Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
File: ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa (raw, json)
Hash identifier: fpf1TXMivTExrqqQP7MK/sbpvlP+t7lKO7et6/Q6wCE=
Subject key identifier: 67:10:33:30:72:D7:62:55:01:56:8F:64:F6:F6:AE:01:9E:CE:FA:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3405436DA487F2892663FAF4798AFA111CB05A97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
Signing time: Tue 17 Jun 2025 00:50:31 +0000
ROA not before: Tue 17 Jun 2025 00:50:31 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.44.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:05:43:6d:a4:87:f2:89:26:63:fa:f4:79:8a:fa:11:1c:b0:5a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:31 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=4fbab9e62ff6b4d3367d78c32f35a6bb9e199b7096f4cd32eb7eb8f6f0a135f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:98:b9:90:d7:65:7a:69:94:ce:90:26:d9:b2:
35:07:2a:eb:bd:17:2f:73:1f:7e:11:bb:7a:75:47:
89:52:f7:01:32:6a:d5:8a:ea:db:40:67:37:57:63:
3d:f6:c8:e4:52:8f:b4:25:b1:12:1a:4f:3c:c8:87:
97:ff:8c:59:04:45:3e:50:ee:21:bd:1a:1a:6f:4a:
4e:8f:b9:e7:1a:d1:e4:bb:0b:8b:c1:0f:de:d5:8f:
6a:5f:93:74:11:2c:97:7f:1a:7b:bd:ea:eb:f6:56:
13:12:6e:53:0d:5e:a3:b1:73:e7:b1:7c:e6:c8:32:
6c:74:f9:5c:95:85:34:2c:59:ee:ac:67:59:fd:49:
1e:41:80:dc:66:56:90:cd:fe:bd:f9:3f:da:01:68:
af:b2:5f:44:c1:ac:a5:2a:5f:01:5a:06:e6:c1:b8:
cb:df:25:0a:25:e6:cc:07:43:c4:5a:3b:c7:4e:4a:
c3:90:97:f0:13:8f:12:5d:62:96:6e:b0:e8:3d:a0:
03:e7:77:2f:90:f7:ea:35:70:df:1d:5e:d3:3e:d6:
d6:3f:e9:44:fa:16:c8:61:2a:df:44:a8:2d:86:f5:
4f:66:f2:a6:cf:ae:89:72:5f:7c:cb:e0:57:3c:a5:
3a:4f:6e:26:c0:71:09:21:b8:62:de:a7:e2:91:77:
53:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:10:33:30:72:D7:62:55:01:56:8F:64:F6:F6:AE:01:9E:CE:FA:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecf71776-ef54-415b-8543-7ec55f9b1d9d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.44.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:ce:4f:06:93:65:3f:a4:76:4b:d5:27:91:57:a0:26:79:4d:
28:3b:ef:9c:5e:7b:dd:5f:7b:16:de:3b:e8:3b:ed:f3:68:8f:
4d:06:0a:6e:c2:3e:70:ef:64:c9:76:46:fe:28:9d:8d:be:5d:
db:c2:0d:88:a6:f0:ea:56:45:6b:2c:a2:3f:8c:6f:f4:70:40:
f8:0d:73:07:4b:25:68:23:b1:1b:02:8e:ce:e3:2a:bd:2f:a3:
a9:0f:e7:53:8c:ae:1c:97:5b:3d:c1:2a:f0:17:ce:d3:b3:ae:
70:3d:f6:78:46:b5:d7:01:14:8e:bb:37:3b:04:7e:a4:95:7e:
41:a5:8e:ad:9c:48:a8:0a:e1:47:05:a8:75:15:74:18:02:ec:
c1:32:d5:60:71:60:94:12:f7:4a:91:2b:7d:cb:8e:4e:b5:09:
a7:92:7d:0e:20:48:8d:c7:c3:d1:93:5d:51:3b:12:da:9c:04:
94:92:6f:24:73:e5:06:f0:f2:f8:3f:68:0e:04:d9:0a:c6:92:
65:50:fc:b0:45:f5:69:9d:a2:0c:83:cb:81:ff:26:c0:59:92:
6f:ac:b2:0d:eb:b7:a6:35:17:e8:39:48:b9:08:ca:31:d2:83:
1a:2a:16:3c:55:13:d7:49:b9:de:a5:a2:28:d2:6e:de:07:9a:
8b:5c:1c:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNAVDbaSH8okmY/r0eYr6ERywWpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMzFaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmYmFiOWU2MmZmNmI0ZDMzNjdkNzhjMzJmMzVhNmJiOWUxOTliNzA5NmY0
Y2QzMmViN2ViOGY2ZjBhMTM1ZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmYuZDXZXpplM6QJtmyNQcq670XL3MffhG7enVHiVL3ATJq1Yrq20BnN1dj
PfbI5FKPtCWxEhpPPMiHl/+MWQRFPlDuIb0aGm9KTo+55xrR5LsLi8EP3tWPal+T
dBEsl38ae73q6/ZWExJuUw1eo7Fz57F85sgybHT5XJWFNCxZ7qxnWf1JHkGA3GZW
kM3+vfk/2gFor7JfRMGspSpfAVoG5sG4y98lCiXmzAdDxFo7x05Kw5CX8BOPEl1i
lm6w6D2gA+d3L5D36jVw3x1e0z7W1j/pRPoWyGEq30SoLYb1T2byps+uiXJffMvg
VzylOk9uJsBxCSG4Yt6n4pF3U8MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRnEDMw
ctdiVQFWj2T29q4Bns760TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNmNzE3NzYtZWY1NC00MTViLTg1NDMtN2VjNTVmOWIxZDlkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMsMA0G
CSqGSIb3DQEBCwUAA4IBAQCNzk8Gk2U/pHZL1SeRV6AmeU0oO++cXnvdX3sW3jvo
O+3zaI9NBgpuwj5w72TJdkb+KJ2Nvl3bwg2IpvDqVkVrLKI/jG/0cED4DXMHSyVo
I7EbAo7O4yq9L6OpD+dTjK4cl1s9wSrwF87Ts65wPfZ4RrXXARSOuzc7BH6klX5B
pY6tnEioCuFHBah1FXQYAuzBMtVgcWCUEvdKkSt9y45OtQmnkn0OIEiNx8PRk11R
OxLanASUkm8kc+UG8PL4P2gOBNkKxpJlUPywRfVpnaIMg8uB/ybAWZJvrLIN67em
NRfoOUi5CMox0oMaKhY8VRPXSbnepaIo0m7eB5qLXBzz
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:22:59 2025 by rpki-client