Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
File: 44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa (raw, json)
Hash identifier: m38BohO0mbG7pqhWjgSJqLcZULLPPyvnyjEqoHzRqnM=
Subject key identifier: 9D:A9:AF:4A:23:31:85:2E:A7:4D:89:AF:1C:E8:E9:B9:19:6E:E2:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26F25CC2BADA461CB108C031346B167505DEC356
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
Signing time: Mon 21 Jul 2025 17:00:48 +0000
ROA not before: Mon 21 Jul 2025 17:00:48 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.244.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:f2:5c:c2:ba:da:46:1c:b1:08:c0:31:34:6b:16:75:05:de:c3:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:48 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=99548cb0246d09f5729f4d7f8fad99cfed933ed8b09b07c0912f7a5dc4edef13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:26:83:38:f5:26:fc:d6:5b:d1:f2:33:04:58:
32:12:ae:c8:47:f5:fa:fe:56:af:bc:43:8a:d3:05:
9b:b9:d0:b7:77:16:cd:13:e4:51:39:1e:c2:4c:fa:
dc:2b:06:3a:eb:db:a2:47:e1:aa:61:ab:bc:5f:8a:
c7:23:d6:cb:60:7b:a3:6e:b6:ad:a6:fd:25:ef:bd:
4e:bd:6e:bf:38:26:8d:62:8d:80:d6:8c:bb:20:49:
c2:f6:5f:20:eb:b8:2a:1f:6e:e0:8b:6a:9e:7c:06:
4f:74:c9:ad:4c:5f:1c:1d:1f:9b:0c:c2:92:7c:0b:
66:2c:68:6c:9b:c1:74:10:6c:69:ce:90:60:e2:10:
f3:22:1a:88:d2:09:b2:70:3b:af:e7:bb:80:88:57:
c4:d0:ca:fa:ba:a2:03:d5:a0:80:81:05:78:40:30:
71:95:93:71:ce:49:3f:fa:3d:4c:1c:5b:25:df:ec:
2f:2f:51:d0:9a:10:14:2e:1c:40:68:08:73:1f:bd:
29:56:69:3d:da:cb:8f:4c:f8:93:d2:a8:6b:42:31:
37:4d:52:ea:a4:0a:5b:63:93:5e:95:5a:67:bf:a2:
bc:1c:29:2c:d2:3a:8c:fe:bf:10:39:8d:67:b4:2b:
e2:45:b8:d0:b2:1d:3f:6b:55:6a:b7:2e:ed:56:04:
67:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A9:AF:4A:23:31:85:2E:A7:4D:89:AF:1C:E8:E9:B9:19:6E:E2:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44bb00cc-3dee-4cf6-8de9-2febfa0f0f6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.244.0.0/15
Signature Algorithm: sha256WithRSAEncryption
98:2a:fc:d9:55:8b:94:36:01:76:1a:a7:9b:dd:7a:8c:ca:c5:
28:2f:cf:93:37:2c:21:0b:70:ca:68:34:e0:a2:82:43:98:91:
63:de:48:31:c4:05:56:66:46:a6:bf:c9:ee:36:f4:6d:17:ad:
0c:4a:15:c1:20:13:d5:c1:af:0a:b7:8e:5d:f6:05:e6:0a:51:
08:b1:da:f2:92:fe:5c:a2:39:ed:98:76:bc:74:58:f1:2f:0e:
5b:5d:14:11:fe:eb:c9:84:df:3d:1d:3d:f2:74:8a:f4:8c:dd:
87:d9:af:1a:a0:0e:75:f1:f6:ec:7c:13:8d:3e:57:36:80:ad:
9e:1b:90:b2:b5:9c:aa:a0:d2:96:e2:88:62:3c:f0:4c:2f:a3:
67:df:03:ae:49:a8:73:75:1f:14:ce:55:ab:5e:7b:a0:22:61:
d4:cb:22:dd:07:17:b7:f2:86:59:af:8c:26:36:21:ae:53:4f:
fb:2b:16:92:73:4d:26:64:87:44:96:09:33:a2:b3:67:b7:86:
dc:02:6b:b5:bc:e6:df:03:8a:b9:de:5c:05:45:27:7b:e8:22:
d4:c6:21:c5:4b:b9:2d:23:1a:b2:15:26:b1:59:05:69:d8:27:
5e:d9:c3:fd:fc:3b:2a:0e:c1:9f:9f:79:5c:03:ba:20:9c:3c:
d0:31:2a:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJvJcwrraRhyxCMAxNGsWdQXew1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDhaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NTQ4Y2IwMjQ2ZDA5ZjU3MjlmNGQ3ZjhmYWQ5OWNmZWQ5MzNlZDhiMDli
MDdjMDkxMmY3YTVkYzRlZGVmMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ0mgzj1JvzWW9HyMwRYMhKuyEf1+v5Wr7xDitMFm7nQt3cWzRPkUTkewkz6
3CsGOuvbokfhqmGrvF+KxyPWy2B7o262rab9Je+9Tr1uvzgmjWKNgNaMuyBJwvZf
IOu4Kh9u4ItqnnwGT3TJrUxfHB0fmwzCknwLZixobJvBdBBsac6QYOIQ8yIaiNIJ
snA7r+e7gIhXxNDK+rqiA9WggIEFeEAwcZWTcc5JP/o9TBxbJd/sLy9R0JoQFC4c
QGgIcx+9KVZpPdrLj0z4k9Koa0IxN01S6qQKW2OTXpVaZ7+ivBwpLNI6jP6/EDmN
Z7Qr4kW40LIdP2tVarcu7VYEZ30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSdqa9K
IzGFLqdNia8c6Om5GW7ihTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRiYjAwY2MtM2RlZS00Y2Y2LThkZTktMmZlYmZhMGYwZjZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP0MA0G
CSqGSIb3DQEBCwUAA4IBAQCYKvzZVYuUNgF2Gqeb3XqMysUoL8+TNywhC3DKaDTg
ooJDmJFj3kgxxAVWZkamv8nuNvRtF60MShXBIBPVwa8Kt45d9gXmClEIsdrykv5c
ojntmHa8dFjxLw5bXRQR/uvJhN89HT3ydIr0jN2H2a8aoA518fbsfBONPlc2gK2e
G5CytZyqoNKW4ohiPPBML6Nn3wOuSahzdR8UzlWrXnugImHUyyLdBxe38oZZr4wm
NiGuU0/7KxaSc00mZIdElgkzorNnt4bcAmu1vObfA4q53lwFRSd76CLUxiHFS7kt
IxqyFSaxWQVp2Cde2cP9/DsqDsGfn3lcA7ognDzQMSoR
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:29 2025 by rpki-client