Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
File: faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa (raw, json)
Hash identifier: GqPBFdgHT9J9xjUMKzxgOiE72QX4VWGB/T6sv2G1Qzs=
Subject key identifier: D8:2A:20:45:3B:BF:D8:DB:DA:23:B0:2E:BA:B0:BC:01:37:68:6B:BA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 639F2D9A2818000E2EF0F885223E1D8230183696
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
Signing time: Tue 17 Jun 2025 00:50:25 +0000
ROA not before: Tue 17 Jun 2025 00:50:25 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:9f:2d:9a:28:18:00:0e:2e:f0:f8:85:22:3e:1d:82:30:18:36:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:25 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=612d96a9704e3d7fd2fc0586a5f4567e1f3ac5ee2691d7ffe8d018f02ca317ce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:42:20:57:56:be:3e:be:e6:b1:b0:b8:1b:18:
d1:90:80:c9:12:8d:94:d2:1c:be:68:73:66:3b:50:
f5:ec:33:12:0a:ff:87:74:ef:fc:77:81:3a:71:33:
a4:46:af:4a:b9:74:3d:99:f1:d5:7b:eb:17:cc:4d:
7d:f0:c0:98:3a:db:5e:d5:7b:3f:c5:1f:be:a6:23:
d4:dc:39:e7:82:64:d0:34:b5:b8:76:ef:09:24:ff:
29:94:d8:36:5c:b1:5b:59:86:46:c8:fe:bb:a3:f3:
6a:26:8b:bd:cb:e2:6a:27:7c:05:0e:3a:51:77:d4:
aa:1f:08:8e:cb:87:19:dc:81:b4:0c:55:78:35:f3:
cc:0a:a6:ff:24:b7:13:30:51:43:d5:74:06:86:5a:
d4:7d:2e:dc:44:99:f4:7a:3c:62:cc:3a:30:e7:7b:
cd:ca:3d:a1:20:f7:c8:ca:27:27:fe:86:dc:46:a7:
16:bb:1b:c3:e3:86:b7:8a:fe:ed:e0:aa:16:06:ca:
62:58:4c:e0:a4:62:9d:e2:da:9e:8d:4b:fa:90:cb:
19:9a:9a:6e:f9:db:61:ca:a5:14:49:7a:2a:ca:bf:
91:e4:d7:d2:0b:1c:07:0d:2f:82:c8:f6:2b:de:73:
d3:14:ed:07:6a:51:f0:1d:87:b3:58:86:eb:ed:3b:
4b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:2A:20:45:3B:BF:D8:DB:DA:23:B0:2E:BA:B0:BC:01:37:68:6B:BA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/faa5ec1e-61dd-4ddb-a08f-0b29cab481e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.240.0/22
Signature Algorithm: sha256WithRSAEncryption
31:dd:2a:eb:7e:59:7b:33:9c:1a:1c:6a:3e:1c:9b:0a:56:97:
a5:f5:10:ca:25:1b:7e:74:43:bb:35:56:ed:85:b3:bd:07:04:
dc:3d:5b:1b:bf:4d:17:11:3b:55:03:e7:db:42:5a:46:38:6a:
34:ab:73:86:83:52:80:b5:e0:5d:c3:b6:6b:fa:39:53:1c:fe:
14:8d:96:5c:9f:5c:82:61:8b:35:95:19:fe:ad:7c:97:b9:6a:
ca:a0:14:72:b9:be:48:94:f0:3b:8c:62:7a:78:c1:41:a4:15:
a2:9f:80:89:73:7a:fd:ed:77:ae:1c:47:d1:bd:af:39:eb:ae:
db:11:95:4e:2c:a1:b4:ec:20:c0:87:2a:48:81:4a:71:6c:9f:
d4:8e:27:6f:de:44:89:71:14:a4:c3:c2:ec:5e:cf:a0:d0:f6:
66:fd:2a:0f:12:f4:ac:48:09:a8:3a:26:85:df:e2:ed:ff:8f:
5f:66:79:d9:b9:84:90:f2:dc:bc:d8:e3:3a:8c:78:9c:60:2b:
76:97:1a:1e:cb:c0:e2:31:e2:63:b3:87:a0:1b:e2:5b:68:c5:
4f:e6:68:5e:09:7b:9a:c2:3d:18:74:e1:a3:05:9b:b8:78:d2:
3e:a6:93:8e:12:cb:74:5c:0e:08:ba:e8:db:7b:95:78:03:25:
69:4b:2b:0e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY58tmigYAA4u8PiFIj4dgjAYNpYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMjVaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxMmQ5NmE5NzA0ZTNkN2ZkMmZjMDU4NmE1ZjQ1NjdlMWYzYWM1ZWUyNjkx
ZDdmZmU4ZDAxOGYwMmNhMzE3Y2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxCIFdWvj6+5rGwuBsY0ZCAyRKNlNIcvmhzZjtQ9ewzEgr/h3Tv/HeBOnEz
pEavSrl0PZnx1XvrF8xNffDAmDrbXtV7P8UfvqYj1Nw554Jk0DS1uHbvCST/KZTY
NlyxW1mGRsj+u6PzaiaLvcviaid8BQ46UXfUqh8IjsuHGdyBtAxVeDXzzAqm/yS3
EzBRQ9V0BoZa1H0u3ESZ9Ho8Ysw6MOd7zco9oSD3yMonJ/6G3EanFrsbw+OGt4r+
7eCqFgbKYlhM4KRineLano1L+pDLGZqabvnbYcqlFEl6Ksq/keTX0gscBw0vgsj2
K95z0xTtB2pR8B2Hs1iG6+07Sw0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTYKiBF
O7/Y29ojsC66sLwBN2hrujAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmFhNWVjMWUtNjFkZC00ZGRiLWEwOGYtMGIyOWNhYjQ4MWUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAjMQ8DAN
BgkqhkiG9w0BAQsFAAOCAQEAMd0q635ZezOcGhxqPhybClaXpfUQyiUbfnRDuzVW
7YWzvQcE3D1bG79NFxE7VQPn20JaRjhqNKtzhoNSgLXgXcO2a/o5Uxz+FI2WXJ9c
gmGLNZUZ/q18l7lqyqAUcrm+SJTwO4xienjBQaQVop+AiXN6/e13rhxH0b2vOeuu
2xGVTiyhtOwgwIcqSIFKcWyf1I4nb95EiXEUpMPC7F7PoND2Zv0qDxL0rEgJqDom
hd/i7f+PX2Z52bmEkPLcvNjjOox4nGArdpcaHsvA4jHiY7OHoBviW2jFT+ZoXgl7
msI9GHThowWbuHjSPqaTjhLLdFwOCLro23uVeAMlaUsrDg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:56:42 2025 by rpki-client