Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: X07jAyA0hbrEF+0hq0s9csBL7e1MKNme55xqjN8x8fw=
Subject key identifier: 27:2E:EE:B6:CD:3C:C4:8A:27:F2:38:C9:F9:F6:E4:5F:32:1E:02:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 490569E8CCDD810FA99D7EFEA589E7548F5E019A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Tue 20 May 2025 20:50:36 +0000
ROA not before: Tue 20 May 2025 20:50:36 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:05:69:e8:cc:dd:81:0f:a9:9d:7e:fe:a5:89:e7:54:8f:5e:01:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:36 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ac2ad0586932119baf529ee4db00b479c63eb501bfc4c6ce75a3964b0f2c708e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fc:59:32:2e:47:83:34:0b:97:2f:61:fd:bf:
20:36:9b:0b:6b:cd:a9:5a:49:f2:a3:ea:9d:01:38:
99:a8:d8:be:b4:af:2a:b6:ce:a1:43:bc:ea:ba:dc:
51:1c:83:c9:3d:04:c1:3b:74:3f:f1:b6:e3:97:a3:
45:16:a1:c2:e8:2a:6d:ec:c4:5a:90:05:a5:50:5d:
09:cb:43:7c:b9:26:7b:cc:28:df:8a:76:87:ad:1c:
cc:b0:24:36:4c:92:76:48:2a:fb:c5:37:ef:0e:dc:
bb:52:94:5d:65:db:52:27:4c:f9:bd:73:20:04:27:
80:85:a0:3f:f8:96:29:b2:0a:15:38:0b:d7:80:1a:
96:5a:0e:56:d9:1d:45:6d:26:77:f7:98:83:3b:4f:
86:63:fe:28:9a:40:ec:d8:ff:16:c1:d3:cf:55:e4:
38:a5:8c:77:3f:0c:8c:b8:16:7f:db:d5:ce:4b:64:
db:14:fa:ae:16:8a:42:60:24:6d:65:91:a6:ad:87:
9f:46:bd:16:71:a0:ca:c2:e2:2f:e3:d8:da:05:1f:
8f:da:b0:50:5a:77:e5:5c:c1:fe:fb:2c:bc:35:46:
ec:bc:fb:d4:91:01:2b:f6:37:71:a5:12:f2:fb:c6:
e4:20:59:23:ec:45:b8:27:41:b0:1c:3f:cb:ab:35:
df:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2E:EE:B6:CD:3C:C4:8A:27:F2:38:C9:F9:F6:E4:5F:32:1E:02:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
16:c5:38:6f:33:c3:98:a0:10:6f:5f:bd:32:29:0b:4e:bc:e8:
f8:74:77:d8:fa:e5:03:38:74:fc:82:b7:05:37:81:72:04:b1:
94:04:7e:bf:39:be:0d:e2:00:73:a5:49:e5:c6:3c:df:3c:82:
ad:3f:2d:8b:4e:45:0d:d4:c6:e5:dc:47:7d:f7:79:56:74:a1:
5a:5c:c8:e8:89:0a:0e:2b:49:ed:9c:dc:10:4a:e8:6f:db:0a:
9d:81:f1:a4:80:1a:89:b5:21:19:65:12:fc:a0:5b:00:91:5d:
e4:f3:72:3b:b0:4c:0b:75:aa:60:8d:38:4b:95:dd:d0:cd:9e:
03:d7:9b:73:a3:4b:ae:c0:94:66:a8:6a:8e:4b:f2:c5:85:9b:
57:54:95:23:34:27:e7:fa:01:86:56:92:d9:1f:92:c6:69:88:
05:12:4b:f9:6d:9a:46:e3:70:2c:de:98:54:2a:a3:f4:7d:4a:
a2:fe:6e:70:80:df:68:78:ff:ab:6e:01:66:cd:a7:a8:6b:54:
82:25:0e:3a:bc:5f:d6:bf:a1:1d:48:65:4d:f9:9b:66:10:cb:
0a:b8:81:6e:36:31:55:78:c5:1b:99:61:a8:b0:7d:d6:8a:c3:
df:83:15:d8:e9:d3:1d:1c:85:89:23:ee:5d:de:cc:b9:9a:bb:
b3:81:fa:63
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSQVp6MzdgQ+pnX7+pYnnVI9eAZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMzZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMmFkMDU4NjkzMjExOWJhZjUyOWVlNGRiMDBiNDc5YzYzZWI1MDFiZmM0
YzZjZTc1YTM5NjRiMGYyYzcwOGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANP8WTIuR4M0C5cvYf2/IDabC2vNqVpJ8qPqnQE4majYvrSvKrbOoUO86rrc
URyDyT0EwTt0P/G245ejRRahwugqbezEWpAFpVBdCctDfLkme8wo34p2h60czLAk
NkySdkgq+8U37w7cu1KUXWXbUidM+b1zIAQngIWgP/iWKbIKFTgL14AalloOVtkd
RW0md/eYgztPhmP+KJpA7Nj/FsHTz1XkOKWMdz8MjLgWf9vVzktk2xT6rhaKQmAk
bWWRpq2Hn0a9FnGgysLiL+PY2gUfj9qwUFp35VzB/vssvDVG7Lz71JEBK/Y3caUS
8vvG5CBZI+xFuCdBsBw/y6s132ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQnLu62
zTzEiifyOMn59uRfMh4CLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQAWxThvM8OYoBBvX70yKQtOvOj4dHfY+uUDOHT8grcF
N4FyBLGUBH6/Ob4N4gBzpUnlxjzfPIKtPy2LTkUN1Mbl3Ed993lWdKFaXMjoiQoO
K0ntnNwQSuhv2wqdgfGkgBqJtSEZZRL8oFsAkV3k83I7sEwLdapgjThLld3QzZ4D
15tzo0uuwJRmqGqOS/LFhZtXVJUjNCfn+gGGVpLZH5LGaYgFEkv5bZpG43As3phU
KqP0fUqi/m5wgN9oeP+rbgFmzaeoa1SCJQ46vF/Wv6EdSGVN+ZtmEMsKuIFuNjFV
eMUbmWGosH3WisPfgxXY6dMdHIWJI+5d3sy5mruzgfpj
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:44 2025 by rpki-client