Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: evC5FwmP3gNslNnnxOrVCUZsIDbTWk/JarnYz16Fjfg=
Subject key identifier: 07:42:EC:4E:BE:7F:1A:24:8C:E1:DF:65:B9:F4:AC:53:5A:08:12:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D91D22A4B50C24A408EF35C0CB6A924D1B0E1FD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Sat 31 May 2025 00:50:04 +0000
ROA not before: Sat 31 May 2025 00:50:04 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:91:d2:2a:4b:50:c2:4a:40:8e:f3:5c:0c:b6:a9:24:d1:b0:e1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:04 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=7099f633633140ba6ce8052b40cf5af1004bff88ca8ec042181075144ab365a7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:67:ae:6e:27:8a:a8:ae:b7:94:1a:b9:ab:da:
dd:ef:1e:cf:73:96:dc:d9:62:85:e2:eb:b1:d6:83:
6d:93:99:f3:66:e8:80:b2:54:91:97:e6:6b:52:ff:
94:91:32:a6:8a:4f:38:82:9a:d8:79:02:e7:4f:68:
fb:e0:7a:35:eb:71:29:1c:fe:fa:db:10:46:e9:ff:
70:9f:cf:38:da:4d:1e:29:82:38:76:74:42:9e:9c:
2c:56:ad:1d:c8:76:44:79:ff:58:be:31:cf:de:1b:
f4:81:cb:b1:94:db:36:a2:86:bf:9e:ba:df:13:60:
61:f9:f3:81:87:54:60:41:4d:a0:75:af:b8:a8:37:
f1:f2:c2:46:e1:53:bc:9e:38:91:95:ad:8c:3e:ef:
fe:ca:23:d5:77:47:7b:59:24:22:d6:2a:6c:40:93:
e2:d0:38:0f:d1:aa:a9:bb:77:7e:f3:17:a8:a5:9e:
31:a8:fe:d2:05:46:21:cc:5f:cd:d3:16:9f:bd:46:
9d:56:75:a6:8b:16:cc:52:84:ad:1c:39:e7:be:17:
99:bf:1e:a6:2b:3d:e1:c6:c5:92:fc:a8:04:be:f0:
bc:05:47:bd:97:95:49:1b:17:8f:e7:0c:e4:ce:f6:
c9:a5:19:20:f6:8d:6c:9f:ae:b2:30:72:1b:7c:e2:
e4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:42:EC:4E:BE:7F:1A:24:8C:E1:DF:65:B9:F4:AC:53:5A:08:12:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:66:c2:07:c1:ce:1f:62:5b:61:8e:13:31:b3:9e:cd:47:ce:
9c:d2:fe:ac:20:83:10:24:b0:ae:89:c6:65:ad:28:b7:55:51:
9f:f1:d4:0e:7f:0c:76:27:6d:bd:96:6c:15:e5:ce:47:e5:f3:
56:27:87:33:8c:f8:7b:21:de:7a:1d:73:ce:3b:31:2a:0c:04:
54:00:26:fa:93:a7:cc:1a:67:ad:91:79:49:77:fa:a8:f1:20:
8b:bd:17:e1:c3:02:75:0d:d8:ee:a3:b6:7d:7a:27:e4:1b:57:
43:8f:9a:09:01:37:9d:bb:48:2a:42:fa:39:b8:00:e6:18:87:
2b:37:6c:b2:3b:fd:01:ab:d1:b2:63:e9:b9:43:d7:37:33:ec:
66:a1:2a:29:a6:90:9a:09:47:c5:b8:31:4f:2f:3e:d0:c3:dc:
0f:71:13:a4:a4:6f:d8:c4:e7:75:49:21:a7:a9:68:c3:ee:90:
07:d1:eb:2d:c1:ab:99:11:93:70:9b:5d:91:4f:7f:a2:37:59:
21:7c:ba:5a:64:f5:d1:91:e6:f3:55:5e:f9:2d:da:14:7d:3f:
4d:f5:c6:10:3c:17:5f:cf:b5:63:c2:49:31:80:e0:7b:f6:e6:
24:cd:45:48:a1:2e:08:ae:93:1c:5b:cb:6e:70:0e:b7:f6:5e:
66:45:41:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPZHSKktQwkpAjvNcDLapJNGw4f0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMDRaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcwOTlmNjMzNjMzMTQwYmE2Y2U4MDUyYjQwY2Y1YWYxMDA0YmZmODhjYThl
YzA0MjE4MTA3NTE0NGFiMzY1YTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIxnrm4niqiut5Qauava3e8ez3OW3NliheLrsdaDbZOZ82bogLJUkZfma1L/
lJEypopPOIKa2HkC509o++B6NetxKRz++tsQRun/cJ/PONpNHimCOHZ0Qp6cLFat
Hch2RHn/WL4xz94b9IHLsZTbNqKGv5663xNgYfnzgYdUYEFNoHWvuKg38fLCRuFT
vJ44kZWtjD7v/soj1XdHe1kkItYqbECT4tA4D9Gqqbt3fvMXqKWeMaj+0gVGIcxf
zdMWn71GnVZ1posWzFKErRw5574Xmb8epis94cbFkvyoBL7wvAVHvZeVSRsXj+cM
5M72yaUZIPaNbJ+usjByG3zi5J8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHQuxO
vn8aJIzh32W59KxTWggSUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQCCZsIHwc4fYlthjhMxs57NR86c0v6sIIMQJLCuicZl
rSi3VVGf8dQOfwx2J229lmwV5c5H5fNWJ4czjPh7Id56HXPOOzEqDARUACb6k6fM
GmetkXlJd/qo8SCLvRfhwwJ1Ddjuo7Z9eifkG1dDj5oJATedu0gqQvo5uADmGIcr
N2yyO/0Bq9GyY+m5Q9c3M+xmoSopppCaCUfFuDFPLz7Qw9wPcROkpG/YxOd1SSGn
qWjD7pAH0estwauZEZNwm12RT3+iN1khfLpaZPXRkebzVV75LdoUfT9N9cYQPBdf
z7VjwkkxgOB79uYkzUVIoS4IrpMcW8tucA639l5mRUH3
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:38 2025 by rpki-client