Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: xBv+dyCNJ97J67lB6ORSSkN0Tuf0SNTjJ6G0a/x+sAs=
Subject key identifier: 1C:3F:D0:9F:F9:1D:73:4B:B3:92:69:23:B6:4B:12:1A:01:78:5C:19
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 639C94368E3F342F8D86E3167A40B54A4130FB09
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Fri 11 Jul 2025 20:50:03 +0000
ROA not before: Fri 11 Jul 2025 20:50:03 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:9c:94:36:8e:3f:34:2f:8d:86:e3:16:7a:40:b5:4a:41:30:fb:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:03 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1fcb130d7edda2f716901928c395eaf4fb0f10493ae87f2f91777c187b231109, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:65:ca:e8:76:7f:af:0b:05:64:64:10:6d:08:
63:34:1b:80:ca:b4:07:34:e3:54:72:61:0e:bf:59:
b4:19:58:6b:24:27:b6:5d:ed:61:a8:c4:46:2d:12:
72:c1:95:5a:4d:c8:62:93:1e:d3:25:4a:db:0d:d2:
11:1e:90:a3:96:fb:63:25:4b:3e:c3:6c:fa:54:37:
f4:d2:4d:f1:01:75:b3:0f:1e:61:62:6b:82:00:c4:
01:b2:ca:a1:16:97:17:83:00:32:56:7e:de:96:8e:
35:53:be:83:f6:68:69:11:70:cc:34:1e:bb:db:f2:
d8:64:d4:fb:39:f4:99:fd:0b:89:62:36:9d:6b:65:
f5:7b:8a:33:4c:d9:2f:8c:cc:ad:70:ee:d1:11:56:
a1:c7:50:fa:9b:35:63:c6:f4:72:b4:09:23:0b:0b:
ed:e0:cd:4e:66:1e:c3:9a:2f:8a:40:6c:7a:ad:31:
1f:73:60:52:83:28:7f:ed:db:e9:71:7e:b9:7e:53:
d2:fc:c0:f1:5c:54:7e:fb:60:ac:31:c7:45:dc:3f:
e6:84:21:f7:2f:62:59:6f:7c:11:eb:82:2e:d3:44:
49:e9:ca:4e:b0:a1:9f:b2:2a:26:92:77:c5:3b:70:
c9:c6:a2:fb:28:bf:1f:47:1e:16:f3:f0:5b:79:44:
e7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3F:D0:9F:F9:1D:73:4B:B3:92:69:23:B6:4B:12:1A:01:78:5C:19
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:9f:a7:0d:b2:5d:7b:a2:4b:53:c2:95:62:4d:73:c0:dc:d5:
36:12:26:5b:17:12:75:27:6d:05:2a:18:64:95:ad:a7:b4:1f:
b8:31:b3:ab:67:8a:4c:32:f7:f2:2b:c5:b4:fc:7b:03:56:51:
a3:b0:d0:f8:5e:3f:e9:97:7e:a0:37:dc:08:d5:db:88:0a:f8:
c0:ae:ac:9d:b3:37:77:18:e0:fe:71:25:18:18:0e:ae:31:a7:
b7:09:1d:36:c4:97:9d:15:3c:51:a8:d0:9a:bb:5a:ad:80:e6:
74:ba:31:5c:d9:44:c7:8c:62:50:c9:f3:cf:c4:67:74:10:46:
89:8d:6d:7e:a3:19:41:31:d1:7b:68:ab:3d:0c:52:3b:d5:6c:
16:17:a9:a8:ef:29:7e:87:25:bc:b3:87:db:31:1d:1d:dd:83:
b9:d9:2e:34:48:61:92:25:1e:66:14:88:cf:96:72:d8:a9:73:
58:87:42:2f:78:26:57:3b:17:e6:b0:5a:af:21:fe:b0:3a:57:
fc:7d:5f:4e:7c:13:c9:0e:0b:6d:fa:98:46:c4:78:88:8b:0b:
23:60:1e:45:71:b4:17:05:55:a8:93:9d:00:13:88:91:32:48:
ab:70:13:d9:a6:00:99:7d:f0:82:ba:9e:92:32:b2:31:2c:ba:
e7:2d:9f:2b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY5yUNo4/NC+NhuMWekC1SkEw+wkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmY2IxMzBkN2VkZGEyZjcxNjkwMTkyOGMzOTVlYWY0ZmIwZjEwNDkzYWU4
N2YyZjkxNzc3YzE4N2IyMzExMDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5lyuh2f68LBWRkEG0IYzQbgMq0BzTjVHJhDr9ZtBlYayQntl3tYajERi0S
csGVWk3IYpMe0yVK2w3SER6Qo5b7YyVLPsNs+lQ39NJN8QF1sw8eYWJrggDEAbLK
oRaXF4MAMlZ+3paONVO+g/ZoaRFwzDQeu9vy2GTU+zn0mf0LiWI2nWtl9XuKM0zZ
L4zMrXDu0RFWocdQ+ps1Y8b0crQJIwsL7eDNTmYew5ovikBseq0xH3NgUoMof+3b
6XF+uX5T0vzA8VxUfvtgrDHHRdw/5oQh9y9iWW98EeuCLtNESenKTrChn7IqJpJ3
xTtwycai+yi/H0ceFvPwW3lE54kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQcP9Cf
+R1zS7OSaSO2SxIaAXhcGTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQCqn6cNsl17oktTwpViTXPA3NU2EiZbFxJ1J20FKhhk
la2ntB+4MbOrZ4pMMvfyK8W0/HsDVlGjsND4Xj/pl36gN9wI1duICvjArqydszd3
GOD+cSUYGA6uMae3CR02xJedFTxRqNCau1qtgOZ0ujFc2UTHjGJQyfPPxGd0EEaJ
jW1+oxlBMdF7aKs9DFI71WwWF6mo7yl+hyW8s4fbMR0d3YO52S40SGGSJR5mFIjP
lnLYqXNYh0IveCZXOxfmsFqvIf6wOlf8fV9OfBPJDgtt+phGxHiIiwsjYB5FcbQX
BVWok50AE4iRMkircBPZpgCZffCCup6SMrIxLLrnLZ8r
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:19:15 2025 by rpki-client