Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
File: b1f2e92a-59bb-45af-9b7f-630a07248560.roa (raw, json)
Hash identifier: k8MxPfT8Ln59+ICoHeI76x1S/BxIq/n+S1Y1/+OpMsI=
Subject key identifier: 5C:3A:BB:6F:10:5C:10:8A:CF:04:5A:DD:3B:1A:9D:04:FD:9C:00:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D243F50ECA3620DF7EB0CE9725A322A79057349
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
Signing time: Wed 25 Jun 2025 00:50:28 +0000
ROA not before: Wed 25 Jun 2025 00:50:28 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.240.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:24:3f:50:ec:a3:62:0d:f7:eb:0c:e9:72:5a:32:2a:79:05:73:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:28 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=ab718a4cfafd40240e6592460b33ea50db70b06f8541eeba8772c8f0bb00772e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:68:7c:7b:ef:e1:39:cb:3f:08:6e:db:7b:f8:
4a:36:21:12:d4:4a:b8:08:e5:2f:02:02:6e:4c:1a:
e9:4c:27:4e:78:23:8a:47:e5:34:a6:a1:74:02:0f:
64:71:f4:fb:24:1a:b1:9b:3e:bc:5b:98:7d:ac:8e:
5c:3d:40:49:86:4b:10:8d:ea:ad:13:d6:93:7a:27:
1f:c7:98:f8:74:e1:64:87:cb:ed:9f:7d:d6:72:40:
9f:22:10:4b:1e:00:61:2b:1f:1b:1e:db:42:e2:f9:
51:6a:32:9f:2e:cd:99:ec:13:6e:aa:75:89:30:72:
30:fb:c8:29:b6:af:9f:bc:10:c3:fb:a2:24:42:2f:
89:fb:45:07:07:d8:31:55:48:6e:72:62:42:5e:f8:
e3:79:6a:7d:fe:87:6a:eb:92:3c:7c:27:00:0b:12:
dc:45:dd:c9:a9:66:24:fa:24:28:63:f4:7f:0d:f7:
42:9d:05:a4:f4:31:a3:a8:1e:4d:3e:df:cc:e5:0e:
0b:a8:d6:c3:4f:7e:9e:e4:bb:e9:e3:86:52:62:27:
eb:71:fd:b1:06:e3:88:4d:dc:59:56:ad:36:2d:90:
fb:37:b6:70:7e:41:d0:dc:cb:7f:32:f8:6a:a2:15:
7f:13:e8:b8:10:50:c5:ef:d9:88:98:29:ef:06:f6:
4e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3A:BB:6F:10:5C:10:8A:CF:04:5A:DD:3B:1A:9D:04:FD:9C:00:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f2e92a-59bb-45af-9b7f-630a07248560.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.240.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c7:80:2a:cc:6c:38:1e:04:c2:07:80:97:14:57:10:b7:3e:a5:
0c:3f:a5:bc:80:03:e7:a2:61:7a:21:e2:37:5c:94:57:19:08:
c7:e0:84:5b:56:45:53:68:98:1b:a0:49:3f:82:47:b2:e7:9f:
56:fe:8e:f5:1f:ae:44:63:6a:d5:aa:01:d8:26:64:62:26:63:
aa:d4:ab:e5:40:9e:9d:0d:b1:bf:8d:5d:61:93:78:9b:7a:64:
97:db:94:c1:5c:f9:ae:8d:3b:2c:99:d1:61:c7:c7:1b:02:41:
23:00:76:45:60:0a:0d:e1:29:fb:99:49:85:15:b9:de:e4:6a:
fc:f9:ae:ed:62:9e:4e:d4:0e:3b:a4:08:59:26:d3:04:67:4f:
92:3b:61:a4:11:a6:90:03:84:71:81:ca:96:b9:99:50:44:ef:
57:66:0b:2b:e5:3b:04:b5:d8:2b:2a:67:09:6b:ee:c4:44:5f:
ef:cc:26:2a:75:5b:62:ea:b8:32:04:da:8e:56:74:fa:7e:4c:
67:e4:c2:da:7d:86:0e:8d:1b:95:28:10:b2:a4:3f:36:17:6e:
d2:4f:5d:24:37:62:75:43:e0:65:4b:46:8c:21:c2:2c:c7:f0:
7a:c5:51:f1:26:9b:bc:fc:82:0c:fd:e8:66:b3:a3:8b:29:11:
1d:4d:40:9f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDSQ/UOyjYg336wzpcloyKnkFc0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjhaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFiNzE4YTRjZmFmZDQwMjQwZTY1OTI0NjBiMzNlYTUwZGI3MGIwNmY4NTQx
ZWViYTg3NzJjOGYwYmIwMDc3MmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdofHvv4TnLPwhu23v4SjYhEtRKuAjlLwICbkwa6UwnTngjikflNKahdAIP
ZHH0+yQasZs+vFuYfayOXD1ASYZLEI3qrRPWk3onH8eY+HThZIfL7Z991nJAnyIQ
Sx4AYSsfGx7bQuL5UWoyny7NmewTbqp1iTByMPvIKbavn7wQw/uiJEIviftFBwfY
MVVIbnJiQl7443lqff6HauuSPHwnAAsS3EXdyalmJPokKGP0fw33Qp0FpPQxo6ge
TT7fzOUOC6jWw09+nuS76eOGUmIn63H9sQbjiE3cWVatNi2Q+ze2cH5B0NzLfzL4
aqIVfxPouBBQxe/ZiJgp7wb2Tl8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcOrtv
EFwQis8EWt07Gp0E/ZwAtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmMmU5MmEtNTliYi00NWFmLTliN2YtNjMwYTA3MjQ4NTYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADPwMA0G
CSqGSIb3DQEBCwUAA4IBAQDHgCrMbDgeBMIHgJcUVxC3PqUMP6W8gAPnomF6IeI3
XJRXGQjH4IRbVkVTaJgboEk/gkey559W/o71H65EY2rVqgHYJmRiJmOq1KvlQJ6d
DbG/jV1hk3ibemSX25TBXPmujTssmdFhx8cbAkEjAHZFYAoN4Sn7mUmFFbne5Gr8
+a7tYp5O1A47pAhZJtMEZ0+SO2GkEaaQA4RxgcqWuZlQRO9XZgsr5TsEtdgrKmcJ
a+7ERF/vzCYqdVti6rgyBNqOVnT6fkxn5MLafYYOjRuVKBCypD82F27ST10kN2J1
Q+BlS0aMIcIsx/B6xVHxJpu8/IIM/ehms6OLKREdTUCf
-----END CERTIFICATE-----
Generated at Tue Jul 1 00:43:59 2025 by rpki-client