Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
File: 444db014-8d2a-4c59-af9c-399bacab4f3f.roa (raw, json)
Hash identifier: 2sjODxGqbHLmo8+EoaYbVJjtespdQziiOyUR5c9L5/w=
Subject key identifier: B4:96:0D:37:1D:E2:33:32:39:64:0B:AB:8C:6C:D5:02:A5:24:79:F1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 295611F95A03E33BC0F9AA59CDB9A6A7A5EE8621
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
Signing time: Tue 20 May 2025 20:40:14 +0000
ROA not before: Tue 20 May 2025 20:40:14 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.156.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:56:11:f9:5a:03:e3:3b:c0:f9:aa:59:cd:b9:a6:a7:a5:ee:86:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:14 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=62dbd56f497b54ebe5ec635ae7ba75f827581a606983de325f7779f020d3a572, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a1:d5:aa:58:c7:91:e2:5e:5a:64:23:e1:a8:
c0:06:f4:50:a6:ad:35:a4:d3:13:fc:f4:93:d1:28:
d2:63:e5:d3:35:4b:90:a2:61:f3:6d:ac:67:3e:1f:
5b:5d:3d:42:6e:f9:52:d9:f6:64:96:f6:f1:c8:b1:
f7:75:a8:0c:4a:ed:56:d7:3e:57:62:ea:f7:c9:f5:
dd:93:0c:9b:cc:ed:a8:da:94:d7:aa:8f:76:b9:ae:
6d:cc:6e:4d:d1:c4:33:15:db:d1:90:ce:b5:77:f3:
68:d0:83:60:1f:a0:82:dc:04:c0:e6:3b:02:89:69:
28:00:03:37:a8:eb:82:c4:2d:fc:d0:16:07:e8:7b:
c6:06:85:88:a7:a2:65:d0:fd:2d:4e:f4:f9:db:52:
ca:a7:6f:41:69:13:58:3d:ca:76:ec:24:c6:37:51:
a6:cd:41:ed:8f:23:8c:69:bf:00:2d:0a:4d:aa:73:
ac:63:91:54:d0:a3:dc:20:12:4d:90:ef:d7:3d:8d:
2b:de:59:7c:13:e5:c6:47:c1:2d:dc:98:3c:86:eb:
db:8a:b9:bb:0d:d5:18:37:4a:f5:22:7f:08:a2:12:
2c:72:76:69:3e:c4:47:b6:a3:6f:bb:d7:76:26:ce:
32:9c:6c:16:13:59:07:9a:28:60:4e:ce:5a:a2:78:
45:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:96:0D:37:1D:E2:33:32:39:64:0B:AB:8C:6C:D5:02:A5:24:79:F1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/444db014-8d2a-4c59-af9c-399bacab4f3f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.156.0.0/15
Signature Algorithm: sha256WithRSAEncryption
36:ee:9d:5d:e4:0e:9c:4f:71:a5:f4:0b:10:7b:24:c3:09:01:
ee:8a:45:7f:e1:7d:ff:26:71:a0:88:31:f6:41:0b:bd:24:7f:
1d:c2:1c:b1:f5:f1:94:6a:31:60:24:79:97:ea:28:4c:d0:4a:
7e:58:44:95:7f:c7:1e:bc:65:ca:2a:10:b6:91:97:24:2a:cf:
b3:eb:c9:30:a7:bc:60:ee:25:ee:77:46:3e:36:de:db:16:94:
86:c1:4d:d5:5a:8a:fc:fc:61:f9:2b:66:b5:09:45:78:34:0f:
f3:42:d8:cf:14:9c:72:ce:15:ae:f1:22:5d:b6:84:2e:73:48:
dc:d2:5d:c4:83:b6:fb:5b:d2:a3:ee:cf:c5:c2:19:3e:e8:2e:
68:ff:e0:0a:07:77:47:eb:04:72:11:cb:64:35:de:c0:9f:8b:
c2:06:a0:0a:ba:1d:1d:22:3d:e2:00:6c:ce:39:85:de:bf:69:
3e:ea:9f:3d:f8:e3:24:be:a0:fa:2e:a9:22:f4:86:57:3a:20:
b0:bb:04:06:d8:35:d7:5e:f3:30:fa:b7:0e:bc:29:61:62:4b:
ff:38:0b:2b:6a:c0:30:81:c0:7a:1b:88:fd:8d:69:78:75:91:
cd:83:26:ac:6a:a7:e2:52:bd:e5:bf:62:9e:6f:e2:df:bf:2b:
83:71:cb:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKVYR+VoD4zvA+apZzbmmp6XuhiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwMTRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZGJkNTZmNDk3YjU0ZWJlNWVjNjM1YWU3YmE3NWY4Mjc1ODFhNjA2OTgz
ZGUzMjVmNzc3OWYwMjBkM2E1NzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSh1apYx5HiXlpkI+GowAb0UKatNaTTE/z0k9Eo0mPl0zVLkKJh822sZz4f
W109Qm75Utn2ZJb28cix93WoDErtVtc+V2Lq98n13ZMMm8ztqNqU16qPdrmubcxu
TdHEMxXb0ZDOtXfzaNCDYB+ggtwEwOY7AolpKAADN6jrgsQt/NAWB+h7xgaFiKei
ZdD9LU70+dtSyqdvQWkTWD3KduwkxjdRps1B7Y8jjGm/AC0KTapzrGORVNCj3CAS
TZDv1z2NK95ZfBPlxkfBLdyYPIbr24q5uw3VGDdK9SJ/CKISLHJ2aT7ER7ajb7vX
dibOMpxsFhNZB5ooYE7OWqJ4RXcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS0lg03
HeIzMjlkC6uMbNUCpSR58TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDQ0ZGIwMTQtOGQyYS00YzU5LWFmOWMtMzk5YmFjYWI0ZjNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOcMA0G
CSqGSIb3DQEBCwUAA4IBAQA27p1d5A6cT3Gl9AsQeyTDCQHuikV/4X3/JnGgiDH2
QQu9JH8dwhyx9fGUajFgJHmX6ihM0Ep+WESVf8cevGXKKhC2kZckKs+z68kwp7xg
7iXud0Y+Nt7bFpSGwU3VWor8/GH5K2a1CUV4NA/zQtjPFJxyzhWu8SJdtoQuc0jc
0l3Eg7b7W9Kj7s/Fwhk+6C5o/+AKB3dH6wRyEctkNd7An4vCBqAKuh0dIj3iAGzO
OYXev2k+6p89+OMkvqD6Lqki9IZXOiCwuwQG2DXXXvMw+rcOvClhYkv/OAsrasAw
gcB6G4j9jWl4dZHNgyasaqfiUr3lv2Keb+LfvyuDccvB
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:24 2025 by rpki-client