Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
File: 5b05d201-6089-4826-a4dd-c7a9d71bd900.roa (raw, json)
Hash identifier: dIFMbyX0cm+dKTWPOJQHkuV4tL5FTfVB3SGAAqoI2x0=
Subject key identifier: 79:D2:06:C9:99:8F:89:D0:BD:FC:6B:88:C7:06:6B:A0:7E:31:D3:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 011029D6C7F39868A72B1800BC16DE543BA79D03
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
Signing time: Mon 21 Jul 2025 17:00:44 +0000
ROA not before: Mon 21 Jul 2025 17:00:44 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.102.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:10:29:d6:c7:f3:98:68:a7:2b:18:00:bc:16:de:54:3b:a7:9d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:44 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=2afdb3aaab4522c1456dd5a74d0ff094a12d23634f065cdaae95624b44b03cf3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:43:6d:35:20:85:52:84:74:c4:43:30:a9:f4:
e2:b8:60:73:37:f4:22:86:3d:cf:e8:e7:3d:93:0d:
92:86:42:5e:ef:2e:6b:f4:a9:2a:57:39:06:fc:45:
81:f5:b7:9c:10:ca:4e:65:3f:08:7a:63:1d:d0:5c:
02:ba:7a:5a:e8:45:e1:ce:80:3f:a3:98:71:f6:5a:
dc:b8:ba:ed:32:d5:98:30:5b:22:b4:ea:d9:a8:da:
85:d0:cf:dc:34:08:20:87:a8:5c:56:de:73:06:e5:
0a:55:3d:7c:7d:30:b0:30:21:1a:4f:4b:7a:74:02:
6a:52:22:1f:47:f8:45:80:d4:74:16:cc:65:e9:db:
7d:44:06:46:d6:1a:ef:6a:7c:ce:52:61:25:62:81:
9c:ec:01:07:d6:25:91:5d:56:db:46:1c:69:33:7c:
50:28:66:7a:bf:6a:08:50:d3:8b:0f:3c:4c:c5:c9:
28:62:94:7f:76:30:f1:4d:05:d4:3e:f4:fc:11:ec:
a4:7b:da:4a:59:4b:fd:2e:8b:27:33:e4:33:38:b2:
55:5e:bb:73:ff:93:01:ff:9f:a9:fe:ec:c0:96:01:
fc:69:1f:14:d8:26:3b:d1:b6:26:9e:08:be:2d:e5:
e3:db:ed:50:60:0c:1f:46:9b:65:26:23:e0:a0:a5:
48:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:D2:06:C9:99:8F:89:D0:BD:FC:6B:88:C7:06:6B:A0:7E:31:D3:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b05d201-6089-4826-a4dd-c7a9d71bd900.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.102.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:a1:1a:43:a8:4b:a0:76:27:bb:35:b0:5e:b6:33:fb:2e:42:
d6:e7:e1:18:41:95:06:fb:13:62:4e:72:37:3c:b8:19:9f:8d:
3b:93:c7:33:80:2f:9b:fc:dd:21:96:30:f2:0d:4c:94:78:33:
8f:7c:13:d0:1c:5d:12:62:0f:0e:32:58:26:64:4a:1c:32:af:
ea:35:54:96:a7:5a:db:c0:12:84:f3:79:90:62:aa:e5:4a:4a:
27:7e:a5:30:3a:d8:cc:70:14:03:22:6a:5e:ab:36:a1:e8:bc:
14:53:68:7f:b4:d3:15:77:2a:96:d7:19:50:6b:2b:5c:6f:81:
35:a9:88:65:91:87:fa:e5:6d:b3:28:30:ee:1d:ee:f6:27:45:
34:66:3b:85:8a:c3:d1:81:bb:c4:52:dc:f6:0f:1b:d4:6e:a4:
ea:85:73:82:fc:1e:18:a8:2a:00:b7:6d:7e:cd:6a:93:a0:3b:
58:f5:ad:6c:69:c8:cb:6b:98:e4:a3:ae:a2:8a:14:06:92:af:
dd:35:dd:98:ac:41:c4:89:c6:dc:58:57:5f:4c:a0:88:87:68:
ad:95:7a:9d:c7:9f:fe:2f:56:39:97:53:7a:83:8c:f8:21:82:
9b:46:71:ef:d8:bb:ff:28:56:8b:4c:4b:df:28:f0:ac:bf:6a:
81:b6:b5:30
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUARAp1sfzmGinKxgAvBbeVDunnQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZmRiM2FhYWI0NTIyYzE0NTZkZDVhNzRkMGZmMDk0YTEyZDIzNjM0ZjA2
NWNkYWFlOTU2MjRiNDRiMDNjZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdDbTUghVKEdMRDMKn04rhgczf0IoY9z+jnPZMNkoZCXu8ua/SpKlc5BvxF
gfW3nBDKTmU/CHpjHdBcArp6WuhF4c6AP6OYcfZa3Li67TLVmDBbIrTq2ajahdDP
3DQIIIeoXFbecwblClU9fH0wsDAhGk9LenQCalIiH0f4RYDUdBbMZenbfUQGRtYa
72p8zlJhJWKBnOwBB9YlkV1W20YcaTN8UChmer9qCFDTiw88TMXJKGKUf3Yw8U0F
1D70/BHspHvaSllL/S6LJzPkMziyVV67c/+TAf+fqf7swJYB/GkfFNgmO9G2Jp4I
vi3l49vtUGAMH0abZSYj4KClSHECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR50gbJ
mY+J0L38a4jHBmugfjHTHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWIwNWQyMDEtNjA4OS00ODI2LWE0ZGQtYzdhOWQ3MWJkOTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNmMA0G
CSqGSIb3DQEBCwUAA4IBAQBpoRpDqEugdie7NbBetjP7LkLW5+EYQZUG+xNiTnI3
PLgZn407k8czgC+b/N0hljDyDUyUeDOPfBPQHF0SYg8OMlgmZEocMq/qNVSWp1rb
wBKE83mQYqrlSkonfqUwOtjMcBQDImpeqzah6LwUU2h/tNMVdyqW1xlQaytcb4E1
qYhlkYf65W2zKDDuHe72J0U0ZjuFisPRgbvEUtz2DxvUbqTqhXOC/B4YqCoAt21+
zWqToDtY9a1sacjLa5jko66iihQGkq/dNd2YrEHEicbcWFdfTKCIh2itlXqdx5/+
L1Y5l1N6g4z4IYKbRnHv2Lv/KFaLTEvfKPCsv2qBtrUw
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:39:52 2025 by rpki-client