Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
File: 8d2d588e-ac05-4633-acba-4d5705f7071e.roa (raw, json)
Hash identifier: y2C0qZthSvZ+/Qz/DNSkTy64KyPr3WH/BKyLUNk/OmE=
Subject key identifier: 9F:D6:91:11:2A:3B:1C:E3:57:8E:23:42:02:A0:D0:76:D6:F6:AC:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2CD586FC5CB97365A1D6F82DBB5019B9C4196CA8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
Signing time: Mon 16 Jun 2025 21:51:30 +0000
ROA not before: Mon 16 Jun 2025 21:51:30 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.180.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:d5:86:fc:5c:b9:73:65:a1:d6:f8:2d:bb:50:19:b9:c4:19:6c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:51:30 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2ce7c5b6bda2124c7ba0259372bf519634b17bdc1697f015a5cd15d659bd0620, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c2:21:5a:d0:a4:d1:dc:09:13:b7:74:5a:69:
9d:a2:50:0a:72:57:a0:13:3a:01:be:ca:8c:2c:81:
14:ba:38:ec:89:b7:e3:36:d2:c6:d9:6a:da:3c:f7:
f8:ba:a5:f9:ca:b6:10:47:67:90:c4:44:74:6a:0c:
59:94:10:fc:b6:48:a7:78:3e:0c:ab:02:94:a3:d0:
7a:ed:23:88:2f:28:cf:7c:17:d0:11:42:91:57:8f:
e6:f6:5a:5a:6c:8a:3f:88:bc:31:23:2a:4c:5b:68:
88:52:4c:80:a5:3b:e1:5c:f4:b0:8c:6a:23:2c:0a:
ec:21:55:f1:4f:db:da:e6:7b:c6:29:f3:55:30:1b:
33:40:7a:97:c8:0d:c7:9b:ab:6d:b9:a2:99:37:6f:
26:01:fc:1c:63:86:04:98:d2:89:78:63:df:d6:f8:
68:23:00:fa:98:53:e8:64:02:3a:af:ba:69:cf:69:
c2:51:23:68:a4:ea:53:89:3f:12:f4:da:a2:c1:06:
f4:aa:42:d0:a9:55:20:c2:c2:5e:61:4e:6c:c6:7f:
17:77:17:71:55:bc:33:ad:6e:f3:13:a4:99:fd:0e:
27:c4:19:a0:23:3a:8c:b9:05:27:90:76:57:45:5e:
4a:26:16:15:ef:35:32:50:5b:6b:73:d1:36:54:1d:
b4:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:D6:91:11:2A:3B:1C:E3:57:8E:23:42:02:A0:D0:76:D6:F6:AC:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d2d588e-ac05-4633-acba-4d5705f7071e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.180.0.0/15
Signature Algorithm: sha256WithRSAEncryption
27:8a:03:45:38:5e:85:63:46:dd:21:4b:c7:13:bf:45:f0:ba:
7d:b4:4f:60:7d:2b:cf:43:ae:22:92:f9:85:a8:fd:21:72:ce:
96:26:ae:41:a4:94:8c:03:e0:4c:64:de:1c:ad:a8:bf:10:60:
65:a9:30:ae:5a:0b:bf:05:98:10:32:ac:e3:48:d4:71:86:31:
1b:d3:24:34:6d:03:5d:59:39:2c:cd:c2:21:fd:52:94:ef:c3:
5d:19:0e:f6:48:9b:23:e3:86:7c:18:e8:c9:d3:e2:eb:28:fc:
14:61:10:60:62:6c:c9:3b:91:cc:2e:9a:75:35:29:1c:d0:c4:
92:cb:b1:b2:63:8d:d5:bc:3f:10:bb:7e:83:f1:2b:d4:68:bd:
de:df:60:d0:69:ed:07:55:ec:79:76:db:38:39:69:a7:e4:f8:
9a:da:de:5c:96:a5:1d:55:35:6d:f9:34:58:bd:86:8a:f2:f8:
c6:8e:09:c3:3b:ac:cb:8c:b9:34:76:83:2f:3a:f9:63:bb:80:
8e:65:42:54:9d:c6:94:30:e7:96:0d:fb:b5:a9:19:3c:72:ab:
88:35:f5:44:39:63:ef:3b:8d:e5:b6:07:5d:83:27:3f:ec:1f:
b8:70:16:8f:5b:f0:e1:c6:b4:9b:e5:27:50:05:c9:4e:ec:6a:
8b:8b:10:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULNWG/Fy5c2Wh1vgtu1AZucQZbKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUxMzBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZTdjNWI2YmRhMjEyNGM3YmEwMjU5MzcyYmY1MTk2MzRiMTdiZGMxNjk3
ZjAxNWE1Y2QxNWQ2NTliZDA2MjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvCIVrQpNHcCRO3dFppnaJQCnJXoBM6Ab7KjCyBFLo47Im34zbSxtlq2jz3
+Lql+cq2EEdnkMREdGoMWZQQ/LZIp3g+DKsClKPQeu0jiC8oz3wX0BFCkVeP5vZa
WmyKP4i8MSMqTFtoiFJMgKU74Vz0sIxqIywK7CFV8U/b2uZ7xinzVTAbM0B6l8gN
x5urbbmimTdvJgH8HGOGBJjSiXhj39b4aCMA+phT6GQCOq+6ac9pwlEjaKTqU4k/
EvTaosEG9KpC0KlVIMLCXmFObMZ/F3cXcVW8M61u8xOkmf0OJ8QZoCM6jLkFJ5B2
V0VeSiYWFe81MlBba3PRNlQdtGMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSf1pER
Kjsc41eOI0ICoNB21vaszjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQyZDU4OGUtYWMwNS00NjMzLWFjYmEtNGQ1NzA1ZjcwNzFlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO0MA0G
CSqGSIb3DQEBCwUAA4IBAQAnigNFOF6FY0bdIUvHE79F8Lp9tE9gfSvPQ64ikvmF
qP0hcs6WJq5BpJSMA+BMZN4crai/EGBlqTCuWgu/BZgQMqzjSNRxhjEb0yQ0bQNd
WTkszcIh/VKU78NdGQ72SJsj44Z8GOjJ0+LrKPwUYRBgYmzJO5HMLpp1NSkc0MSS
y7GyY43VvD8Qu36D8SvUaL3e32DQae0HVex5dts4OWmn5Pia2t5clqUdVTVt+TRY
vYaK8vjGjgnDO6zLjLk0doMvOvlju4COZUJUncaUMOeWDfu1qRk8cquINfVEOWPv
O43ltgddgyc/7B+4cBaPW/DhxrSb5SdQBclO7GqLixAS
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:47:48 2025 by rpki-client