Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
File: 80a19bac-b522-4340-8501-74870117a3ce.roa (raw, json)
Hash identifier: GO3kAhOZ+owubY1NEDPJ9E2XIVwQd95ziej+AItgMQQ=
Subject key identifier: 16:2D:D5:9D:AD:7E:AD:F5:F9:00:DB:0B:29:79:75:F7:EB:59:DF:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 508F4E8950FDF49500B32E8BC23944E5CCC44B31
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
Signing time: Mon 16 Jun 2025 22:00:43 +0000
ROA not before: Mon 16 Jun 2025 22:00:43 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8f:4e:89:50:fd:f4:95:00:b3:2e:8b:c2:39:44:e5:cc:c4:4b:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:43 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f6ac18d7aed9111cd4b7f2a7a6a0ddc5fe3fd3b2b0658ea88f38db033f73c764, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:e2:bd:17:f2:25:2a:1e:a7:0f:2c:3c:3f:
73:05:ee:a2:1c:00:ab:2b:27:9d:fe:bb:29:a7:8a:
1a:6c:4d:60:be:9e:17:92:ce:13:f2:19:c7:e7:4b:
a2:71:d2:aa:de:ae:15:b6:a7:7f:ca:27:a6:2b:db:
5d:09:c1:af:8d:0c:d9:08:ea:a0:39:6c:db:e5:2f:
03:e6:2e:ad:7d:d8:3c:5a:ef:b8:3d:2f:2b:70:a3:
c0:0c:38:a7:e6:e8:14:a9:bf:07:49:00:20:42:2d:
1a:1b:97:18:87:79:de:01:e5:18:ef:79:96:98:24:
59:72:a6:f1:42:f1:31:45:09:3d:36:52:67:d1:de:
48:cd:e4:6d:8e:18:b8:e8:d4:a3:4a:98:8d:c8:5e:
63:a5:82:de:1b:9a:cb:0f:33:33:9f:8c:3d:19:cf:
48:1b:45:e3:57:6c:3b:5c:71:15:fd:74:1b:05:fa:
e4:4a:ba:3c:74:23:08:dc:57:f2:fa:ca:2f:db:34:
80:aa:23:e3:db:13:f9:87:29:aa:c3:b8:79:76:20:
20:63:af:ee:4d:23:ed:ba:ed:46:e6:ca:a1:96:8a:
11:43:50:c4:21:95:02:f1:f1:60:88:de:e8:bb:02:
ca:66:04:0f:0a:1c:64:8c:b7:dc:cf:41:33:9c:b7:
b4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:2D:D5:9D:AD:7E:AD:F5:F9:00:DB:0B:29:79:75:F7:EB:59:DF:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80a19bac-b522-4340-8501-74870117a3ce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:db:99:47:95:c2:d5:09:10:22:a3:56:1e:4e:ff:24:27:fc:
b8:da:70:7f:9f:69:e3:7c:1e:bb:d0:5e:11:1c:f9:9a:8a:99:
6e:eb:5f:90:26:a0:e3:43:a7:5e:c3:ab:03:1d:65:5d:fd:f0:
42:41:23:a3:d8:09:af:21:28:53:76:cd:23:31:a4:0e:81:2c:
fe:0b:94:15:be:ea:7c:e6:f7:3f:34:7f:3e:59:51:4f:70:02:
82:a2:d8:67:d4:4b:d8:3a:53:0f:9b:03:56:78:9f:77:38:86:
15:a6:df:fa:db:ad:09:9d:49:75:82:42:37:42:10:2c:4f:bf:
74:68:05:f0:3e:da:1c:24:94:a4:25:b6:07:2b:21:bb:2c:3c:
14:a7:6c:d3:22:cb:2e:40:46:b3:4b:fb:fc:e5:ac:18:e6:ad:
45:f6:08:97:eb:ba:6b:07:50:db:26:53:6a:1f:f2:f0:f0:ec:
6e:89:a9:20:8d:78:c6:87:4d:19:f5:be:c3:aa:47:51:be:d5:
57:42:ed:8c:7e:c2:58:91:9f:64:0b:f8:e0:67:dd:7c:30:13:
fa:77:88:8b:31:59:03:93:ef:3c:aa:5b:e0:2b:15:88:79:df:
07:e1:6a:d9:57:92:57:d5:8f:b7:c1:2a:27:76:65:0d:8b:38:
1a:54:ec:b0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUI9OiVD99JUAsy6LwjlE5czESzEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwNDNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2YWMxOGQ3YWVkOTExMWNkNGI3ZjJhN2E2YTBkZGM1ZmUzZmQzYjJiMDY1
OGVhODhmMzhkYjAzM2Y3M2M3NjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMai4r0X8iUqHqcPLDw/cwXuohwAqysnnf67KaeKGmxNYL6eF5LOE/IZx+dL
onHSqt6uFbanf8onpivbXQnBr40M2QjqoDls2+UvA+YurX3YPFrvuD0vK3CjwAw4
p+boFKm/B0kAIEItGhuXGId53gHlGO95lpgkWXKm8ULxMUUJPTZSZ9HeSM3kbY4Y
uOjUo0qYjcheY6WC3huayw8zM5+MPRnPSBtF41dsO1xxFf10GwX65Eq6PHQjCNxX
8vrKL9s0gKoj49sT+YcpqsO4eXYgIGOv7k0j7brtRubKoZaKEUNQxCGVAvHxYIje
6LsCymYEDwocZIy33M9BM5y3tJMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQWLdWd
rX6t9fkA2wspeXX361nfxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBhMTliYWMtYjUyMi00MzQwLTg1MDEtNzQ4NzAxMTdhM2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQCh25lHlcLVCRAio1YeTv8kJ/y42nB/n2njfB670F4R
HPmaiplu61+QJqDjQ6dew6sDHWVd/fBCQSOj2AmvIShTds0jMaQOgSz+C5QVvup8
5vc/NH8+WVFPcAKCothn1EvYOlMPmwNWeJ93OIYVpt/6260JnUl1gkI3QhAsT790
aAXwPtocJJSkJbYHKyG7LDwUp2zTIssuQEazS/v85awY5q1F9giX67prB1DbJlNq
H/Lw8OxuiakgjXjGh00Z9b7DqkdRvtVXQu2MfsJYkZ9kC/jgZ918MBP6d4iLMVkD
k+88qlvgKxWIed8H4WrZV5JX1Y+3wSondmUNizgaVOyw
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:13:12 2025 by rpki-client