Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
File: 97585122-fbed-4029-849a-162097054103.roa (raw, json)
Hash identifier: ljPBwju/6iiy2mANARWhCZefLx7IzTqg3ak662zcnmw=
Subject key identifier: 59:33:4C:51:0D:C3:AA:92:6F:7D:C3:EF:DD:60:56:8C:3F:55:8E:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 10E49C6E66247D89424B47ED31C9D397C918D6B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
Signing time: Mon 21 Jul 2025 17:00:50 +0000
ROA not before: Mon 21 Jul 2025 17:00:50 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:e4:9c:6e:66:24:7d:89:42:4b:47:ed:31:c9:d3:97:c9:18:d6:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:50 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=f1fb7124e23bc7c11c5919ff76ccc6fcc337d979ceb680b0c12ca24af9fec08d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1c:4c:99:bc:ba:34:37:4b:45:aa:b5:14:3e:
c9:07:d5:58:00:5f:5a:2e:7c:f1:92:50:37:97:c7:
ac:d1:9d:55:94:1a:a5:8f:8e:c1:ee:61:60:44:99:
44:ad:55:80:80:95:68:fb:2b:e6:63:03:c2:d1:bf:
52:0f:86:93:7c:da:45:34:16:b3:af:7b:58:31:40:
e2:26:b5:9b:0f:27:cb:d4:b0:d7:dd:34:64:01:22:
8c:8b:66:da:c9:84:28:23:82:16:d7:dd:b3:65:3e:
24:36:2f:96:d2:61:db:39:e3:c2:2c:4c:2f:e9:58:
c7:df:21:0a:5d:25:cc:8c:02:53:dd:f7:55:2d:d8:
35:96:1d:2c:4c:1c:d1:ad:03:64:df:79:04:7a:de:
ea:29:0c:c6:c3:cd:55:7b:f8:fd:7a:7c:d0:63:e5:
81:a1:74:5e:25:31:57:18:5b:51:01:c1:33:b8:93:
d4:a1:a1:b5:79:bd:46:79:f9:3e:b3:e5:8e:a4:a6:
70:ee:0a:32:6a:6d:11:31:f4:68:a7:6a:76:84:fa:
0c:f5:c0:90:55:de:0d:7a:07:99:6d:af:77:10:bc:
ab:25:4b:1c:13:1a:11:b9:6e:5b:fb:3c:cc:88:ee:
5f:81:e8:0a:3a:01:96:9a:2f:ea:89:e4:41:23:85:
58:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:33:4C:51:0D:C3:AA:92:6F:7D:C3:EF:DD:60:56:8C:3F:55:8E:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97585122-fbed-4029-849a-162097054103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5f:05:10:cb:5a:fa:2d:31:3f:40:24:9d:d0:30:a9:72:0c:3d:
0a:2d:d9:e7:54:7c:48:41:63:be:3e:90:07:33:60:1c:65:06:
d0:7b:78:a0:36:e9:87:8f:e9:a7:bf:90:19:60:9e:28:86:c9:
9b:a0:d7:33:39:5d:12:f6:7b:6d:fc:5c:02:89:dd:35:7a:cc:
39:ab:b9:3b:24:61:58:d0:39:7e:2a:45:8e:29:20:e5:4e:c6:
50:9e:ae:df:b0:86:cf:7b:f2:f3:9e:48:16:24:20:49:5e:92:
6c:52:57:63:f8:9b:f3:69:e4:70:33:8d:cc:d6:fd:b8:5f:ba:
81:61:4d:3c:25:6a:16:5d:de:47:43:db:7a:2a:ab:5d:97:f3:
22:85:47:34:47:da:6f:a7:67:e8:82:cf:a5:2a:6c:c0:d8:d9:
fd:1f:c9:e4:f0:0a:7d:84:7b:34:0f:f2:82:88:af:8f:8b:fc:
ed:11:f6:69:03:86:69:1a:88:12:02:7e:dd:45:34:7c:2e:d3:
e2:39:ab:d2:b2:8b:37:b3:fd:a0:b8:05:73:9a:b9:1c:3d:a8:
0e:56:9d:78:31:31:ad:97:10:c5:40:e2:84:3b:e7:73:de:7b:
b1:e3:be:93:25:50:4e:42:7f:b4:9d:bd:62:2b:f6:e4:74:11:
ef:76:27:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEOScbmYkfYlCS0ftMcnTl8kY1rgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNTBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxZmI3MTI0ZTIzYmM3YzExYzU5MTlmZjc2Y2NjNmZjYzMzN2Q5NzljZWI2
ODBiMGMxMmNhMjRhZjlmZWMwOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEcTJm8ujQ3S0WqtRQ+yQfVWABfWi588ZJQN5fHrNGdVZQapY+Owe5hYESZ
RK1VgICVaPsr5mMDwtG/Ug+Gk3zaRTQWs697WDFA4ia1mw8ny9Sw1900ZAEijItm
2smEKCOCFtfds2U+JDYvltJh2znjwixML+lYx98hCl0lzIwCU933VS3YNZYdLEwc
0a0DZN95BHre6ikMxsPNVXv4/Xp80GPlgaF0XiUxVxhbUQHBM7iT1KGhtXm9Rnn5
PrPljqSmcO4KMmptETH0aKdqdoT6DPXAkFXeDXoHmW2vdxC8qyVLHBMaEbluW/s8
zIjuX4HoCjoBlpov6onkQSOFWP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZM0xR
DcOqkm99w+/dYFaMP1WONDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTc1ODUxMjItZmJlZC00MDI5LTg0OWEtMTYyMDk3MDU0MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQBfBRDLWvotMT9AJJ3QMKlyDD0KLdnnVHxIQWO+PpAH
M2AcZQbQe3igNumHj+mnv5AZYJ4ohsmboNczOV0S9ntt/FwCid01esw5q7k7JGFY
0Dl+KkWOKSDlTsZQnq7fsIbPe/LznkgWJCBJXpJsUldj+JvzaeRwM43M1v24X7qB
YU08JWoWXd5HQ9t6Kqtdl/MihUc0R9pvp2fogs+lKmzA2Nn9H8nk8Ap9hHs0D/KC
iK+Pi/ztEfZpA4ZpGogSAn7dRTR8LtPiOavSsos3s/2guAVzmrkcPagOVp14MTGt
lxDFQOKEO+dz3nux476TJVBOQn+0nb1iK/bkdBHvdidv
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:52:13 2025 by rpki-client