Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: 6m5CB5iSLtCxMGZrUuKU0oYx+2xLkKxzUjwJU2QE/S4=
Subject key identifier: 04:99:F9:EF:6F:A3:E6:E5:3D:9D:C9:11:36:C8:FE:A5:0E:57:A1:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FF8ED4A6A206F6D9673D0C32EBE67547EA08CF5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Wed 25 Jun 2025 00:50:25 +0000
ROA not before: Wed 25 Jun 2025 00:50:25 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:f8:ed:4a:6a:20:6f:6d:96:73:d0:c3:2e:be:67:54:7e:a0:8c:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:25 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=42330c76ee97b21a591988a4d9afabfc24c9fe9887a3693cb63fc796b5881edb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c4:c8:be:c2:03:ed:cb:80:f7:fc:eb:98:1d:
74:51:db:e8:0f:10:d6:a5:08:8c:c6:5b:2c:f0:22:
37:8b:e7:7d:b5:c6:a7:d6:d4:3a:2c:cf:53:fe:c2:
92:ac:66:7f:b5:f8:69:76:f3:ab:59:20:fd:cb:e5:
dc:e5:18:7c:3b:03:57:a3:50:d8:eb:87:0e:15:cc:
ed:dd:5a:4f:bb:7a:da:d3:3f:2a:9c:a7:51:e9:fd:
3a:b5:9a:fa:1d:4b:76:8e:48:52:ce:5d:33:98:09:
aa:1d:2a:ad:a1:9c:6e:8e:99:fd:89:69:ce:7b:c4:
e9:06:6d:9c:ad:82:ba:56:df:81:66:c7:c3:2d:fc:
2b:04:40:b4:81:06:f9:86:6b:5d:ec:5b:87:c8:13:
25:8a:e1:a0:35:df:e0:ec:d1:cc:7e:83:31:f9:51:
d3:43:8b:8d:bd:12:9e:6f:5d:98:d1:48:ef:1c:48:
ca:80:f2:ef:81:4c:ea:7f:9a:2e:1a:58:db:6f:f5:
bb:ab:ba:7a:ba:1a:c2:5a:83:39:4a:58:22:43:10:
26:86:aa:82:2c:35:a9:f4:ab:28:81:3d:9b:bb:cf:
10:3f:11:9e:2e:46:84:af:eb:32:99:9b:8b:ea:50:
db:5a:aa:7c:b0:05:9e:69:2d:fc:30:13:e1:47:d8:
bb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:99:F9:EF:6F:A3:E6:E5:3D:9D:C9:11:36:C8:FE:A5:0E:57:A1:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cd:69:b2:35:42:be:c8:06:4a:41:27:84:09:d7:34:4e:3f:5f:
94:ae:f8:5c:22:69:58:f3:48:f1:69:95:f2:51:3d:89:60:51:
83:52:a5:00:43:19:40:a5:f6:6a:99:bd:91:dc:21:36:2a:8b:
06:42:f5:cd:f8:62:f0:ff:41:ab:38:94:c1:8c:3b:65:09:58:
48:49:0b:59:d0:43:8d:6a:b9:4c:bf:13:41:ef:71:c6:07:ba:
e9:b1:88:9c:35:86:fc:d8:e8:14:49:ef:d9:72:75:00:8c:e3:
76:83:47:71:41:71:7c:83:9f:25:1e:6d:ed:b0:f9:c8:f5:75:
45:74:a3:e6:8e:47:5d:9e:dd:57:53:b1:ab:94:2d:49:0e:74:
42:5e:f4:56:f1:c5:7e:fc:36:aa:d2:95:00:cb:bf:4c:51:42:
b4:3e:e3:0d:b1:11:1b:b5:92:33:63:b5:74:20:3b:76:c6:e0:
bd:c9:08:83:ce:82:e3:11:80:e6:90:99:cd:5f:fd:04:bd:83:
23:30:66:ec:6c:3c:17:0c:1d:8a:9a:ea:e9:e9:24:e0:0c:60:
bd:58:a5:1e:0f:ff:21:f3:a3:e5:40:e4:dd:86:83:83:b8:b6:
f0:c0:d2:e7:75:09:81:65:2c:70:6a:39:c4:30:0b:db:20:33:
29:f4:b8:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf/jtSmogb22Wc9DDLr5nVH6gjPUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjVaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQyMzMwYzc2ZWU5N2IyMWE1OTE5ODhhNGQ5YWZhYmZjMjRjOWZlOTg4N2Ez
NjkzY2I2M2ZjNzk2YjU4ODFlZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLEyL7CA+3LgPf865gddFHb6A8Q1qUIjMZbLPAiN4vnfbXGp9bUOizPU/7C
kqxmf7X4aXbzq1kg/cvl3OUYfDsDV6NQ2OuHDhXM7d1aT7t62tM/KpynUen9OrWa
+h1Ldo5IUs5dM5gJqh0qraGcbo6Z/YlpznvE6QZtnK2CulbfgWbHwy38KwRAtIEG
+YZrXexbh8gTJYrhoDXf4OzRzH6DMflR00OLjb0Snm9dmNFI7xxIyoDy74FM6n+a
LhpY22/1u6u6eroawlqDOUpYIkMQJoaqgiw1qfSrKIE9m7vPED8Rni5GhK/rMpmb
i+pQ21qqfLAFnmkt/DAT4UfYu20CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQEmfnv
b6Pm5T2dyRE2yP6lDlehtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQDNabI1Qr7IBkpBJ4QJ1zROP1+UrvhcImlY80jxaZXy
UT2JYFGDUqUAQxlApfZqmb2R3CE2KosGQvXN+GLw/0GrOJTBjDtlCVhISQtZ0EON
arlMvxNB73HGB7rpsYicNYb82OgUSe/ZcnUAjON2g0dxQXF8g58lHm3tsPnI9XVF
dKPmjkddnt1XU7GrlC1JDnRCXvRW8cV+/Daq0pUAy79MUUK0PuMNsREbtZIzY7V0
IDt2xuC9yQiDzoLjEYDmkJnNX/0EvYMjMGbsbDwXDB2Kmurp6STgDGC9WKUeD/8h
86PlQOTdhoODuLbwwNLndQmBZSxwajnEMAvbIDMp9Lji
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:57:27 2025 by rpki-client