Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
File: c2c395e2-491c-4141-ba1e-1b3717841063.roa (raw, json)
Hash identifier: sA9VVFfZv3Z8XbU2buJOpr9+1U3JUS2wmRnC+82BxDM=
Subject key identifier: 3A:90:13:50:AC:4E:77:83:FE:F2:5D:00:8D:05:3E:F2:C3:E3:E3:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30FCC2E34DAFF05B5AC000F9668C48839A844C3C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
Signing time: Fri 11 Jul 2025 21:00:15 +0000
ROA not before: Fri 11 Jul 2025 21:00:15 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:fc:c2:e3:4d:af:f0:5b:5a:c0:00:f9:66:8c:48:83:9a:84:4c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:15 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=b75d52a013d1e5d353cbe1339959013b8de615971b47822ffad62dadb53256b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:57:c8:a3:99:04:43:2d:dc:f1:1f:f5:f8:
e3:09:9d:4c:e6:9b:95:e6:cd:8d:87:bb:cb:00:0d:
70:3d:78:a0:da:35:6d:70:2a:e5:cb:67:b8:cf:44:
d2:82:44:ce:e6:26:a0:d0:55:bf:01:04:7d:4e:18:
6f:59:0f:d5:ff:a9:db:90:3a:1f:7f:8a:d6:d7:29:
b3:39:11:b6:3e:45:27:e9:50:13:d3:ee:36:6c:10:
63:b4:39:f5:73:93:ac:a4:37:b1:c5:70:ff:8f:21:
5f:c0:4d:7c:18:26:5e:5d:29:a3:49:2c:f8:e7:ae:
13:1f:13:8c:2e:b9:e2:23:e7:cd:9b:a7:4a:04:b8:
18:86:1a:82:6b:67:24:4b:36:2c:b9:b3:1e:53:78:
a6:80:61:a5:b3:40:59:a0:8e:86:41:61:2b:20:62:
ca:a8:ca:74:22:15:22:e2:d3:f5:67:5b:4d:58:65:
e0:17:7c:ec:f7:65:1a:dd:94:ea:75:16:be:ee:14:
62:17:ae:35:dc:03:75:78:cc:a9:48:10:be:82:c4:
03:a7:34:c5:6e:36:03:3c:d2:18:13:17:fe:e6:3d:
08:5e:a2:f0:7d:4e:cd:28:4c:d4:1a:a0:12:d5:64:
ff:d4:0e:dd:cb:dc:ed:45:9b:92:9b:a1:21:20:25:
d3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:90:13:50:AC:4E:77:83:FE:F2:5D:00:8D:05:3E:F2:C3:E3:E3:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c2c395e2-491c-4141-ba1e-1b3717841063.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
4d:17:7a:f4:34:ee:22:44:1e:30:ae:a0:05:bd:e9:e1:5e:9d:
94:c2:73:3e:21:b2:e6:08:90:72:c6:51:c1:9c:34:70:5a:e4:
61:8c:e2:d5:e4:25:6f:d3:b8:a5:19:c8:29:9b:86:14:4c:a8:
fd:d5:52:78:37:2d:26:6f:37:a9:aa:aa:a3:6f:78:0c:f7:20:
b1:59:0d:6a:92:ac:9c:5e:ca:b2:fd:9a:a7:24:28:96:41:79:
4a:74:75:a1:e1:b5:41:72:b9:a6:a9:29:8b:ae:84:0e:86:35:
85:f7:c1:ce:6e:9e:ec:fa:dd:52:7a:a9:28:53:30:c5:f8:f5:
f0:c1:02:53:cb:2f:de:de:34:85:e5:af:23:9e:e5:e9:78:99:
f7:e3:fe:dc:6b:64:36:ea:44:30:4a:3d:29:f0:0e:3b:ed:8b:
81:c5:75:c8:63:a9:7b:b8:f6:8e:3b:5d:9a:f8:7b:63:78:84:
8a:2a:00:36:99:34:2e:d5:34:05:02:5d:74:de:94:21:b1:0c:
3f:ff:c6:c8:60:d5:37:76:f7:20:08:95:d6:b8:6b:dc:8b:12:
0f:3d:29:01:47:55:9c:48:d1:d0:80:40:8c:d7:54:6a:0f:1c:
fe:27:cd:44:c6:43:e1:18:21:e3:05:b1:5f:45:8e:f8:9d:7a:
6c:11:53:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMPzC402v8FtawAD5ZoxIg5qETDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwMTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NWQ1MmEwMTNkMWU1ZDM1M2NiZTEzMzk5NTkwMTNiOGRlNjE1OTcxYjQ3
ODIyZmZhZDYyZGFkYjUzMjU2YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMITV8ijmQRDLdzxH/X44wmdTOablebNjYe7ywANcD14oNo1bXAq5ctnuM9E
0oJEzuYmoNBVvwEEfU4Yb1kP1f+p25A6H3+K1tcpszkRtj5FJ+lQE9PuNmwQY7Q5
9XOTrKQ3scVw/48hX8BNfBgmXl0po0ks+OeuEx8TjC654iPnzZunSgS4GIYagmtn
JEs2LLmzHlN4poBhpbNAWaCOhkFhKyBiyqjKdCIVIuLT9WdbTVhl4Bd87PdlGt2U
6nUWvu4UYheuNdwDdXjMqUgQvoLEA6c0xW42AzzSGBMX/uY9CF6i8H1OzShM1Bqg
EtVk/9QO3cvc7UWbkpuhISAl01sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ6kBNQ
rE53g/7yXQCNBT7yw+PjETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzJjMzk1ZTItNDkxYy00MTQxLWJhMWUtMWIzNzE3ODQxMDYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBNF3r0NO4iRB4wrqAFvenhXp2UwnM+IbLmCJByxlHB
nDRwWuRhjOLV5CVv07ilGcgpm4YUTKj91VJ4Ny0mbzepqqqjb3gM9yCxWQ1qkqyc
Xsqy/ZqnJCiWQXlKdHWh4bVBcrmmqSmLroQOhjWF98HObp7s+t1SeqkoUzDF+PXw
wQJTyy/e3jSF5a8jnuXpeJn34/7ca2Q26kQwSj0p8A477YuBxXXIY6l7uPaOO12a
+HtjeISKKgA2mTQu1TQFAl103pQhsQw//8bIYNU3dvcgCJXWuGvcixIPPSkBR1Wc
SNHQgECM11RqDxz+J81ExkPhGCHjBbFfRY74nXpsEVOD
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:10:32 2025 by rpki-client