Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
File: d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa (raw, json)
Hash identifier: RQ4BUc7hK7RJOcmsWyTaE3K/+iph3XupXPMZVcddgx0=
Subject key identifier: 99:FC:9A:31:F0:5A:38:C7:18:42:62:5C:B9:31:60:57:C4:48:99:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 587D2885A8EF571B32D5CF74FDCF62CA25AD1A02
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
Signing time: Tue 05 Aug 2025 20:20:09 +0000
ROA not before: Tue 05 Aug 2025 20:20:09 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 17:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7d:28:85:a8:ef:57:1b:32:d5:cf:74:fd:cf:62:ca:25:ad:1a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:09 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4b5b72ecd98c1e29b318b0b7ac4ade92242c34b0214eb4fc847d6688c29244ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b6:9e:bd:9e:5e:27:a8:94:5d:d1:7f:ce:ff:
6d:99:57:ba:34:3f:6e:a9:55:d1:ca:53:95:ca:0b:
6d:4d:a4:7e:15:d8:6d:c6:45:d7:76:ac:5d:7a:f4:
f6:1b:12:7b:1c:09:36:82:a6:7a:22:ec:3b:84:8a:
d3:7a:f7:3b:fb:94:69:89:29:ba:ba:f7:8b:c4:3d:
32:a0:50:3b:65:98:d4:33:14:c3:9b:63:8f:76:87:
a4:c9:f3:72:fe:a9:ce:e9:44:2d:ec:a1:be:39:0b:
3a:11:94:df:72:ce:a2:b8:2a:da:97:57:d3:22:28:
50:6a:af:58:3f:82:ab:a6:53:e9:79:6a:ee:b6:8f:
09:bf:82:e8:27:93:ea:a1:13:ae:b1:ab:f1:e3:ec:
eb:3c:89:5e:25:9e:42:4b:83:39:a1:81:cf:a0:64:
55:ea:a1:5d:47:55:e9:00:80:dd:72:7f:3b:57:5d:
86:08:99:7c:2c:2f:92:b8:11:c1:6b:0b:5e:79:19:
a3:ca:e5:49:8c:3b:b9:7a:4f:e7:54:fd:1b:30:cb:
8a:49:16:32:85:a4:a7:3d:6c:ac:53:86:30:4e:c8:
78:18:31:33:ad:fa:bc:b9:67:42:aa:99:0c:c4:d5:
bb:db:d0:cc:58:be:5e:ae:d3:c9:34:c3:d7:3c:c5:
55:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FC:9A:31:F0:5A:38:C7:18:42:62:5C:B9:31:60:57:C4:48:99:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d7fdedfc-2bdc-42cd-a714-2abbc02deae9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
87:25:67:a4:36:59:3a:93:d8:e1:12:20:33:fb:e5:2a:6b:3e:
20:d5:34:42:b0:56:0c:6b:79:d1:ea:d0:2d:b8:91:1e:b2:a5:
6f:55:c1:5d:76:39:2b:0e:47:b9:28:12:19:f9:70:3b:19:77:
4b:84:6a:62:92:0c:68:c2:88:89:67:20:60:2e:f7:55:53:65:
d4:6a:98:cd:bc:05:d3:0b:22:05:48:5c:75:02:c4:d3:28:c3:
6f:00:2b:e4:05:0a:ff:34:14:c7:ea:a1:48:bf:46:69:97:09:
47:cc:d6:cc:24:1d:56:0d:8b:77:33:17:7d:f0:04:20:1d:f7:
ca:16:83:dc:d5:1f:00:e0:78:95:82:c9:d9:06:2d:1c:7a:75:
4b:65:1d:ec:00:b2:9e:0e:01:eb:9b:ac:00:b8:ae:e7:94:8b:
95:b4:0f:0d:ad:50:62:f2:f4:05:25:dc:3b:c4:7d:33:f0:01:
5e:1b:8a:43:48:f8:02:06:26:32:98:32:b5:23:bf:47:3a:37:
a9:6b:9b:46:7f:cc:a9:0b:ee:50:9c:85:95:05:c6:6e:25:ac:
23:32:1b:1d:10:d4:78:08:a1:44:10:5e:bb:58:9b:55:5a:80:
75:f8:22:93:42:2e:94:2c:4b:ad:29:03:78:a7:f0:8c:45:6e:
ff:32:6f:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWH0ohajvVxsy1c90/c9iyiWtGgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwMDlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRiNWI3MmVjZDk4YzFlMjliMzE4YjBiN2FjNGFkZTkyMjQyYzM0YjAyMTRl
YjRmYzg0N2Q2Njg4YzI5MjQ0YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS2nr2eXieolF3Rf87/bZlXujQ/bqlV0cpTlcoLbU2kfhXYbcZF13asXXr0
9hsSexwJNoKmeiLsO4SK03r3O/uUaYkpurr3i8Q9MqBQO2WY1DMUw5tjj3aHpMnz
cv6pzulELeyhvjkLOhGU33LOorgq2pdX0yIoUGqvWD+Cq6ZT6Xlq7raPCb+C6CeT
6qETrrGr8ePs6zyJXiWeQkuDOaGBz6BkVeqhXUdV6QCA3XJ/O1ddhgiZfCwvkrgR
wWsLXnkZo8rlSYw7uXpP51T9GzDLikkWMoWkpz1srFOGME7IeBgxM636vLlnQqqZ
DMTVu9vQzFi+Xq7TyTTD1zzFVQsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSZ/Jox
8Fo4xxhCYly5MWBXxEiZJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDdmZGVkZmMtMmJkYy00MmNkLWE3MTQtMmFiYmMwMmRlYWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQCHJWekNlk6k9jhEiAz++Uqaz4g1TRCsFYMa3nR6tAt
uJEesqVvVcFddjkrDke5KBIZ+XA7GXdLhGpikgxowoiJZyBgLvdVU2XUapjNvAXT
CyIFSFx1AsTTKMNvACvkBQr/NBTH6qFIv0ZplwlHzNbMJB1WDYt3Mxd98AQgHffK
FoPc1R8A4HiVgsnZBi0cenVLZR3sALKeDgHrm6wAuK7nlIuVtA8NrVBi8vQFJdw7
xH0z8AFeG4pDSPgCBiYymDK1I79HOjepa5tGf8ypC+5QnIWVBcZuJawjMhsdENR4
CKFEEF67WJtVWoB1+CKTQi6ULEutKQN4p/CMRW7/Mm+V
-----END CERTIFICATE-----
Generated at Thu Aug 21 22:13:30 2025 by rpki-client