Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
File: 96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa (raw, json)
Hash identifier: 3+zhRFbSq/2R7WC85JG+XVBN5yAHYzB5lDqa94tOiYU=
Subject key identifier: 95:CA:F0:05:78:EB:E5:8F:7C:83:1D:B6:63:FA:6D:48:F3:61:8B:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77B484C84DD00B2024915FE5EA49A46AC9E91FC4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
Signing time: Wed 18 Jun 2025 00:30:33 +0000
ROA not before: Wed 18 Jun 2025 00:30:33 +0000
ROA not after: Wed 23 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:b4:84:c8:4d:d0:0b:20:24:91:5f:e5:ea:49:a4:6a:c9:e9:1f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 18 00:30:33 2025 GMT
Not After : Jul 23 23:59:59 2025 GMT
Subject: serialNumber=35a754db6aa9341840ab99b8cd93d9ed21a775710f3f77def43c3e6df76cce94, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:c8:de:ee:73:2e:d8:44:46:40:1d:b8:76:d9:
cb:88:01:f3:be:91:c2:9d:54:75:ac:b7:3d:25:42:
3b:49:01:42:88:fa:1e:56:7f:cf:f0:16:a2:fa:8f:
bb:10:bf:a4:58:c4:98:f4:d3:0c:70:3c:da:16:35:
81:5a:75:47:7a:17:ee:17:11:d0:f4:a0:fb:e7:42:
45:60:21:d6:e3:99:f7:78:ca:a6:fa:c1:c5:07:1f:
53:22:d6:14:77:9e:13:0b:60:6f:21:0d:39:ea:5f:
3c:b9:a4:39:7b:e4:ea:5f:2e:c6:c5:03:c4:94:bb:
41:d3:49:2b:f1:23:d5:f8:16:03:93:ac:d7:72:58:
9d:56:42:98:c5:c2:1e:1a:ba:55:3f:3c:53:bd:88:
01:4c:4a:c5:fe:a2:4c:e0:ab:6b:a8:7b:fd:19:6c:
08:9e:d4:99:d1:3a:a9:0e:d1:9f:99:fe:41:17:b3:
c5:f3:b0:4f:ab:f4:b8:d2:f0:51:f6:80:5b:a6:3e:
d5:8d:f2:40:37:8e:28:9d:22:68:2d:bf:5e:34:5f:
e4:c2:a6:f8:10:b8:1a:b4:3d:9c:ef:1b:c3:05:16:
5d:87:12:9f:4e:25:ad:00:73:c2:d0:4e:53:84:82:
06:bd:f0:91:3c:33:fa:4a:83:2a:50:d7:b8:df:c5:
24:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CA:F0:05:78:EB:E5:8F:7C:83:1D:B6:63:FA:6D:48:F3:61:8B:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/96060ba0-0bb4-49bc-8bf6-4a1495ffddf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
5b:9f:cc:e1:5c:42:3f:81:71:d4:49:b2:e8:1f:90:50:45:62:
db:59:0f:0a:cb:b4:89:a7:d4:f2:bf:1b:f8:87:fe:30:d2:bb:
f1:0d:3e:7a:0b:7f:d5:85:fe:fb:42:f0:f3:10:5a:d2:4f:6e:
ec:31:53:54:e3:75:1c:ab:df:8e:c4:c5:e9:c0:b0:08:1d:09:
39:25:12:a2:1c:58:2c:0b:1b:0a:55:6c:be:a4:2a:5e:b6:e1:
36:58:6b:9b:3f:29:2b:03:0f:30:e0:e1:36:fc:1b:bf:28:cf:
74:7e:3c:01:f5:d0:6a:c0:88:c3:09:af:87:4f:05:58:02:ee:
fa:b4:8e:01:ff:3e:34:48:d0:80:6c:e2:8f:8a:ff:a2:b9:85:
46:94:77:59:24:99:0e:d6:d2:82:2a:62:4d:d5:8d:fd:dd:30:
3f:0a:82:de:79:8f:4d:61:6c:c6:be:6e:3b:82:d0:90:24:f0:
42:19:20:b7:56:e5:e5:d3:79:78:16:ac:78:c4:d9:2f:56:5c:
bf:d2:9f:30:86:13:13:1c:c2:4a:98:b0:f9:f1:45:e3:e9:d8:
83:c2:30:b5:fe:fb:87:6e:cf:df:61:4f:93:7b:33:bb:57:90:
35:6f:46:7b:6b:3e:af:04:01:61:02:58:6b:2f:56:93:4c:b0:
53:57:23:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd7SEyE3QCyAkkV/l6kmkasnpH8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTgwMDMwMzNaFw0yNTA3MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YTc1NGRiNmFhOTM0MTg0MGFiOTliOGNkOTNkOWVkMjFhNzc1NzEwZjNm
NzdkZWY0M2MzZTZkZjc2Y2NlOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOnI3u5zLthERkAduHbZy4gB876Rwp1Uday3PSVCO0kBQoj6HlZ/z/AWovqP
uxC/pFjEmPTTDHA82hY1gVp1R3oX7hcR0PSg++dCRWAh1uOZ93jKpvrBxQcfUyLW
FHeeEwtgbyENOepfPLmkOXvk6l8uxsUDxJS7QdNJK/Ej1fgWA5Os13JYnVZCmMXC
Hhq6VT88U72IAUxKxf6iTOCra6h7/RlsCJ7UmdE6qQ7Rn5n+QRezxfOwT6v0uNLw
UfaAW6Y+1Y3yQDeOKJ0iaC2/XjRf5MKm+BC4GrQ9nO8bwwUWXYcSn04lrQBzwtBO
U4SCBr3wkTwz+kqDKlDXuN/FJHkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSVyvAF
eOvlj3yDHbZj+m1I82GLeTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTYwNjBiYTAtMGJiNC00OWJjLThiZjYtNGExNDk1ZmZkZGY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQBbn8zhXEI/gXHUSbLoH5BQRWLbWQ8Ky7SJp9Tyvxv4
h/4w0rvxDT56C3/Vhf77QvDzEFrST27sMVNU43Ucq9+OxMXpwLAIHQk5JRKiHFgs
CxsKVWy+pCpetuE2WGubPykrAw8w4OE2/Bu/KM90fjwB9dBqwIjDCa+HTwVYAu76
tI4B/z40SNCAbOKPiv+iuYVGlHdZJJkO1tKCKmJN1Y393TA/CoLeeY9NYWzGvm47
gtCQJPBCGSC3VuXl03l4Fqx4xNkvVly/0p8whhMTHMJKmLD58UXj6diDwjC1/vuH
bs/fYU+TezO7V5A1b0Z7az6vBAFhAlhrL1aTTLBTVyP9
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:39:41 2025 by rpki-client