Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
File: fc50f617-7597-4f4e-b8f6-87763b28caf0.roa (raw, json)
Hash identifier: OQDj7u+gwHyRcLOCd38vhYgryZytgWPqvUS7G2EAdmg=
Subject key identifier: FB:4B:E1:F4:75:C5:2D:2F:30:BA:54:47:C3:5C:4D:51:8D:B9:5E:9A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2AC2DB929AC34A135A2EAA3536E00C5EEE4F2EC0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
Signing time: Fri 11 Jul 2025 20:50:16 +0000
ROA not before: Fri 11 Jul 2025 20:50:16 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.121.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:c2:db:92:9a:c3:4a:13:5a:2e:aa:35:36:e0:0c:5e:ee:4f:2e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:16 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=bfa90b5aff31fc706baa4eef93ddcc88b6e8b7dc020d93c28a48cc1c86884474, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f5:be:61:ba:8c:df:cd:46:02:91:b2:b7:3f:
39:5b:9e:41:b0:34:96:6d:91:d9:3f:e3:2a:1e:05:
c5:2f:d2:db:84:1f:6d:9e:39:70:76:b2:94:66:73:
18:72:4d:d8:39:18:6f:90:db:b1:22:d5:dd:39:48:
df:eb:d2:7e:f0:44:50:d7:5b:d8:55:10:03:15:fa:
1e:a1:c8:2d:5f:e0:12:04:49:f5:80:18:72:39:cd:
c8:4e:a5:7d:75:2d:79:cf:ba:b7:07:95:06:19:dc:
f5:7a:3f:df:02:52:d6:c0:9f:7b:68:11:dc:61:36:
f1:a4:d9:76:00:2a:da:b1:46:b3:4d:20:49:d2:b3:
49:9e:ca:86:7e:9d:c4:b8:a6:8a:19:9b:a3:11:8b:
94:94:78:b3:23:34:e1:98:b2:10:10:9e:11:1c:41:
37:79:ea:9e:65:40:e8:d3:43:cf:86:73:2b:30:e8:
46:48:90:0b:4b:e3:e0:f7:2d:cf:88:b6:11:a7:5c:
ef:eb:47:b0:6f:fb:14:d6:ca:2a:4a:57:11:45:ab:
c5:4a:7c:c8:e3:46:57:71:87:5f:77:41:20:c2:ca:
21:18:e9:fd:0e:f0:33:fc:8e:08:71:59:93:2a:d3:
da:31:ec:2d:62:e9:a6:f6:1b:93:09:a6:45:da:c8:
db:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4B:E1:F4:75:C5:2D:2F:30:BA:54:47:C3:5C:4D:51:8D:B9:5E:9A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc50f617-7597-4f4e-b8f6-87763b28caf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.121.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:0d:5a:30:59:b9:c4:dc:d9:bb:9b:80:ab:53:8e:79:d4:4d:
69:d9:ae:e5:fd:c3:d1:93:ae:6b:1a:7d:44:f5:57:14:49:1f:
f7:45:9f:64:0a:05:b5:08:95:ed:91:dd:f7:13:93:28:01:f7:
40:ad:60:91:ce:53:e4:e8:8a:c9:5d:84:eb:ee:50:cb:2c:92:
6f:f1:08:ed:92:64:1d:ea:8e:c3:0e:51:b7:bf:48:d0:41:ea:
4f:9f:b9:93:0b:af:a7:47:3c:85:fe:24:ea:16:b1:27:89:14:
59:44:11:bf:b9:26:be:35:73:56:fd:e0:aa:69:83:4f:cc:6d:
74:af:30:43:41:52:5d:7d:db:de:57:fa:7d:26:44:97:86:13:
c5:9a:8d:f8:3b:a4:df:16:5a:7f:39:bc:72:6a:95:cd:0f:c0:
9c:8b:93:3e:a0:87:55:a9:2e:21:cb:f9:80:7e:db:7f:c0:24:
a9:42:da:7d:d0:ed:ec:ad:af:4e:af:e7:97:8a:f3:d8:e1:21:
b0:b1:b9:0b:34:e6:84:72:c1:6f:75:2f:97:ed:d7:81:89:f0:
6a:2f:a4:9a:ce:c2:35:5d:5f:62:2c:1c:ae:5c:3f:c8:b9:32:
96:ac:1c:88:57:7e:ad:82:33:0d:cf:c3:b1:e5:ae:58:68:73:
45:c0:68:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKsLbkprDShNaLqo1NuAMXu5PLsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmYTkwYjVhZmYzMWZjNzA2YmFhNGVlZjkzZGRjYzg4YjZlOGI3ZGMwMjBk
OTNjMjhhNDhjYzFjODY4ODQ0NzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKT1vmG6jN/NRgKRsrc/OVueQbA0lm2R2T/jKh4FxS/S24QfbZ45cHaylGZz
GHJN2DkYb5DbsSLV3TlI3+vSfvBEUNdb2FUQAxX6HqHILV/gEgRJ9YAYcjnNyE6l
fXUtec+6tweVBhnc9Xo/3wJS1sCfe2gR3GE28aTZdgAq2rFGs00gSdKzSZ7Khn6d
xLimihmboxGLlJR4syM04ZiyEBCeERxBN3nqnmVA6NNDz4ZzKzDoRkiQC0vj4Pct
z4i2Eadc7+tHsG/7FNbKKkpXEUWrxUp8yONGV3GHX3dBIMLKIRjp/Q7wM/yOCHFZ
kyrT2jHsLWLppvYbkwmmRdrI22ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT7S+H0
dcUtLzC6VEfDXE1RjblemjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmM1MGY2MTctNzU5Ny00ZjRlLWI4ZjYtODc3NjNiMjhjYWYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN5MA0G
CSqGSIb3DQEBCwUAA4IBAQAYDVowWbnE3Nm7m4CrU4551E1p2a7l/cPRk65rGn1E
9VcUSR/3RZ9kCgW1CJXtkd33E5MoAfdArWCRzlPk6IrJXYTr7lDLLJJv8QjtkmQd
6o7DDlG3v0jQQepPn7mTC6+nRzyF/iTqFrEniRRZRBG/uSa+NXNW/eCqaYNPzG10
rzBDQVJdfdveV/p9JkSXhhPFmo34O6TfFlp/ObxyapXND8Cci5M+oIdVqS4hy/mA
ftt/wCSpQtp90O3sra9Or+eXivPY4SGwsbkLNOaEcsFvdS+X7deBifBqL6SazsI1
XV9iLByuXD/IuTKWrByIV36tgjMNz8Ox5a5YaHNFwGho
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:14:39 2025 by rpki-client