Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
File: 9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa (raw, json)
Hash identifier: 8hkNQZJPjZTeyncxmIHZ6Eq0dZNgwpQ+T3VkdC6RjOk=
Subject key identifier: D7:3D:62:45:33:CF:27:95:AA:EA:F4:76:47:37:1A:8D:AF:6F:F8:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3CFE975774AD9C5437EC051103E55C9552FE1408
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
Signing time: Fri 15 Aug 2025 15:50:56 +0000
ROA not before: Fri 15 Aug 2025 15:50:56 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:fe:97:57:74:ad:9c:54:37:ec:05:11:03:e5:5c:95:52:fe:14:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:56 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=7a2eef8cfc74d25d5fd333a3dc6d10d5dc5ca45843016f4d8f9e4bc45410a579, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:58:4e:3c:7e:87:04:ad:c5:d7:13:85:f3:a9:
a0:b8:c3:a7:c9:fb:51:9d:68:aa:9d:0d:e2:a1:83:
6e:ac:29:32:69:29:64:d4:fc:04:65:e5:20:bf:fc:
ff:99:b2:f8:a6:8a:0a:b4:f0:7f:9d:76:5a:5d:37:
4b:c0:49:da:45:33:58:98:72:1e:36:0a:f8:7b:43:
56:fe:18:0c:40:02:ed:3e:1a:8a:b0:cd:5a:8a:19:
51:0e:dd:3a:82:93:16:43:6c:a6:35:52:47:d5:f0:
cc:e4:a4:f0:c6:3d:ac:57:28:74:bd:ae:79:2a:47:
4a:e5:78:1e:77:39:c3:71:c5:84:09:9b:62:fc:2c:
7a:f2:41:bc:f2:71:00:73:67:b2:da:21:66:3e:49:
f4:99:9d:79:1d:7e:fe:be:27:b4:4d:5b:ff:96:da:
61:0e:3b:e5:2a:c5:c6:f0:09:1d:1c:49:5c:72:7e:
2f:a6:be:f4:55:c5:92:34:b9:35:1e:61:99:3c:0f:
76:55:97:c0:6c:41:40:0d:7f:d6:27:76:f7:1a:27:
41:c5:ba:ca:80:52:15:00:25:5b:a2:37:89:56:5f:
06:d1:c6:b3:95:6a:6b:1f:ec:ae:ee:4c:ef:38:db:
22:fe:cc:cc:28:e0:a9:82:d2:85:28:1f:9c:95:76:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3D:62:45:33:CF:27:95:AA:EA:F4:76:47:37:1A:8D:AF:6F:F8:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9e56510b-5f1c-47f6-8a54-2ef9c96c572c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:a8:f3:81:96:08:72:42:a6:fe:5e:0b:45:20:60:88:e9:4a:
29:20:57:d7:d5:9c:33:df:23:6c:46:18:2a:3c:12:bb:be:40:
e9:bc:91:2a:a7:23:c7:f6:89:0c:14:8c:1c:bc:e4:7f:36:f5:
d5:f9:99:6d:f0:3c:5f:43:20:3b:8b:aa:c9:d2:c7:3c:88:7c:
75:c4:90:49:66:02:12:20:c9:6e:74:60:d1:50:8d:51:90:25:
f9:df:7d:89:c4:19:10:67:41:f8:4b:3c:5b:2b:9e:be:54:9a:
3b:2b:d7:47:2a:ab:1b:d5:ea:da:2d:b0:54:a4:ac:4c:9d:32:
38:62:5f:af:b8:57:54:2c:49:97:6d:1f:4d:e1:f0:3e:de:40:
45:74:c7:ba:4e:42:7b:5f:28:f2:89:e1:b4:6d:ad:ff:76:e8:
7d:22:8e:92:34:02:69:9e:7a:27:39:6a:43:26:25:c6:25:46:
f9:85:4e:ef:06:f8:da:83:f7:a5:4f:11:f3:6a:42:ef:e5:24:
c5:83:53:72:cc:d5:7d:3b:76:43:62:9c:c0:16:d9:54:63:98:
f7:46:58:c8:7b:e7:f3:3a:b7:59:33:5b:7b:7f:f7:d7:a0:83:
3a:fb:07:ff:63:e0:1f:ed:14:76:b2:53:4c:3f:48:2c:a4:65:
7f:db:81:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPP6XV3StnFQ37AURA+VclVL+FAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNTZaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhMmVlZjhjZmM3NGQyNWQ1ZmQzMzNhM2RjNmQxMGQ1ZGM1Y2E0NTg0MzAx
NmY0ZDhmOWU0YmM0NTQxMGE1NzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMtYTjx+hwStxdcThfOpoLjDp8n7UZ1oqp0N4qGDbqwpMmkpZNT8BGXlIL/8
/5my+KaKCrTwf512Wl03S8BJ2kUzWJhyHjYK+HtDVv4YDEAC7T4airDNWooZUQ7d
OoKTFkNspjVSR9XwzOSk8MY9rFcodL2ueSpHSuV4Hnc5w3HFhAmbYvwsevJBvPJx
AHNnstohZj5J9JmdeR1+/r4ntE1b/5baYQ475SrFxvAJHRxJXHJ+L6a+9FXFkjS5
NR5hmTwPdlWXwGxBQA1/1id29xonQcW6yoBSFQAlW6I3iVZfBtHGs5Vqax/sru5M
7zjbIv7MzCjgqYLShSgfnJV2rzECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTXPWJF
M88nlarq9HZHNxqNr2/4jTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWU1NjUxMGItNWYxYy00N2Y2LThhNTQtMmVmOWM5NmM1NzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQATqPOBlghyQqb+XgtFIGCI6UopIFfX1Zwz3yNsRhgq
PBK7vkDpvJEqpyPH9okMFIwcvOR/NvXV+Zlt8DxfQyA7i6rJ0sc8iHx1xJBJZgIS
IMludGDRUI1RkCX5332JxBkQZ0H4SzxbK56+VJo7K9dHKqsb1eraLbBUpKxMnTI4
Yl+vuFdULEmXbR9N4fA+3kBFdMe6TkJ7XyjyieG0ba3/duh9Io6SNAJpnnonOWpD
JiXGJUb5hU7vBvjag/elTxHzakLv5STFg1NyzNV9O3ZDYpzAFtlUY5j3RljIe+fz
OrdZM1t7f/fXoIM6+wf/Y+Af7RR2slNMP0gspGV/24HB
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:03 2025 by rpki-client