Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
File: 4911793e-4031-4d2f-be54-a38fc617b3c5.roa (raw, json)
Hash identifier: e4OlG68ZXUP2Zh3NtIk9CvebGStSFi1pT+gGfnhwBSs=
Subject key identifier: 31:02:3E:5F:1A:25:C9:3C:E9:D7:49:E4:9E:59:53:54:26:BC:C6:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5AD18C3B2E6FC305EFDB9DFA650A2ECF4DA44143
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
Signing time: Fri 11 Jul 2025 20:50:14 +0000
ROA not before: Fri 11 Jul 2025 20:50:14 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:d1:8c:3b:2e:6f:c3:05:ef:db:9d:fa:65:0a:2e:cf:4d:a4:41:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:14 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5bc8067c73bd0313fe2ac12c52fc78b6c0859216fd869777a275e0225143f7d2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:05:cc:88:26:9b:89:a5:8d:a4:52:5f:10:2a:
c9:6b:6b:05:61:fe:60:b2:95:42:94:98:6d:75:88:
0c:af:f5:ab:5a:e0:e6:9e:e6:0e:ac:1e:47:98:eb:
63:77:dc:06:f7:c5:aa:1b:f9:b2:ee:c7:1b:63:e6:
f1:22:19:de:6d:07:68:19:76:56:4e:94:5e:ba:f5:
9a:4b:91:89:fe:2b:b5:d4:a3:c5:f6:79:c1:a7:ab:
a0:5f:8b:ba:f6:be:56:a1:c0:aa:c1:c1:37:86:68:
b9:6a:df:e3:6c:fe:29:f1:43:23:7f:46:a5:aa:3a:
b1:fc:21:13:e5:81:d4:89:fb:1e:cd:9a:c9:a8:76:
78:07:0c:a3:5e:26:50:c7:2b:75:41:af:55:67:be:
32:fb:66:82:78:10:e2:d6:3d:c4:06:2b:07:f8:5a:
89:42:ca:40:23:2c:f6:c0:ba:da:c6:7f:6b:1d:0f:
4b:04:f4:e1:30:fe:a8:3e:4f:57:98:2e:45:82:37:
a6:f6:a9:a9:44:e2:ba:0a:e0:b5:08:40:03:30:75:
2e:dc:6b:bc:e1:2b:7b:15:2b:a2:95:55:8c:0e:7d:
c1:ad:0b:0a:14:5c:e6:f3:de:28:84:06:e7:7d:3d:
e0:c5:1a:3a:cd:6f:90:07:e8:9b:bf:f8:d1:d3:a7:
ab:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:3E:5F:1A:25:C9:3C:E9:D7:49:E4:9E:59:53:54:26:BC:C6:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4911793e-4031-4d2f-be54-a38fc617b3c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:9c:a7:5a:60:98:67:e7:55:d1:a3:ef:1a:94:60:86:ed:c3:
1f:68:e7:30:7d:96:c1:9f:d3:95:16:60:fa:7b:81:6a:de:c9:
43:42:19:8a:73:62:69:ca:a7:fe:1f:88:ba:3f:06:42:2f:c3:
fb:2a:02:a0:29:2b:9b:e4:a3:0b:49:aa:6e:2f:98:5f:a7:4e:
ca:11:8c:ba:7a:b4:7f:74:b8:42:84:e0:40:8f:47:f4:72:e2:
50:3d:4d:83:50:56:0b:b0:32:74:f0:22:9d:d5:16:c4:62:95:
2f:1b:08:9d:b8:93:ea:09:ba:e4:63:15:be:31:85:be:b6:c6:
36:c1:e9:d9:39:ec:da:be:d6:1c:09:38:a8:82:9e:fa:ee:9b:
a3:5f:a8:02:a5:77:c1:37:f4:53:b9:92:c3:7d:a2:89:f8:34:
f9:9b:d7:6d:0b:0d:b0:da:27:3e:1f:7b:2d:92:0d:02:fa:30:
2f:67:0f:c4:1e:eb:fb:d3:63:9f:9b:d1:72:35:1c:b6:45:03:
44:66:f9:e5:f7:e0:1f:fa:21:aa:b9:a5:ca:4f:c6:8a:22:e9:
0d:fd:bc:c5:50:e0:9c:03:0d:00:c1:e3:5d:79:ce:58:98:03:
ab:ee:70:67:6c:19:62:b1:96:b2:8e:50:0f:8b:84:33:08:6a:
ff:ec:db:44
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWtGMOy5vwwXv2536ZQouz02kQUMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDViYzgwNjdjNzNiZDAzMTNmZTJhYzEyYzUyZmM3OGI2YzA4NTkyMTZmZDg2
OTc3N2EyNzVlMDIyNTE0M2Y3ZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKYFzIgmm4mljaRSXxAqyWtrBWH+YLKVQpSYbXWIDK/1q1rg5p7mDqweR5jr
Y3fcBvfFqhv5su7HG2Pm8SIZ3m0HaBl2Vk6UXrr1mkuRif4rtdSjxfZ5waeroF+L
uva+VqHAqsHBN4ZouWrf42z+KfFDI39Gpao6sfwhE+WB1In7Hs2ayah2eAcMo14m
UMcrdUGvVWe+MvtmgngQ4tY9xAYrB/haiULKQCMs9sC62sZ/ax0PSwT04TD+qD5P
V5guRYI3pvapqUTiugrgtQhAAzB1LtxrvOErexUropVVjA59wa0LChRc5vPeKIQG
53094MUaOs1vkAfom7/40dOnq+0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQxAj5f
GiXJPOnXSeSeWVNUJrzGazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDkxMTc5M2UtNDAzMS00ZDJmLWJlNTQtYTM4ZmM2MTdiM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQB8nKdaYJhn51XRo+8alGCG7cMfaOcwfZbBn9OVFmD6
e4Fq3slDQhmKc2Jpyqf+H4i6PwZCL8P7KgKgKSub5KMLSapuL5hfp07KEYy6erR/
dLhChOBAj0f0cuJQPU2DUFYLsDJ08CKd1RbEYpUvGwiduJPqCbrkYxW+MYW+tsY2
wenZOezavtYcCTiogp767pujX6gCpXfBN/RTuZLDfaKJ+DT5m9dtCw2w2ic+H3st
kg0C+jAvZw/EHuv702Ofm9FyNRy2RQNEZvnl9+Af+iGquaXKT8aKIukN/bzFUOCc
Aw0AweNdec5YmAOr7nBnbBlisZayjlAPi4QzCGr/7NtE
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:49:51 2025 by rpki-client