
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
File: 709c8cf6-9d5d-47d6-8b70-40eff8390658.roa (raw, json)
Hash identifier: t3AGnYW0BX9Do3zFalsf5674B1PsYZN7JfD23HTeDYE=
Subject key identifier: 5A:6E:54:FF:6B:A0:B5:FD:1D:25:EA:9B:94:B9:28:C8:17:54:49:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 46594E77A5CB8E1DC1A4C106E1F8435884AD29F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
Signing time: Fri 11 Jul 2025 21:01:09 +0000
ROA not before: Fri 11 Jul 2025 21:01:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.220.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:59:4e:77:a5:cb:8e:1d:c1:a4:c1:06:e1:f8:43:58:84:ad:29:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6b33eb743f9aaae9d3a07f4cc7ebab522f6522ced7c7676edf407af282d608a5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:91:88:c2:76:2e:9d:24:4e:47:7f:a3:ee:23:
f2:05:8b:a5:7d:22:5e:7d:1e:78:87:b8:27:82:2a:
36:a2:7e:9c:03:b6:07:28:00:62:5d:37:ee:7f:95:
30:f3:67:1c:96:1b:02:98:22:55:e0:4a:18:f2:6d:
ac:d0:e7:43:10:29:aa:3c:f2:bf:47:cb:af:d8:6f:
04:84:a4:97:25:47:c6:91:eb:6f:d9:c7:8b:af:30:
26:3c:96:4f:ff:0a:cb:e0:c0:40:d9:23:92:3e:a5:
a6:9c:ef:b4:5a:d3:7b:47:2f:de:c3:7b:58:62:3d:
95:42:c1:33:ce:8c:78:39:9b:55:48:7c:9e:60:85:
9e:57:49:5a:b6:b5:26:68:79:fd:06:fa:32:2c:b0:
ae:d7:87:42:23:b4:07:f7:6a:a5:f5:32:0b:cd:fc:
87:d6:eb:87:12:9f:5f:82:c6:30:a2:ba:c8:bd:5a:
a8:1a:ba:d0:d6:e1:b6:75:57:a9:97:a3:06:7a:5e:
8b:d4:f0:3f:56:39:bf:cc:2a:cc:0d:a8:b0:d8:69:
14:eb:95:a4:e5:49:6f:d5:c6:1c:7c:2a:76:1d:c9:
eb:46:63:e5:6a:b6:80:30:23:a4:6f:85:48:42:78:
5c:b6:22:1c:4b:89:7c:a4:be:2f:8e:78:e6:cc:20:
42:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:6E:54:FF:6B:A0:B5:FD:1D:25:EA:9B:94:B9:28:C8:17:54:49:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/709c8cf6-9d5d-47d6-8b70-40eff8390658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.220.0.0/15
Signature Algorithm: sha256WithRSAEncryption
33:52:df:d6:93:73:6b:e3:4b:f9:98:ac:9f:5b:c7:53:2b:b3:
73:b7:ce:bb:1a:c9:c0:69:03:92:0d:da:bf:30:b7:20:8c:f5:
65:cd:e7:c7:7f:c6:40:8a:c3:9a:57:d4:b8:d1:b4:44:ae:45:
a9:d8:4e:6c:83:e8:88:fa:d7:07:68:b0:78:95:03:91:bb:27:
ca:8d:94:6c:02:c6:e1:2d:ad:61:8b:44:e1:2e:7d:9a:15:15:
10:9b:2c:76:11:05:f7:61:47:0c:29:a3:3f:88:ff:ff:36:55:
24:7c:57:b2:86:98:20:ac:1e:98:5f:fc:8c:04:dc:53:2e:f8:
dd:d5:49:23:56:e0:f5:d9:23:ed:fc:a0:68:15:c1:71:40:c4:
37:b8:18:d8:92:92:44:20:a0:ff:e4:e6:e0:77:dd:d0:84:6f:
82:6e:f9:26:6b:9f:64:1a:60:8d:bd:54:55:19:d9:28:1e:b4:
53:90:43:9a:74:32:65:1a:88:5e:ee:84:0c:e5:4a:96:b4:35:
c2:2a:ec:8e:aa:a5:4e:60:37:3b:e9:2e:e4:af:5a:8d:43:a6:
3b:6d:da:e2:70:27:c9:60:d9:c3:26:cc:8f:e8:4e:47:c9:c3:
e7:f9:7f:e8:28:ef:fa:2a:56:9c:57:13:6d:48:f1:b7:90:e5:
18:10:0d:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURllOd6XLjh3BpMEG4fhDWIStKfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZiMzNlYjc0M2Y5YWFhZTlkM2EwN2Y0Y2M3ZWJhYjUyMmY2NTIyY2VkN2M3
Njc2ZWRmNDA3YWYyODJkNjA4YTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmRiMJ2Lp0kTkd/o+4j8gWLpX0iXn0eeIe4J4IqNqJ+nAO2BygAYl037n+V
MPNnHJYbApgiVeBKGPJtrNDnQxApqjzyv0fLr9hvBISklyVHxpHrb9nHi68wJjyW
T/8Ky+DAQNkjkj6lppzvtFrTe0cv3sN7WGI9lULBM86MeDmbVUh8nmCFnldJWra1
Jmh5/Qb6MiywrteHQiO0B/dqpfUyC838h9brhxKfX4LGMKK6yL1aqBq60NbhtnVX
qZejBnpei9TwP1Y5v8wqzA2osNhpFOuVpOVJb9XGHHwqdh3J60Zj5Wq2gDAjpG+F
SEJ4XLYiHEuJfKS+L4545swgQokCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRablT/
a6C1/R0l6puUuSjIF1RJBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzA5YzhjZjYtOWQ1ZC00N2Q2LThiNzAtNDBlZmY4MzkwNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPcMA0G
CSqGSIb3DQEBCwUAA4IBAQAzUt/Wk3Nr40v5mKyfW8dTK7Nzt867GsnAaQOSDdq/
MLcgjPVlzefHf8ZAisOaV9S40bRErkWp2E5sg+iI+tcHaLB4lQORuyfKjZRsAsbh
La1hi0ThLn2aFRUQmyx2EQX3YUcMKaM/iP//NlUkfFeyhpggrB6YX/yMBNxTLvjd
1UkjVuD12SPt/KBoFcFxQMQ3uBjYkpJEIKD/5Obgd93QhG+Cbvkma59kGmCNvVRV
GdkoHrRTkEOadDJlGohe7oQM5UqWtDXCKuyOqqVOYDc76S7kr1qNQ6Y7bdricCfJ
YNnDJsyP6E5HycPn+X/oKO/6KlacVxNtSPG3kOUYEA2D
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:52:45 2025 by rpki-client