AWKKdCnXj
4+FgNATQe8pO2bDGMRS/GkaeEDLHAfkxbJBLLl3Rt19tDcfxxesQOUurelNW0Q25
cEYc1PQynLOnIT+kCW783vXbTW623craM1oDy7Se1qi2bMMNWvYgS8wCu1AFP3LH
vwyvGihCXfO3GMdkllFDrQDNxQgIVnz3uhnkyJsdSh41
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:58 2025 by rpki-client