Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
File: 16466217-dced-4a5a-a70d-36ae6ab6acbe.roa (raw, json)
Hash identifier: RTAvue68AhkFxSeDarIVSp0/qBUpO42uEBrbJlujKuI=
Subject key identifier: 5A:37:FE:8C:16:97:EE:6B:1C:AC:68:76:9D:76:0E:4A:F0:75:D6:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4FDD208FD06971008BBB3E133E6FF4BCA480EBC5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
Signing time: Fri 23 May 2025 00:51:14 +0000
ROA not before: Fri 23 May 2025 00:51:14 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:dd:20:8f:d0:69:71:00:8b:bb:3e:13:3e:6f:f4:bc:a4:80:eb:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:14 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=8e34298cd35d304566c41baf2b5a8038f7d3b2251d88dce8e4be0a227ba14143, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7f:6c:77:72:2b:86:30:77:7c:06:1a:db:a3:
a3:22:9c:02:70:4b:89:d1:8f:82:28:bf:2d:a4:3d:
0a:f6:9e:93:97:35:ed:fb:9d:6d:70:06:29:6e:0a:
40:85:6e:af:64:00:89:65:89:c0:49:ea:0a:4c:de:
0d:82:3e:c8:99:2c:4f:c1:5f:70:85:cf:3e:68:fb:
b5:07:5d:f1:57:87:f0:f7:ae:76:61:d7:8b:48:d1:
53:4c:99:70:ea:20:5c:20:5d:21:66:49:a5:2f:49:
89:9b:f7:42:fc:f6:f4:78:8c:af:fd:e6:8a:8c:04:
79:fc:6f:9e:d5:71:5d:78:b1:10:bb:0f:2c:a9:0a:
83:51:a4:ad:bc:07:3c:cf:ba:14:8f:03:5e:36:e0:
7f:5a:1d:9b:5b:8c:b6:0a:39:ca:91:59:a9:08:87:
1c:f5:3e:57:c8:16:e5:cb:70:59:ac:a6:ac:e2:6c:
e1:31:ee:f5:a2:62:b4:d6:ed:c9:36:10:b8:66:76:
c5:d4:6b:78:3c:26:6f:c9:80:f2:e4:f4:45:8a:76:
78:a9:db:42:97:fb:a6:54:51:5a:b6:f3:09:aa:e3:
27:ea:9e:f3:ff:0a:ec:41:4d:88:67:8f:f8:ec:2a:
c9:da:6d:f3:3e:a7:ab:57:20:02:fc:78:1a:10:cb:
60:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:37:FE:8C:16:97:EE:6B:1C:AC:68:76:9D:76:0E:4A:F0:75:D6:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16466217-dced-4a5a-a70d-36ae6ab6acbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
0d:ed:ed:d9:e0:56:23:08:fe:c8:8e:a6:5b:c3:40:f8:c2:1e:
3f:8d:2f:a6:a8:92:73:49:03:55:a3:26:9d:91:53:10:20:ec:
c7:e6:43:9d:35:a7:de:93:86:78:cd:95:ec:c8:b9:ad:94:95:
ec:4c:eb:d4:e1:8b:8f:70:1e:5d:58:89:3f:a5:fd:50:9a:2a:
2c:40:5e:c0:31:d9:59:2f:03:53:1b:ff:d7:92:cc:da:6c:ba:
ba:95:92:8b:f2:1f:d7:51:61:fd:3f:b4:3d:b0:4d:5f:f5:b9:
8a:26:5b:e2:df:52:0f:2b:f0:68:f0:31:30:aa:74:93:74:96:
0a:f7:11:ba:4a:ec:5c:d3:46:72:19:d7:82:95:28:d6:64:62:
f4:d6:b5:cf:7f:8c:34:09:3a:c6:2c:93:e3:3a:54:22:6e:21:
8e:f1:1d:2e:3b:c8:df:61:dd:d3:2a:a2:00:38:8d:e2:83:0f:
7b:3b:38:77:ff:52:69:a1:aa:d0:99:3c:42:a6:e4:c3:04:de:
9d:55:4c:2d:e0:cb:c2:fa:23:18:52:45:bf:bc:3c:39:1b:b9:
20:87:1e:09:fc:0f:25:0e:68:25:05:0c:34:36:b1:48:2f:c4:
62:9b:fd:70:5f:05:6f:e0:e5:6b:65:c3:4f:85:91:d9:bc:aa:
f6:10:b4:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT90gj9BpcQCLuz4TPm/0vKSA68UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMTRaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlMzQyOThjZDM1ZDMwNDU2NmM0MWJhZjJiNWE4MDM4ZjdkM2IyMjUxZDg4
ZGNlOGU0YmUwYTIyN2JhMTQxNDMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd/bHdyK4Ywd3wGGtujoyKcAnBLidGPgii/LaQ9Cvaek5c17fudbXAGKW4K
QIVur2QAiWWJwEnqCkzeDYI+yJksT8FfcIXPPmj7tQdd8VeH8PeudmHXi0jRU0yZ
cOogXCBdIWZJpS9JiZv3Qvz29HiMr/3miowEefxvntVxXXixELsPLKkKg1GkrbwH
PM+6FI8DXjbgf1odm1uMtgo5ypFZqQiHHPU+V8gW5ctwWaymrOJs4THu9aJitNbt
yTYQuGZ2xdRreDwmb8mA8uT0RYp2eKnbQpf7plRRWrbzCarjJ+qe8/8K7EFNiGeP
+Owqydpt8z6nq1cgAvx4GhDLYL8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRaN/6M
FpfuaxysaHaddg5K8HXWzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTY0NjYyMTctZGNlZC00YTVhLWE3MGQtMzZhZTZhYjZhY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQAN7e3Z4FYjCP7IjqZbw0D4wh4/jS+mqJJzSQNVoyad
kVMQIOzH5kOdNafek4Z4zZXsyLmtlJXsTOvU4YuPcB5dWIk/pf1QmiosQF7AMdlZ
LwNTG//XkszabLq6lZKL8h/XUWH9P7Q9sE1f9bmKJlvi31IPK/Bo8DEwqnSTdJYK
9xG6Suxc00ZyGdeClSjWZGL01rXPf4w0CTrGLJPjOlQibiGO8R0uO8jfYd3TKqIA
OI3igw97Ozh3/1JpoarQmTxCpuTDBN6dVUwt4MvC+iMYUkW/vDw5G7kghx4J/A8l
DmglBQw0NrFIL8Rim/1wXwVv4OVrZcNPhZHZvKr2ELRD
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:03 2025 by rpki-client