Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
File: 18d9a632-05fe-446e-aca9-1adb271dcda8.roa (raw, json)
Hash identifier: 7oWnllrCJLqmQcEv/l+oRqsUwnrE51RuHFk5dYvAvpg=
Subject key identifier: B9:2E:4B:72:42:DA:F0:62:CB:AC:10:45:4B:68:38:5F:29:FC:24:A8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5186FCBDE6996690BDA8C863D85CB06EA53179E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
Signing time: Fri 25 Apr 2025 20:40:04 +0000
ROA not before: Fri 25 Apr 2025 20:40:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:86:fc:bd:e6:99:66:90:bd:a8:c8:63:d8:5c:b0:6e:a5:31:79:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7aac7e48c1bf12ce419c8e50ac645d0b7df761455892dbd2dff1360e7bdda73e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:be:36:62:8c:20:1b:b7:90:fc:9c:6d:84:90:
3c:d0:14:7f:4b:66:43:92:b3:50:02:e4:86:f6:b9:
96:fd:45:4d:3e:5f:ad:26:68:13:10:ed:d2:aa:c3:
b3:f6:99:41:f4:f3:0b:05:1f:ff:d4:b3:01:8e:66:
11:a3:97:e7:9f:33:66:37:cf:e1:1b:7b:62:d6:ad:
14:e0:6a:57:85:d4:04:ba:60:8f:dd:1c:a2:8f:ed:
88:37:1b:a4:0d:c1:d5:d0:f7:18:5b:2d:a4:1d:57:
9d:a6:c7:3f:a9:41:9b:23:bb:a3:a8:b0:88:41:c7:
0e:9b:5f:4c:d9:e8:99:48:83:47:22:6c:1e:7c:e9:
47:66:d8:5f:01:f8:25:9b:c1:b2:05:e6:97:bd:8e:
dd:b5:10:36:48:6d:db:bc:8a:da:d3:72:16:a2:75:
3f:a4:11:4c:24:49:38:17:4c:41:54:30:0f:45:aa:
f6:bc:17:08:de:4f:33:7e:e2:8e:7e:de:0a:0b:44:
48:76:9a:c8:c4:92:f0:5d:f4:cd:b0:29:a6:8b:6e:
ea:a0:fc:78:f8:b2:af:ba:71:64:f2:91:14:78:ee:
11:fa:e4:6d:4b:db:87:c4:8e:0b:3d:a6:00:5d:6c:
d9:a4:6a:c4:ba:9e:fc:23:04:7a:50:d8:78:df:0f:
e8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2E:4B:72:42:DA:F0:62:CB:AC:10:45:4B:68:38:5F:29:FC:24:A8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/18d9a632-05fe-446e-aca9-1adb271dcda8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b1:77:d8:5d:f3:2c:b6:e8:c4:9c:54:04:12:30:f4:8b:ed:ae:
18:30:a1:c3:6a:5e:70:5f:a7:a1:68:d6:e0:ef:b9:9d:43:e6:
5d:73:d6:d1:20:44:31:ba:0d:76:8d:6e:d4:31:76:81:db:5f:
1d:a8:20:40:57:29:b6:bc:8f:dd:41:ed:11:08:12:77:17:d1:
df:3f:ac:0a:a2:a1:b6:5b:fd:2c:49:9e:27:d7:bd:45:5e:1e:
41:60:79:25:22:5a:a6:49:c9:73:07:d5:e3:fc:2b:97:b7:0f:
a6:f9:cd:07:4f:aa:79:7a:d4:fe:ee:ae:2d:f5:3c:1d:c3:d4:
18:73:4d:71:10:92:66:8d:40:96:72:e4:aa:99:8f:55:38:ca:
a0:7d:64:55:38:dd:df:69:8a:51:40:7b:ff:f2:81:3b:9e:94:
ec:9d:b5:8b:4d:b3:a6:37:66:9b:02:63:9c:48:e0:4b:96:55:
fc:36:c3:94:fb:1b:c1:46:72:74:53:63:6a:3e:e5:a0:73:c7:
4d:e4:f5:1f:d1:50:39:fd:e6:38:03:a7:29:4a:06:ba:7e:72:
d0:1c:8b:3d:08:8a:ce:2b:1b:51:d8:5d:74:6d:1a:e2:2d:18:
31:97:77:a0:bc:1d:13:0f:e0:86:ef:8d:96:46:09:84:d6:6b:
d7:b7:d8:65
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUYb8veaZZpC9qMhj2FywbqUxeeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhYWM3ZTQ4YzFiZjEyY2U0MTljOGU1MGFjNjQ1ZDBiN2RmNzYxNDU1ODky
ZGJkMmRmZjEzNjBlN2JkZGE3M2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALS+NmKMIBu3kPycbYSQPNAUf0tmQ5KzUALkhva5lv1FTT5frSZoExDt0qrD
s/aZQfTzCwUf/9SzAY5mEaOX558zZjfP4Rt7YtatFOBqV4XUBLpgj90coo/tiDcb
pA3B1dD3GFstpB1XnabHP6lBmyO7o6iwiEHHDptfTNnomUiDRyJsHnzpR2bYXwH4
JZvBsgXml72O3bUQNkht27yK2tNyFqJ1P6QRTCRJOBdMQVQwD0Wq9rwXCN5PM37i
jn7eCgtESHaayMSS8F30zbAppotu6qD8ePiyr7pxZPKRFHjuEfrkbUvbh8SOCz2m
AF1s2aRqxLqe/CMEelDYeN8P6IECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5Lkty
QtrwYsusEEVLaDhfKfwkqDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MThkOWE2MzItMDVmZS00NDZlLWFjYTktMWFkYjI3MWRjZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQCxd9hd8yy26MScVAQSMPSL7a4YMKHDal5wX6ehaNbg
77mdQ+Zdc9bRIEQxug12jW7UMXaB218dqCBAVym2vI/dQe0RCBJ3F9HfP6wKoqG2
W/0sSZ4n171FXh5BYHklIlqmSclzB9Xj/CuXtw+m+c0HT6p5etT+7q4t9Twdw9QY
c01xEJJmjUCWcuSqmY9VOMqgfWRVON3faYpRQHv/8oE7npTsnbWLTbOmN2abAmOc
SOBLllX8NsOU+xvBRnJ0U2NqPuWgc8dN5PUf0VA5/eY4A6cpSga6fnLQHIs9CIrO
KxtR2F10bRriLRgxl3egvB0TD+CG742WRgmE1mvXt9hl
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:14 2025 by rpki-client