Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
File: 397b5a86-52b0-4a8c-87de-e6da77812b46.roa (raw, json)
Hash identifier: V335cCU0uXp/9rU+yH84uFGwAxztxaD+4FR0GDp7ZCs=
Subject key identifier: 11:59:29:E5:00:F3:36:B0:3A:83:14:E8:77:31:73:BB:A7:00:48:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 75A6A3089ED196EB30A76D192864E89AEBF14CEE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
Signing time: Fri 25 Apr 2025 20:40:13 +0000
ROA not before: Fri 25 Apr 2025 20:40:13 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.248.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:a6:a3:08:9e:d1:96:eb:30:a7:6d:19:28:64:e8:9a:eb:f1:4c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:13 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=99519fa1cf2396048dcd630f5b81dca07d57a8cba9684b2dc98911b777a0f07b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f8:70:2e:cc:c8:3c:62:80:3e:d4:56:1e:78:
9f:14:6d:ed:21:4f:17:4d:f6:50:63:75:4a:e9:55:
82:e4:fc:ee:d9:c0:a9:b1:83:7f:6b:0a:87:c3:31:
f3:76:82:35:9d:e5:cd:03:80:97:8c:aa:0d:2c:60:
41:b6:83:67:24:56:27:0f:64:fe:9e:84:f8:eb:18:
97:27:02:55:33:1f:27:f0:14:de:b5:13:5e:30:a5:
e1:c6:ae:9f:39:4b:70:15:b9:f2:d4:a7:f9:dd:76:
80:c6:fa:b1:95:c7:c1:13:9e:74:46:4d:48:a1:f2:
a4:2e:6e:04:96:9c:81:d9:c9:6e:8f:57:a1:27:b0:
6d:ef:1e:52:ae:90:de:c4:df:db:c3:e5:e5:ce:29:
29:1f:39:96:a6:d1:b6:1f:87:f9:cb:88:3a:1c:f1:
09:54:3e:0f:03:30:84:89:85:3f:8b:58:b3:38:8c:
e4:9a:df:ba:05:8a:90:a2:34:f6:86:32:09:31:4c:
4f:b4:60:b9:01:49:e8:1f:89:21:44:19:77:40:85:
f8:b7:3d:4a:83:26:d4:bf:02:01:c8:8b:08:b3:8d:
75:0d:83:2b:c6:81:b8:d7:ce:a0:32:b7:05:d7:b5:
fc:5c:ea:45:34:b4:cf:24:84:e5:83:31:29:ec:cd:
69:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:59:29:E5:00:F3:36:B0:3A:83:14:E8:77:31:73:BB:A7:00:48:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/397b5a86-52b0-4a8c-87de-e6da77812b46.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.248.0.0/15
Signature Algorithm: sha256WithRSAEncryption
60:0d:31:99:4b:81:f8:5f:cc:29:1f:2b:8a:5f:8b:62:cb:23:
28:0b:13:83:1e:32:b6:20:a9:6b:64:65:94:00:9c:76:0e:80:
61:36:96:66:34:b5:ea:4b:d1:29:cd:5e:50:57:85:d0:df:36:
02:b3:c9:4d:6e:04:63:c7:25:24:ea:d5:d4:a1:a6:32:6c:a5:
db:8d:7a:84:62:70:28:4e:20:fe:f4:0a:30:d1:87:87:44:11:
7f:2d:18:00:95:a2:6f:c8:9f:c9:63:12:91:e1:77:1d:da:c8:
e7:e7:53:dc:af:d3:6a:0e:4d:1f:bf:39:4d:f8:09:e8:62:93:
9e:17:0e:d8:96:1c:bf:b2:37:39:41:df:01:ba:61:33:3d:ef:
dc:fa:81:39:af:fb:c7:e2:42:b4:7f:ee:90:fa:83:21:69:df:
d5:5f:87:c8:c9:05:1e:d6:0f:dd:15:f8:08:69:c5:02:a6:a8:
76:24:4f:98:3f:53:3d:61:4d:5c:9c:74:7d:fc:d5:8b:97:49:
56:60:a0:08:5f:c0:f8:c0:5e:a2:8d:80:41:91:e1:83:d5:e3:
17:c9:d3:0a:40:e7:69:8d:35:25:cb:4a:44:1f:bc:21:17:a3:
c1:a7:75:59:97:5b:00:91:67:e1:14:7a:36:ed:d4:94:e6:4e:
ed:b8:33:af
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdaajCJ7Rluswp20ZKGTomuvxTO4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMTNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk5NTE5ZmExY2YyMzk2MDQ4ZGNkNjMwZjViODFkY2EwN2Q1N2E4Y2JhOTY4
NGIyZGM5ODkxMWI3NzdhMGYwN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMz4cC7MyDxigD7UVh54nxRt7SFPF032UGN1SulVguT87tnAqbGDf2sKh8Mx
83aCNZ3lzQOAl4yqDSxgQbaDZyRWJw9k/p6E+OsYlycCVTMfJ/AU3rUTXjCl4cau
nzlLcBW58tSn+d12gMb6sZXHwROedEZNSKHypC5uBJacgdnJbo9XoSewbe8eUq6Q
3sTf28Pl5c4pKR85lqbRth+H+cuIOhzxCVQ+DwMwhImFP4tYsziM5JrfugWKkKI0
9oYyCTFMT7RguQFJ6B+JIUQZd0CF+Lc9SoMm1L8CAciLCLONdQ2DK8aBuNfOoDK3
Bde1/FzqRTS0zySE5YMxKezNaW8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQRWSnl
APM2sDqDFOh3MXO7pwBIoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzk3YjVhODYtNTJiMC00YThjLTg3ZGUtZTZkYTc3ODEyYjQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATP4MA0G
CSqGSIb3DQEBCwUAA4IBAQBgDTGZS4H4X8wpHyuKX4tiyyMoCxODHjK2IKlrZGWU
AJx2DoBhNpZmNLXqS9EpzV5QV4XQ3zYCs8lNbgRjxyUk6tXUoaYybKXbjXqEYnAo
TiD+9Aow0YeHRBF/LRgAlaJvyJ/JYxKR4Xcd2sjn51Pcr9NqDk0fvzlN+AnoYpOe
Fw7Ylhy/sjc5Qd8BumEzPe/c+oE5r/vH4kK0f+6Q+oMhad/VX4fIyQUe1g/dFfgI
acUCpqh2JE+YP1M9YU1cnHR9/NWLl0lWYKAIX8D4wF6ijYBBkeGD1eMXydMKQOdp
jTUly0pEH7whF6PBp3VZl1sAkWfhFHo27dSU5k7tuDOv
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:16 2025 by rpki-client