Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: n5XNgvEV5ha3hvfUGjaP3WiRzUEEvJsXUScuiRo3hWI=
Subject key identifier: C9:60:DB:B7:F3:FA:2B:4D:53:4D:66:1B:11:B1:15:74:DF:FE:C8:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 308B924DE2D95ED06AC2C957EFC909FBA2C26DFE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Fri 25 Apr 2025 20:31:30 +0000
ROA not before: Fri 25 Apr 2025 20:31:30 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:8b:92:4d:e2:d9:5e:d0:6a:c2:c9:57:ef:c9:09:fb:a2:c2:6d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:30 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=b50c0047b8670b181d19fa3d5968ec07fe15d8d6b46a932ef44df997bf930ba4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:64:8b:1f:93:e5:4c:6e:9f:a6:61:28:91:11:
d5:0c:3d:03:ae:07:f1:0f:38:b0:0e:36:b7:7c:44:
c3:cc:5d:4d:0e:9b:67:67:36:cd:75:13:37:88:22:
5d:5b:37:29:95:07:79:b5:f5:15:76:05:40:99:29:
e0:83:f7:8f:37:03:d1:7f:27:e4:1b:e3:49:ce:69:
c0:85:31:6b:95:2c:60:d8:5d:3c:a6:c8:32:c2:fe:
29:23:eb:02:5b:24:b8:78:94:c0:6d:ec:3a:39:4b:
13:e5:e0:88:6a:82:0e:c2:56:34:20:59:86:3a:bd:
7c:f7:c8:9a:9a:96:3a:d6:40:60:59:d0:38:3e:6e:
b1:9b:0c:2a:a4:85:1b:d0:69:1f:32:bc:bc:ff:bf:
b1:b1:bf:26:26:c8:a6:27:75:f5:4b:72:7d:b3:f1:
44:f9:df:ff:14:00:5f:e9:4f:66:bb:e8:21:65:57:
21:7b:89:f3:55:e2:25:df:90:11:4e:45:a4:a6:7b:
fc:bf:f6:ca:93:47:1d:49:5a:39:c2:27:10:9d:e2:
35:4e:c5:d7:5f:da:23:e0:58:09:70:5d:29:85:45:
b9:7f:ba:bb:7a:c5:d7:12:f7:ec:32:f0:bf:76:59:
f0:3f:2d:b5:24:08:43:91:04:82:71:8a:bc:bb:8a:
fc:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:60:DB:B7:F3:FA:2B:4D:53:4D:66:1B:11:B1:15:74:DF:FE:C8:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
41:73:3a:6b:cd:ee:07:01:17:d2:3f:55:15:5e:20:23:38:04:
cc:7e:04:f4:d7:6d:79:4f:dc:cc:6a:9f:d7:2e:9b:18:8b:8a:
d3:a2:ae:c3:4c:1f:95:a3:0c:2d:51:2c:e9:fe:75:d1:18:f2:
f1:59:5f:e4:31:72:b5:30:28:de:63:35:85:97:9a:49:a5:7d:
7a:a0:6e:07:ba:31:fe:a4:6f:b0:aa:25:93:8f:80:5f:82:79:
4b:1f:f6:0e:ce:53:ca:9a:dd:6b:77:75:a5:28:fa:a5:51:46:
42:03:e1:46:21:72:63:cb:fa:4f:e9:e0:a6:1c:21:95:cc:58:
15:7b:e5:57:1a:f9:8c:f2:dc:c7:40:f2:62:54:f3:ed:e3:28:
01:aa:20:1f:15:71:56:b8:d2:ab:0a:25:1e:74:f5:26:3e:2c:
37:6f:f7:54:4c:ec:a6:0e:0f:6a:3f:ea:36:2f:da:0d:f0:27:
90:6a:4c:0c:01:10:94:df:16:14:26:a1:32:72:5b:47:ac:c4:
aa:fa:53:c2:9e:40:b5:cc:ed:2d:27:25:4b:d8:d3:a8:38:a0:
88:0b:10:63:95:b8:98:c3:d7:da:68:29:1b:c6:f3:ec:5a:af:
23:f8:7b:27:04:5b:01:46:a9:d8:bf:e9:e7:2d:a1:5f:da:ca:
03:91:4c:c0
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUMIuSTeLZXtBqwslX78kJ+6LCbf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMzBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1MGMwMDQ3Yjg2NzBiMTgxZDE5ZmEzZDU5NjhlYzA3ZmUxNWQ4ZDZiNDZh
OTMyZWY0NGRmOTk3YmY5MzBiYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALdkix+T5Uxun6ZhKJER1Qw9A64H8Q84sA42t3xEw8xdTQ6bZ2c2zXUTN4gi
XVs3KZUHebX1FXYFQJkp4IP3jzcD0X8n5BvjSc5pwIUxa5UsYNhdPKbIMsL+KSPr
AlskuHiUwG3sOjlLE+XgiGqCDsJWNCBZhjq9fPfImpqWOtZAYFnQOD5usZsMKqSF
G9BpHzK8vP+/sbG/JibIpid19UtyfbPxRPnf/xQAX+lPZrvoIWVXIXuJ81XiJd+Q
EU5FpKZ7/L/2ypNHHUlaOcInEJ3iNU7F11/aI+BYCXBdKYVFuX+6u3rF1xL37DLw
v3ZZ8D8ttSQIQ5EEgnGKvLuK/AECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTJYNu3
8/orTVNNZhsRsRV03/7ICjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAEFzOmvN7gcBF9I/VRVeICM4BMx+BPTXbXlP3Mxq
n9cumxiLitOirsNMH5WjDC1RLOn+ddEY8vFZX+QxcrUwKN5jNYWXmkmlfXqgbge6
Mf6kb7CqJZOPgF+CeUsf9g7OU8qa3Wt3daUo+qVRRkID4UYhcmPL+k/p4KYcIZXM
WBV75Vca+Yzy3MdA8mJU8+3jKAGqIB8VcVa40qsKJR509SY+LDdv91RM7KYOD2o/
6jYv2g3wJ5BqTAwBEJTfFhQmoTJyW0esxKr6U8KeQLXM7S0nJUvY06g4oIgLEGOV
uJjD19poKRvG8+xaryP4eycEWwFGqdi/6ectoV/aygORTMA=
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:47:11 2025 by rpki-client