Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
File: 84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa (raw, json)
Hash identifier: yqFAd9qEe6E4ufVPtbCLuQT4HPPuuF5w87nZKDz10BU=
Subject key identifier: DB:34:AF:2A:4D:6D:18:5C:55:FA:CB:4E:DE:D1:CB:AE:29:5F:F9:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 365E9F03A3D42453D60A7B031D32F66602A10E98
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
Signing time: Tue 20 May 2025 20:50:43 +0000
ROA not before: Tue 20 May 2025 20:50:43 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:5e:9f:03:a3:d4:24:53:d6:0a:7b:03:1d:32:f6:66:02:a1:0e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:43 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=096b93105c6be483d118645e3b3b5ee9a309a3044fe9e4494826367066669f2b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1d:cc:89:8f:f8:ea:5f:df:9f:ff:d3:3e:41:
9e:fe:11:47:ea:1f:95:d2:9e:f8:11:85:01:6e:79:
33:4d:75:d6:5a:ef:1a:cd:88:b6:a3:67:d9:1a:31:
f2:30:50:be:95:d1:6b:f4:9b:ea:a0:48:aa:10:d5:
5b:ae:e6:28:82:0a:92:96:8f:d4:b7:2c:89:92:02:
2f:a3:21:af:2f:a3:ca:4b:d8:be:78:25:3d:b6:62:
4f:62:de:96:42:a7:81:ca:86:eb:56:b9:40:5c:b6:
77:79:d0:b4:6d:02:bd:c7:97:03:3a:0e:ab:b4:63:
3b:61:95:10:a7:7e:fc:7f:e4:ed:21:bd:d6:e5:55:
7f:26:5c:f7:b1:eb:64:15:21:c6:a9:a8:ef:57:84:
26:90:99:4c:08:5a:43:a6:7f:af:ad:e1:80:37:c3:
6c:6f:29:65:95:82:ee:42:94:bb:91:93:9f:d1:7b:
4e:61:76:d9:e3:64:46:7a:33:31:37:f1:d0:42:d7:
da:92:76:e8:4c:1b:20:5f:fa:0f:42:c9:81:74:fe:
78:97:64:c5:2b:b0:82:76:e9:94:0a:28:c1:05:e2:
56:de:4d:63:ae:b1:2c:38:7c:e0:d0:8f:09:3d:a9:
01:0c:b6:58:e7:38:d1:3f:c4:16:54:39:32:1c:2f:
8e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:34:AF:2A:4D:6D:18:5C:55:FA:CB:4E:DE:D1:CB:AE:29:5F:F9:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/84c43b95-85d3-4c1d-a6be-cf17906f11c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c2:6f:d3:42:7b:40:fd:76:65:4e:5b:75:da:02:e0:44:23:e5:
64:dc:27:75:62:e9:fd:0a:8c:5e:69:7a:8a:84:f9:01:b6:6a:
83:e7:a0:66:5f:76:d2:a6:9d:ef:2c:d1:0b:b9:5b:33:84:a7:
b7:b9:5a:b6:19:2b:2e:f0:52:cd:23:b8:bd:7f:6c:be:b0:6e:
20:d6:96:74:ac:b9:78:95:01:d7:73:5f:2f:a4:37:41:d2:1e:
42:df:68:05:46:e1:b9:c9:a7:82:ec:ec:c3:db:5e:bd:fa:84:
3b:b5:78:45:11:89:61:1a:d5:fe:80:40:e5:c4:f7:40:ca:1b:
b0:9c:4e:39:fe:a5:08:dc:d1:14:47:e7:0a:ce:fb:72:93:54:
42:b1:f0:20:9e:21:e0:57:0b:da:40:5e:b0:81:99:ce:5d:d1:
73:a7:73:08:de:35:20:e9:f5:4b:57:e9:d9:8d:34:7b:b1:d2:
90:a6:4e:0e:a4:0d:ab:5f:ef:00:48:93:97:52:2d:ec:00:15:
cd:59:60:5f:91:75:c1:49:35:94:ba:49:4b:29:ad:51:af:69:
de:31:f6:0c:ef:32:cf:4a:1e:c5:7e:5b:0a:47:85:db:02:5f:
38:97:90:c4:d6:4a:26:7e:a8:d3:5c:c5:70:3c:b2:da:dd:3e:
cf:fe:de:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNl6fA6PUJFPWCnsDHTL2ZgKhDpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwNDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NmI5MzEwNWM2YmU0ODNkMTE4NjQ1ZTNiM2I1ZWU5YTMwOWEzMDQ0ZmU5
ZTQ0OTQ4MjYzNjcwNjY2NjlmMmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAModzImP+Opf35//0z5Bnv4RR+ofldKe+BGFAW55M0111lrvGs2ItqNn2Rox
8jBQvpXRa/Sb6qBIqhDVW67mKIIKkpaP1LcsiZICL6Mhry+jykvYvnglPbZiT2Le
lkKngcqG61a5QFy2d3nQtG0CvceXAzoOq7RjO2GVEKd+/H/k7SG91uVVfyZc97Hr
ZBUhxqmo71eEJpCZTAhaQ6Z/r63hgDfDbG8pZZWC7kKUu5GTn9F7TmF22eNkRnoz
MTfx0ELX2pJ26EwbIF/6D0LJgXT+eJdkxSuwgnbplAoowQXiVt5NY66xLDh84NCP
CT2pAQy2WOc40T/EFlQ5MhwvjkMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTbNK8q
TW0YXFX6y07e0cuuKV/58DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODRjNDNiOTUtODVkMy00YzFkLWE2YmUtY2YxNzkwNmYxMWM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQDCb9NCe0D9dmVOW3XaAuBEI+Vk3Cd1Yun9CoxeaXqK
hPkBtmqD56BmX3bSpp3vLNELuVszhKe3uVq2GSsu8FLNI7i9f2y+sG4g1pZ0rLl4
lQHXc18vpDdB0h5C32gFRuG5yaeC7OzD2169+oQ7tXhFEYlhGtX+gEDlxPdAyhuw
nE45/qUI3NEUR+cKzvtyk1RCsfAgniHgVwvaQF6wgZnOXdFzp3MI3jUg6fVLV+nZ
jTR7sdKQpk4OpA2rX+8ASJOXUi3sABXNWWBfkXXBSTWUuklLKa1Rr2neMfYM7zLP
Sh7FflsKR4XbAl84l5DE1komfqjTXMVwPLLa3T7P/t4e
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:43:15 2025 by rpki-client