Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: CMOEEaIre7YzJ2qiSNkhNlAufrptrBSg7e3j0fcy/zI=
Subject key identifier: FF:0E:FD:44:A2:2F:21:DC:7D:AB:6B:A0:1D:7E:BF:F3:B5:0C:5B:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22368042DAC5F54C8CBE82639E96F5431C719B51
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Mon 16 Jun 2025 21:50:41 +0000
ROA not before: Mon 16 Jun 2025 21:50:41 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:36:80:42:da:c5:f5:4c:8c:be:82:63:9e:96:f5:43:1c:71:9b:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:41 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f7b567b8c6502b87eb37790a15c1c6a33ef04f7395a1eeade0f4ca004ab716cf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:00:b7:43:3f:06:bc:42:31:4b:b2:6d:45:3e:
f0:f6:28:c0:86:cc:e7:31:3c:e4:ae:64:1f:1c:d8:
89:77:e1:d3:51:e1:e8:79:c9:18:17:21:4f:b1:06:
ce:a8:9f:cb:6e:1f:b9:a6:b9:29:68:ba:c9:c7:a2:
a6:29:75:a5:5b:e7:5a:97:a9:c8:6d:08:c3:66:b6:
41:74:07:bc:f0:40:c3:41:08:41:4a:73:f8:53:d4:
82:d0:d6:6f:45:b0:8e:30:1b:3e:b6:23:97:dc:50:
28:9c:63:c1:35:b3:1c:24:c8:f1:ac:29:d3:fa:4b:
77:ca:68:49:c8:ea:21:d2:8d:d3:5a:c1:60:67:3e:
ed:36:33:a3:61:e6:51:7c:84:7e:f2:cc:bf:78:ea:
de:6d:e9:ba:08:ca:5b:a2:80:49:86:08:51:39:96:
ac:a7:31:89:ee:01:23:29:2b:36:a7:11:c2:72:2c:
47:66:dd:0b:f5:4a:e5:e2:fc:e0:e4:f4:8f:84:6f:
b9:63:30:88:c6:8d:d0:56:bb:05:87:7a:24:a2:69:
63:68:9e:b7:25:71:c6:c7:b2:2a:fc:93:e4:16:92:
da:ae:75:7d:7c:cc:f9:4f:88:2a:d6:32:45:14:ce:
ef:cf:f3:a8:ab:6c:0b:57:dd:a6:77:08:c8:cf:e6:
33:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:0E:FD:44:A2:2F:21:DC:7D:AB:6B:A0:1D:7E:BF:F3:B5:0C:5B:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c9:ea:d3:51:54:7e:86:23:90:ea:06:47:ee:ef:c9:ec:11:2a:
c9:d6:38:57:9f:4e:4c:c9:d1:ff:54:b3:37:81:79:99:83:ba:
1c:e1:6c:a9:b4:36:30:14:e9:e6:09:87:cd:99:c1:20:20:1e:
74:89:9d:ee:3e:dc:de:aa:ab:46:12:09:d9:42:f5:ce:bd:04:
74:4c:18:2d:18:21:b8:cd:bc:cc:8e:3d:b6:1f:7b:1d:59:87:
7e:dd:69:c1:ad:9a:fd:a6:ca:17:ac:b9:57:4d:99:ef:85:1a:
b5:40:ea:a8:07:38:a8:bf:82:f9:2a:2b:70:5d:27:b3:d9:b8:
b5:c8:ad:23:f7:ef:ba:75:2e:72:6f:15:fd:a5:48:ad:ec:80:
84:49:58:6d:75:b0:f9:53:b5:94:24:fa:7e:ef:39:6f:15:1c:
5f:88:b9:e7:59:9d:73:9e:54:82:28:95:19:fb:11:1c:16:ab:
ac:cf:77:98:db:9e:d9:76:44:e0:71:b3:84:0a:19:0f:f7:fb:
3c:46:c4:24:f4:99:db:c0:6b:95:f4:ff:2d:21:51:d9:73:78:
cf:54:29:75:e4:57:6b:2f:bc:58:cc:4c:8e:4e:c5:a5:5f:2c:
72:b4:9c:dc:a7:83:d9:fe:09:1b:d2:9c:c0:de:2a:d7:f4:ba:
3d:9a:cd:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIjaAQtrF9UyMvoJjnpb1Qxxxm1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNDFaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3YjU2N2I4YzY1MDJiODdlYjM3NzkwYTE1YzFjNmEzM2VmMDRmNzM5NWEx
ZWVhZGUwZjRjYTAwNGFiNzE2Y2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJkAt0M/BrxCMUuybUU+8PYowIbM5zE85K5kHxzYiXfh01Hh6HnJGBchT7EG
zqify24fuaa5KWi6yceipil1pVvnWpepyG0Iw2a2QXQHvPBAw0EIQUpz+FPUgtDW
b0WwjjAbPrYjl9xQKJxjwTWzHCTI8awp0/pLd8poScjqIdKN01rBYGc+7TYzo2Hm
UXyEfvLMv3jq3m3pugjKW6KASYYIUTmWrKcxie4BIykrNqcRwnIsR2bdC/VK5eL8
4OT0j4RvuWMwiMaN0Fa7BYd6JKJpY2ietyVxxseyKvyT5BaS2q51fXzM+U+IKtYy
RRTO78/zqKtsC1fdpncIyM/mM/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/Dv1E
oi8h3H2ra6Adfr/ztQxbizAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQDJ6tNRVH6GI5DqBkfu78nsESrJ1jhXn05MydH/VLM3
gXmZg7oc4WyptDYwFOnmCYfNmcEgIB50iZ3uPtzeqqtGEgnZQvXOvQR0TBgtGCG4
zbzMjj22H3sdWYd+3WnBrZr9psoXrLlXTZnvhRq1QOqoBziov4L5KitwXSez2bi1
yK0j9++6dS5ybxX9pUit7ICESVhtdbD5U7WUJPp+7zlvFRxfiLnnWZ1znlSCKJUZ
+xEcFqusz3eY257ZdkTgcbOEChkP9/s8RsQk9JnbwGuV9P8tIVHZc3jPVCl15Fdr
L7xYzEyOTsWlXyxytJzcp4PZ/gkb0pzA3irX9Lo9ms0k
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:39:05 2025 by rpki-client