Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: U7dz9Wbt55l5ouK9zXLE0ELD6dhBc4YLK7wkpg7ZfB0=
Subject key identifier: BC:92:C7:61:1A:9D:9E:CD:14:E6:0E:EB:EC:91:DC:D4:38:FE:6B:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 014C8A78B8AFE84C18DF890D63768860AA450827
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Fri 11 Jul 2025 21:00:48 +0000
ROA not before: Fri 11 Jul 2025 21:00:48 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:4c:8a:78:b8:af:e8:4c:18:df:89:0d:63:76:88:60:aa:45:08:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:48 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=bf1efa23d11fd028b4bdc0e1c431112d5699c2006fa334d013a12c41ce182bce, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:29:3a:de:76:5e:13:4d:a0:f7:c4:85:cf:7c:
81:f2:35:f5:5e:33:5f:3a:8b:00:78:81:8c:41:46:
c8:fd:aa:ea:ee:cd:45:a1:ed:60:0b:93:41:54:79:
fb:22:13:46:9b:70:73:6d:36:13:80:bf:20:fb:7c:
0d:a3:ef:69:a6:39:e6:93:8b:b9:19:99:f1:67:dc:
a2:95:f0:17:04:90:79:06:19:b3:87:08:af:29:bd:
f1:ec:d5:d5:61:cc:ac:33:18:e3:ed:bb:0f:72:9b:
0b:af:e7:05:57:5c:43:7b:b1:12:8d:ff:3b:e4:96:
7a:7e:f8:b4:3e:34:6f:1b:00:6d:da:0c:d5:5f:b4:
45:01:9e:8a:f2:92:9b:36:ae:95:da:af:ee:c6:76:
cf:2c:08:f8:a1:2c:0b:7a:47:66:9b:36:db:e4:00:
2f:7b:e3:46:91:a9:67:fc:0a:85:db:d4:4d:e6:36:
82:35:df:d8:8f:0a:ae:73:8e:63:f0:52:87:55:ca:
01:2c:61:d5:1d:8f:04:a4:c6:39:53:7e:aa:31:be:
5f:ae:14:68:24:49:92:09:15:75:9b:2e:7d:e3:fd:
5d:ee:1f:76:b9:9c:15:ae:38:e8:96:ea:a6:3b:b8:
9a:1b:51:0b:f4:1b:74:a6:f8:fa:b4:45:15:03:ad:
47:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:92:C7:61:1A:9D:9E:CD:14:E6:0E:EB:EC:91:DC:D4:38:FE:6B:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
78:b7:f4:8f:41:5d:dc:14:9e:61:58:dd:fa:79:88:a7:a6:4a:
ea:17:be:30:9c:09:26:f1:80:bf:80:34:f3:0c:bb:51:49:72:
7d:35:4a:08:2a:74:19:fd:89:42:24:45:29:2f:f2:a4:a5:81:
57:86:fb:95:da:79:54:96:2d:13:d7:75:c0:17:e4:fe:4b:37:
5c:48:96:46:97:03:6a:c0:bb:a2:df:67:b7:f2:0b:68:9e:53:
b9:08:f6:58:63:2c:13:b4:aa:6a:03:d0:fb:94:3c:56:ee:0e:
fc:31:e2:52:d9:fd:08:00:91:e3:dc:ba:a6:6b:88:69:93:a7:
05:00:14:55:05:b2:b7:44:9e:18:34:c0:28:9a:d7:40:b2:f1:
d0:61:4e:58:51:b7:e2:b4:08:26:53:e2:b6:4e:e0:74:3e:f6:
15:c5:90:39:aa:6d:11:90:7a:67:a5:98:d9:e5:cf:0d:a8:82:
62:72:18:0e:9f:d3:40:8e:65:89:85:ed:62:51:bc:20:5d:10:
e9:57:f3:71:fa:64:f9:1e:64:02:a7:f1:7a:a6:a9:9b:5c:80:
68:ae:4a:d9:a1:9e:06:ee:3f:3c:81:f1:a9:6f:eb:37:01:79:
1f:53:96:f7:19:e4:d5:0a:17:20:87:73:1c:7a:46:a4:c1:fa:
a3:d0:dd:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAUyKeLiv6EwY34kNY3aIYKpFCCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmMWVmYTIzZDExZmQwMjhiNGJkYzBlMWM0MzExMTJkNTY5OWMyMDA2ZmEz
MzRkMDEzYTEyYzQxY2UxODJiY2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPQpOt52XhNNoPfEhc98gfI19V4zXzqLAHiBjEFGyP2q6u7NRaHtYAuTQVR5
+yITRptwc202E4C/IPt8DaPvaaY55pOLuRmZ8WfcopXwFwSQeQYZs4cIrym98ezV
1WHMrDMY4+27D3KbC6/nBVdcQ3uxEo3/O+SWen74tD40bxsAbdoM1V+0RQGeivKS
mzauldqv7sZ2zywI+KEsC3pHZps22+QAL3vjRpGpZ/wKhdvUTeY2gjXf2I8KrnOO
Y/BSh1XKASxh1R2PBKTGOVN+qjG+X64UaCRJkgkVdZsufeP9Xe4fdrmcFa446Jbq
pju4mhtRC/QbdKb4+rRFFQOtRwcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS8ksdh
Gp2ezRTmDuvskdzUOP5r3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQB4t/SPQV3cFJ5hWN36eYinpkrqF74wnAkm8YC/gDTz
DLtRSXJ9NUoIKnQZ/YlCJEUpL/KkpYFXhvuV2nlUli0T13XAF+T+SzdcSJZGlwNq
wLui32e38gtonlO5CPZYYywTtKpqA9D7lDxW7g78MeJS2f0IAJHj3Lqma4hpk6cF
ABRVBbK3RJ4YNMAomtdAsvHQYU5YUbfitAgmU+K2TuB0PvYVxZA5qm0RkHpnpZjZ
5c8NqIJichgOn9NAjmWJhe1iUbwgXRDpV/Nx+mT5HmQCp/F6pqmbXIBorkrZoZ4G
7j88gfGpb+s3AXkfU5b3GeTVChcgh3Mcekakwfqj0N3m
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:34:51 2025 by rpki-client