Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: aW6hk1Tp75QbBFlgMmaGkAcLr1O9LZX6K2bAU1Jjt/w=
Subject key identifier: A8:55:CF:2B:A0:22:1B:F2:3C:87:FE:ED:D7:90:0A:F8:DF:7D:27:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E427DFC4F85AC59B035D3AB0358CDB37D9C7914
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Sat 31 May 2025 00:50:09 +0000
ROA not before: Sat 31 May 2025 00:50:09 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:42:7d:fc:4f:85:ac:59:b0:35:d3:ab:03:58:cd:b3:7d:9c:79:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:09 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=aa81283890e22217c14498811c00ad82b82ef2b538a0e3d4beac5645fb34b944, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:10:91:47:d6:97:1c:e2:ef:4f:07:47:f5:
a5:6a:a1:6e:29:a5:a7:3b:b0:ba:a1:ee:a7:a4:50:
60:fb:cd:c4:35:dc:fb:3a:96:e7:96:49:50:68:75:
55:16:fa:1a:fc:e6:64:66:cc:3f:c8:0c:33:43:e3:
8c:2c:61:ed:06:68:ee:60:8a:82:8a:4e:a7:b8:ac:
4a:1a:ed:97:1c:da:06:ce:ca:5c:62:83:f6:f3:ac:
89:29:18:8d:61:57:3a:f4:63:16:79:73:27:dc:77:
e7:9d:1b:80:42:47:bf:81:5d:3e:df:43:4c:7d:f6:
00:0c:51:5d:29:63:49:ee:cb:8d:63:6d:74:d5:ea:
a3:32:de:cc:8d:62:ce:6f:4e:89:5d:36:1e:17:b4:
25:65:29:92:85:b1:52:53:2c:c7:9a:f6:b9:c8:23:
24:32:22:31:e6:0a:09:e9:e4:88:76:e6:16:11:e6:
db:a1:10:1c:59:ab:39:fb:ea:53:26:db:7d:a8:1a:
cc:0f:89:34:c2:29:6d:b9:59:e1:25:b2:84:2d:a2:
52:d5:f5:b6:6a:3c:00:43:0e:9d:23:3a:2d:4e:e3:
b0:58:03:b6:15:8b:b8:45:57:ad:ff:a4:e1:5b:c9:
f0:91:31:30:84:13:6f:9b:1b:26:e6:d0:ae:d3:d9:
7c:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:55:CF:2B:A0:22:1B:F2:3C:87:FE:ED:D7:90:0A:F8:DF:7D:27:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
95:50:69:9c:01:db:9d:f5:04:b1:b1:92:46:b8:f1:f8:59:36:
3b:34:28:76:ee:40:e5:14:ba:1c:51:8b:61:a8:5d:c2:dc:7a:
23:43:6a:9a:a5:6a:e1:90:65:a5:29:14:70:6c:67:16:9a:a8:
ac:61:19:91:6c:85:11:b2:70:51:3a:5d:a6:b9:1a:dd:79:77:
5b:9a:98:43:83:6d:32:45:57:9e:01:54:2d:77:f9:09:29:a2:
8d:70:09:ac:2d:63:0f:9d:0e:65:36:24:70:42:48:32:be:20:
63:87:e0:ea:58:26:df:ca:df:d1:de:75:49:fe:50:32:59:26:
c8:9b:a3:68:25:50:b8:5e:c5:92:29:ac:ee:ca:ae:e1:e7:e4:
53:22:0c:24:7f:9c:44:06:50:48:65:93:fe:4d:d4:e4:c9:76:
ba:95:50:b5:b1:90:48:03:45:1d:b3:51:5d:fa:ec:dd:7f:38:
fd:26:81:09:64:3e:89:41:f9:61:30:7b:07:a6:fc:f8:84:c6:
7a:7a:e3:fe:e5:eb:f0:5a:37:37:ad:83:29:fa:89:07:0b:73:
d6:10:85:49:d8:0c:33:76:13:74:67:6d:45:11:ac:3e:e2:41:
08:33:a8:0b:7b:6e:9b:e5:a4:07:ce:3e:64:d7:fb:12:df:63:
b5:91:49:94
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXkJ9/E+FrFmwNdOrA1jNs32ceRQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMDlaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGFhODEyODM4OTBlMjIyMTdjMTQ0OTg4MTFjMDBhZDgyYjgyZWYyYjUzOGEw
ZTNkNGJlYWM1NjQ1ZmIzNGI5NDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGdEJFH1pcc4u9PB0f1pWqhbimlpzuwuqHup6RQYPvNxDXc+zqW55ZJUGh1
VRb6GvzmZGbMP8gMM0PjjCxh7QZo7mCKgopOp7isShrtlxzaBs7KXGKD9vOsiSkY
jWFXOvRjFnlzJ9x3550bgEJHv4FdPt9DTH32AAxRXSljSe7LjWNtdNXqozLezI1i
zm9OiV02Hhe0JWUpkoWxUlMsx5r2ucgjJDIiMeYKCenkiHbmFhHm26EQHFmrOfvq
UybbfagazA+JNMIpbblZ4SWyhC2iUtX1tmo8AEMOnSM6LU7jsFgDthWLuEVXrf+k
4VvJ8JExMIQTb5sbJubQrtPZfK0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoVc8r
oCIb8jyH/u3XkAr4330nBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAlVBpnAHbnfUEsbGSRrjx+Fk2OzQodu5A5RS6HFGL
Yahdwtx6I0NqmqVq4ZBlpSkUcGxnFpqorGEZkWyFEbJwUTpdprka3Xl3W5qYQ4Nt
MkVXngFULXf5CSmijXAJrC1jD50OZTYkcEJIMr4gY4fg6lgm38rf0d51Sf5QMlkm
yJujaCVQuF7Fkims7squ4efkUyIMJH+cRAZQSGWT/k3U5Ml2upVQtbGQSANFHbNR
Xfrs3X84/SaBCWQ+iUH5YTB7B6b8+ITGenrj/uXr8Fo3N62DKfqJBwtz1hCFSdgM
M3YTdGdtRRGsPuJBCDOoC3tum+WkB84+ZNf7Et9jtZFJlA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:30:29 2025 by rpki-client