Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: nzU2DdAYNpOzzgdhaO00llUbxd3QyJcbW3y91e9o/HQ=
Subject key identifier: D4:C3:81:87:72:3B:16:BC:BF:D7:CA:C2:2A:D3:3D:66:FC:5C:F5:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5ECD4F1CCC1C82D9A39FBEC11A73CD63E3F5BDD2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Mon 16 Jun 2025 22:00:46 +0000
ROA not before: Mon 16 Jun 2025 22:00:46 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:cd:4f:1c:cc:1c:82:d9:a3:9f:be:c1:1a:73:cd:63:e3:f5:bd:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:46 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=cefa2d247a6fd2937ffbd3137d5ce2cfd04b4ebb06fd252a1c054b29f4dc6a5a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:de:61:a9:5e:8c:e6:6a:97:39:4f:d8:3b:d8:
6a:ab:8b:3f:bf:ea:a6:60:4e:3b:17:0a:d3:a2:19:
f0:78:25:8f:b8:ac:58:2a:07:44:da:1a:cb:89:c3:
67:db:d6:6a:1b:cc:9f:f8:8d:8a:c3:05:98:41:a1:
b6:0e:8c:7c:b0:8b:dd:45:39:25:24:e2:f9:03:e3:
aa:cf:27:36:83:39:21:3f:43:0d:09:9c:ba:c9:d7:
47:51:4b:c4:92:e7:41:06:5c:e5:6e:81:d2:f5:bb:
c5:c0:33:73:8d:c8:a8:a5:6e:44:05:54:b7:80:65:
d3:97:d4:98:96:c5:cd:f1:05:e9:27:7c:40:86:3a:
cd:fd:b8:d8:3d:40:be:2a:27:b8:89:36:68:64:24:
04:3a:17:a7:88:fd:db:aa:3a:5d:32:47:11:91:05:
56:50:42:6c:dd:6c:ae:4c:e3:06:7c:ef:60:ed:1e:
df:3b:02:21:a2:91:86:46:3b:30:b4:b5:b2:08:52:
5f:db:76:7c:5f:5d:21:9b:a3:04:81:4b:4a:f4:e3:
e5:fc:82:ff:69:1c:2b:49:5a:d2:a5:27:1e:13:15:
5a:0d:ba:ac:bf:37:d6:65:9a:0e:38:61:0c:8c:fd:
72:90:3d:c8:72:dc:c1:b7:71:e8:ff:35:80:59:ed:
30:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C3:81:87:72:3B:16:BC:BF:D7:CA:C2:2A:D3:3D:66:FC:5C:F5:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c5:fd:72:23:40:ed:ab:70:7e:73:fe:11:b6:5b:f8:a4:d5:3b:
c6:01:4a:df:26:05:05:2d:67:11:19:e9:06:ca:b4:4f:d5:be:
a5:c6:3a:12:a4:ae:6a:85:82:53:52:d0:35:fc:58:bf:9e:a0:
f5:26:e0:6f:4d:bc:de:d5:21:10:3c:9d:2f:57:64:f9:f5:7d:
18:5a:c1:35:e6:42:46:f4:32:a1:21:6f:bf:b9:4a:2a:f4:1a:
6b:f1:f1:8d:87:a8:cf:65:92:3d:09:f2:da:b0:14:38:58:11:
c9:c9:17:1c:1f:ca:71:ca:0d:84:7a:a9:64:e1:e1:45:b4:d9:
12:87:a9:bd:3b:95:fc:f1:e4:c3:83:1b:9e:b0:d7:fd:46:4f:
2c:c0:5e:9e:af:76:cb:4d:ba:73:e8:6b:23:6f:44:3b:24:a6:
4d:c5:39:47:59:90:23:eb:4c:ec:9b:45:74:76:99:75:7e:e9:
d1:bc:46:8b:a0:b2:d9:29:7f:a0:52:54:9d:06:f4:e5:9a:d6:
fe:81:e5:59:eb:c8:19:04:f4:35:54:84:14:a6:e9:75:ac:f1:
3c:e0:df:c5:25:aa:36:4c:7f:50:6c:3d:27:74:06:0e:d5:dd:
a5:cd:bf:9d:1f:4f:e2:24:04:59:96:d3:f4:68:f6:b6:66:e1:
2b:3a:8f:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXs1PHMwcgtmjn77BGnPNY+P1vdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwNDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlZmEyZDI0N2E2ZmQyOTM3ZmZiZDMxMzdkNWNlMmNmZDA0YjRlYmIwNmZk
MjUyYTFjMDU0YjI5ZjRkYzZhNWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHeYalejOZqlzlP2DvYaquLP7/qpmBOOxcK06IZ8Hglj7isWCoHRNoay4nD
Z9vWahvMn/iNisMFmEGhtg6MfLCL3UU5JSTi+QPjqs8nNoM5IT9DDQmcusnXR1FL
xJLnQQZc5W6B0vW7xcAzc43IqKVuRAVUt4Bl05fUmJbFzfEF6Sd8QIY6zf242D1A
vionuIk2aGQkBDoXp4j926o6XTJHEZEFVlBCbN1srkzjBnzvYO0e3zsCIaKRhkY7
MLS1sghSX9t2fF9dIZujBIFLSvTj5fyC/2kcK0la0qUnHhMVWg26rL831mWaDjhh
DIz9cpA9yHLcwbdx6P81gFntMOMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTUw4GH
cjsWvL/XysIq0z1m/Fz1wTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQDF/XIjQO2rcH5z/hG2W/ik1TvGAUrfJgUFLWcRGekG
yrRP1b6lxjoSpK5qhYJTUtA1/Fi/nqD1JuBvTbze1SEQPJ0vV2T59X0YWsE15kJG
9DKhIW+/uUoq9Bpr8fGNh6jPZZI9CfLasBQ4WBHJyRccH8pxyg2Eeqlk4eFFtNkS
h6m9O5X88eTDgxuesNf9Rk8swF6er3bLTbpz6Gsjb0Q7JKZNxTlHWZAj60zsm0V0
dpl1funRvEaLoLLZKX+gUlSdBvTlmtb+geVZ68gZBPQ1VIQUpul1rPE84N/FJao2
TH9QbD0ndAYO1d2lzb+dH0/iJARZltP0aPa2ZuErOo8N
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:33 2025 by rpki-client