Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
File: a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa (raw, json)
Hash identifier: qHj7LDpLP+l18nmZkLUwhvAv7D73RcaaUAEotWxUpao=
Subject key identifier: 90:E0:43:14:E4:CF:D9:6F:C8:73:59:8E:E8:55:FA:81:D9:DC:67:94
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6094C593FD6DDB3E7C8481C0EF1F1679A38003A4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
Signing time: Wed 25 Jun 2025 00:50:27 +0000
ROA not before: Wed 25 Jun 2025 00:50:27 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.206.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:94:c5:93:fd:6d:db:3e:7c:84:81:c0:ef:1f:16:79:a3:80:03:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:27 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=4c5e2542a8552fec702aa601ad4350fe94ea4bfe28c2015c82ee2e26c880a806, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:89:66:b1:6d:28:18:5e:81:2d:6b:63:35:48:
ef:92:5e:d4:ef:ba:98:25:f6:25:48:59:ce:29:36:
41:83:e8:ce:69:64:bc:14:82:6e:c4:3f:a7:ba:30:
37:d6:c1:67:1a:0d:c3:87:cd:ee:36:ed:fb:5d:ee:
c5:ad:1c:b5:df:aa:63:36:35:57:13:2a:3b:a2:24:
75:98:5c:e8:c3:ff:31:5c:d3:aa:c3:b5:ee:d5:62:
4d:86:b7:75:47:73:a9:38:69:0c:eb:44:54:22:6f:
05:8c:fb:7e:c4:c4:39:36:fa:f0:4b:9b:1e:b9:23:
d3:3e:5c:30:6a:37:73:b8:4e:14:df:be:de:dd:d1:
45:c7:76:da:26:cb:7b:39:70:42:c2:d4:37:62:9e:
d8:15:05:2c:69:06:db:ca:c7:02:36:5b:85:c9:e9:
ea:d6:cb:d8:f6:7d:29:d9:3c:c8:c2:46:30:3b:68:
5a:b8:53:c0:2c:9d:c0:fb:c5:09:a6:1d:7f:86:d4:
80:40:77:30:44:a5:c1:7b:20:bf:82:74:bf:da:92:
cd:c8:65:40:11:ef:44:cb:13:7d:d3:ea:f5:9f:74:
92:e3:7c:11:42:94:4f:99:77:ce:6e:d1:74:e5:7f:
df:94:b1:7e:45:71:54:60:d1:c0:f0:47:8b:43:0e:
57:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E0:43:14:E4:CF:D9:6F:C8:73:59:8E:E8:55:FA:81:D9:DC:67:94
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2d10e7d-a784-476d-9df5-f7efeb55cf39.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.206.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9b:e6:ba:b7:f9:a9:92:4f:63:5c:f9:ad:ca:1d:5f:e6:52:a0:
43:85:d4:04:9a:2b:82:b1:68:08:28:fd:3c:f3:0d:43:1f:67:
44:94:33:c7:9f:41:72:b3:92:f3:9d:39:67:8f:4a:27:09:f0:
a5:93:e0:dc:31:31:2a:61:09:de:e7:bb:f6:9c:20:d3:d6:b8:
5b:c0:7e:58:3d:98:98:f9:d0:ab:fe:f0:36:7c:9c:0d:12:01:
61:89:7d:d4:d5:90:f4:78:5b:27:6f:ba:b8:8d:ba:c2:d2:54:
cd:8b:fa:59:be:0f:99:aa:dd:48:a2:82:01:c2:85:6e:c4:af:
66:c6:4d:07:86:0e:e4:22:38:a7:0e:62:04:6e:75:b2:99:6a:
8d:06:a5:69:7d:bb:ac:ad:38:f4:65:e1:4b:6a:cf:99:a7:a1:
80:a8:b3:4d:90:49:0e:28:c3:8a:ca:79:96:6d:e1:e3:1e:20:
17:fd:8e:2c:b4:81:3c:67:33:71:fb:9d:8e:ef:e9:a5:bf:a1:
9d:aa:e1:ef:59:08:1d:58:83:8c:6c:d7:e3:0e:9b:23:cd:be:
4f:28:a9:5b:7b:ae:78:ac:45:d4:9f:93:2b:04:7e:0f:2e:2c:
9f:45:ba:c8:46:06:79:92:99:03:e8:bc:11:9c:97:ad:71:60:
45:d8:bb:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYJTFk/1t2z58hIHA7x8WeaOAA6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjdaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjNWUyNTQyYTg1NTJmZWM3MDJhYTYwMWFkNDM1MGZlOTRlYTRiZmUyOGMy
MDE1YzgyZWUyZTI2Yzg4MGE4MDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWJZrFtKBhegS1rYzVI75Je1O+6mCX2JUhZzik2QYPozmlkvBSCbsQ/p7ow
N9bBZxoNw4fN7jbt+13uxa0ctd+qYzY1VxMqO6IkdZhc6MP/MVzTqsO17tViTYa3
dUdzqThpDOtEVCJvBYz7fsTEOTb68EubHrkj0z5cMGo3c7hOFN++3t3RRcd22ibL
ezlwQsLUN2Ke2BUFLGkG28rHAjZbhcnp6tbL2PZ9Kdk8yMJGMDtoWrhTwCydwPvF
CaYdf4bUgEB3MESlwXsgv4J0v9qSzchlQBHvRMsTfdPq9Z90kuN8EUKUT5l3zm7R
dOV/35SxfkVxVGDRwPBHi0MOV+MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSQ4EMU
5M/Zb8hzWY7oVfqB2dxnlDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJkMTBlN2QtYTc4NC00NzZkLTlkZjUtZjdlZmViNTVjZjM5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPOMA0G
CSqGSIb3DQEBCwUAA4IBAQCb5rq3+amST2Nc+a3KHV/mUqBDhdQEmiuCsWgIKP08
8w1DH2dElDPHn0Fys5LznTlnj0onCfClk+DcMTEqYQne57v2nCDT1rhbwH5YPZiY
+dCr/vA2fJwNEgFhiX3U1ZD0eFsnb7q4jbrC0lTNi/pZvg+Zqt1IooIBwoVuxK9m
xk0Hhg7kIjinDmIEbnWymWqNBqVpfbusrTj0ZeFLas+Zp6GAqLNNkEkOKMOKynmW
beHjHiAX/Y4stIE8ZzNx+52O7+mlv6GdquHvWQgdWIOMbNfjDpsjzb5PKKlbe654
rEXUn5MrBH4PLiyfRbrIRgZ5kpkD6LwRnJetcWBF2Ltd
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:07 2025 by rpki-client