
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
File: 993731a0-abe8-41b9-bad3-ce7852d4f117.roa (raw, json)
Hash identifier: Y5cINEDmRGFxqGrRElgkmFPmbFoxYJLyHyBMP/xUAUQ=
Subject key identifier: 2D:94:84:0C:F6:69:37:FE:BF:C7:C2:D2:DC:0B:B8:6B:87:77:EF:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44018888876AC857B63D1E48CFB17759DC22D2C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
Signing time: Fri 11 Jul 2025 21:01:17 +0000
ROA not before: Fri 11 Jul 2025 21:01:17 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.34.0.0/15 maxlen: 15
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:01:88:88:87:6a:c8:57:b6:3d:1e:48:cf:b1:77:59:dc:22:d2:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:01:17 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=496f6775fe9e4dccaf51e5a783fec3ffd15038bb43db044b9fecb4d92164011c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:54:90:74:bc:59:a7:49:ff:b6:e6:6c:ec:df:
5f:78:0c:ca:19:78:4d:2a:31:87:41:ac:07:d3:8f:
a5:67:f3:f2:bb:b2:a7:e0:92:34:a1:d4:02:fb:1d:
8d:c1:45:42:93:e1:43:79:d3:10:14:28:09:29:0a:
54:29:46:69:12:67:a5:d6:ad:27:56:4c:db:c0:89:
9a:19:01:90:b9:da:e3:5b:71:a4:02:91:6d:29:eb:
dd:6a:9c:f9:cc:1d:33:c2:f2:4e:36:48:bb:fb:6d:
30:b7:c7:0f:a4:07:27:5b:43:4f:a3:84:52:d7:af:
7c:ee:06:d9:04:bc:26:51:8c:5c:bd:2b:f8:26:c8:
13:7b:fb:d9:41:24:60:f5:63:4d:b9:a8:6f:78:fd:
2d:c8:86:06:b9:7f:79:12:51:e7:62:7f:66:b9:ce:
b5:f4:99:f9:ab:34:a5:4f:09:6c:98:dc:2c:11:3f:
e7:2e:c9:ad:c0:bf:11:cb:ef:71:55:cc:88:b2:14:
42:08:42:72:b6:f5:c6:7b:a8:d9:34:27:40:1f:85:
14:10:bf:55:28:1a:2d:e9:1d:d4:e9:d2:d4:9e:00:
9a:c1:20:96:0a:17:63:9b:c9:80:81:fd:41:b3:84:
98:b2:ef:fa:73:67:d9:57:5d:a3:c8:e0:9b:82:05:
cd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:94:84:0C:F6:69:37:FE:BF:C7:C2:D2:DC:0B:B8:6B:87:77:EF:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/993731a0-abe8-41b9-bad3-ce7852d4f117.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
38:9e:a0:96:68:29:9f:5b:70:1c:1d:5d:16:87:3c:db:93:19:
53:63:ce:77:61:4f:23:0f:ab:31:15:b3:13:a3:85:28:42:59:
6f:c3:ad:7a:05:0e:6f:c1:1c:3d:32:5c:d2:b2:b2:a8:bc:29:
0f:30:09:2f:ba:d7:b4:74:bc:c5:cc:8e:8c:f7:f1:bb:40:86:
60:04:a4:e6:29:66:06:dc:c6:2d:59:3a:19:c9:76:95:6a:90:
49:9a:5e:bb:97:98:2b:ba:0c:a6:78:8d:f7:5f:ef:27:9c:a9:
1b:ce:07:43:71:92:e4:d5:37:bf:f5:48:86:31:01:4f:21:6f:
28:d3:88:ca:b4:f3:ac:2b:04:cb:b0:a4:c4:33:35:f3:bd:db:
e1:fd:06:7f:e6:9b:d4:44:d9:a5:7c:8b:f0:ff:a0:f1:48:da:
b6:d3:dc:0f:46:1e:d3:77:73:85:1b:99:6c:84:1f:0c:86:7f:
86:2d:e3:7a:d0:36:67:b9:07:29:7a:70:bc:88:c4:bb:59:40:
a3:ae:76:8a:2d:66:68:3a:51:85:1f:46:a9:65:f8:32:46:30:
65:b1:64:ab:e3:07:6f:dc:86:e2:46:8e:dc:f9:9b:36:b2:b3:
b0:0e:40:3a:2f:7f:9a:41:90:b9:14:21:16:9a:18:e1:28:ea:
6a:be:49:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURAGIiIdqyFe2PR5Iz7F3Wdwi0sUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAxMTdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5NmY2Nzc1ZmU5ZTRkY2NhZjUxZTVhNzgzZmVjM2ZmZDE1MDM4YmI0M2Ri
MDQ0YjlmZWNiNGQ5MjE2NDAxMWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9UkHS8WadJ/7bmbOzfX3gMyhl4TSoxh0GsB9OPpWfz8ruyp+CSNKHUAvsd
jcFFQpPhQ3nTEBQoCSkKVClGaRJnpdatJ1ZM28CJmhkBkLna41txpAKRbSnr3Wqc
+cwdM8LyTjZIu/ttMLfHD6QHJ1tDT6OEUtevfO4G2QS8JlGMXL0r+CbIE3v72UEk
YPVjTbmob3j9LciGBrl/eRJR52J/ZrnOtfSZ+as0pU8JbJjcLBE/5y7JrcC/Ecvv
cVXMiLIUQghCcrb1xnuo2TQnQB+FFBC/VSgaLekd1OnS1J4AmsEglgoXY5vJgIH9
QbOEmLLv+nNn2Vddo8jgm4IFzT0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQtlIQM
9mk3/r/HwtLcC7hrh3fvlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTkzNzMxYTAtYWJlOC00MWI5LWJhZDMtY2U3ODUyZDRmMTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQA4nqCWaCmfW3AcHV0WhzzbkxlTY853YU8jD6sxFbMT
o4UoQllvw616BQ5vwRw9MlzSsrKovCkPMAkvute0dLzFzI6M9/G7QIZgBKTmKWYG
3MYtWToZyXaVapBJml67l5grugymeI33X+8nnKkbzgdDcZLk1Te/9UiGMQFPIW8o
04jKtPOsKwTLsKTEMzXzvdvh/QZ/5pvURNmlfIvw/6DxSNq209wPRh7Td3OFG5ls
hB8Mhn+GLeN60DZnuQcpenC8iMS7WUCjrnaKLWZoOlGFH0apZfgyRjBlsWSr4wdv
3IbiRo7c+Zs2srOwDkA6L3+aQZC5FCEWmhjhKOpqvkkx
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:52:56 2025 by rpki-client