Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
File: bad59de4-adad-41c5-bcd9-10599419c7b5.roa (raw, json)
Hash identifier: IA7y5eYgo5tnK4vVXsgbbZspYYzzRJiNHO7HRry7OW4=
Subject key identifier: 6E:DA:B3:C5:D8:1D:2B:FF:71:22:53:98:21:4C:26:00:F3:C3:AE:23
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 789DE709BC07F9707FF1A79D5206216F8DC0CB64
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
Signing time: Fri 23 May 2025 00:50:09 +0000
ROA not before: Fri 23 May 2025 00:50:09 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:9d:e7:09:bc:07:f9:70:7f:f1:a7:9d:52:06:21:6f:8d:c0:cb:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:09 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=82f67b2f1208026d92195fcfbf61ffec5028e23f44bf632e815f6db748c4215e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f1:ba:21:3a:88:8c:8a:cd:1e:8b:e0:80:e8:
02:61:9c:7f:bb:73:73:cb:1b:ca:70:64:7f:37:61:
6f:43:3f:2e:ab:12:3f:d1:37:5a:06:08:07:34:b8:
1f:da:04:a5:6e:e3:5d:e4:85:48:e3:cf:54:ac:78:
7e:e8:a9:9d:80:c7:b4:c4:ce:a7:31:3e:30:86:2c:
d0:ef:b5:5d:91:ce:d0:f8:44:4a:44:22:1f:a7:e6:
de:a0:bc:a5:61:c0:ce:14:f8:a2:70:fe:dd:cf:f9:
51:76:f8:bb:0c:79:9c:d9:11:e4:30:5b:7a:93:ff:
90:51:a9:ff:25:fc:b7:27:b0:74:39:88:59:ac:43:
52:30:32:56:bb:0c:4c:95:e5:30:74:a3:eb:68:64:
a0:5e:e0:7f:c2:47:e3:b5:f0:fe:9f:79:39:0d:b4:
b7:d5:3c:d8:a3:3b:a5:4b:cf:10:e1:24:50:b3:73:
f1:df:57:06:d0:69:67:f7:4a:95:a7:0d:1c:b7:16:
a3:30:5b:96:f0:80:0c:03:4e:e4:5b:ea:e3:c8:c3:
6a:40:00:d1:25:98:27:a6:ea:3e:28:10:fc:f1:dd:
6b:64:f3:7b:7e:f6:7b:e1:7d:69:c7:db:b6:71:70:
f2:8c:2f:99:6d:48:fa:75:4b:cc:9c:f2:86:8d:df:
0a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DA:B3:C5:D8:1D:2B:FF:71:22:53:98:21:4C:26:00:F3:C3:AE:23
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bad59de4-adad-41c5-bcd9-10599419c7b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
44:60:fa:2e:f1:ad:44:68:c8:2d:b2:65:c8:86:f8:9b:f2:9f:
90:51:a6:58:3e:1b:9b:0a:b0:84:ae:9f:22:79:e2:88:a2:42:
31:2e:1c:49:ba:45:c1:7c:f9:a9:42:2e:4a:28:88:30:27:08:
2e:06:8a:bc:30:b9:44:3c:1f:8c:68:dd:d2:e8:c0:6a:ed:99:
97:3a:b8:24:67:44:76:91:e1:26:7b:fb:f6:da:8f:40:25:9f:
ac:53:3b:1f:49:30:9f:a2:14:b0:1f:51:9a:6d:69:2c:f2:23:
d9:5d:94:4c:ad:a3:c7:2b:b1:8d:00:b4:48:c7:16:d5:0d:e8:
e5:7d:15:39:5e:05:15:e3:14:88:4b:6d:84:bf:1d:bf:cb:48:
09:30:73:71:07:cc:2c:a2:69:5b:97:a8:4b:94:c7:1d:02:11:
44:2a:f3:a1:d4:32:ad:ff:e4:16:53:84:a6:0a:58:15:09:af:
9b:7b:de:80:c7:ba:d7:a8:1b:a7:ba:19:47:54:fe:7b:23:f5:
6c:d0:21:00:67:8d:e6:3b:e7:57:61:f5:84:b2:3e:41:a0:05:
8a:ab:c4:de:c5:cd:76:38:f4:0b:d9:0d:cf:b8:49:bd:a8:93:
c1:c0:ae:5a:3f:bd:9b:87:29:3f:7d:69:bc:ec:d0:88:cf:78:
f0:f6:08:db
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeJ3nCbwH+XB/8aedUgYhb43Ay2QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMDlaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyZjY3YjJmMTIwODAyNmQ5MjE5NWZjZmJmNjFmZmVjNTAyOGUyM2Y0NGJm
NjMyZTgxNWY2ZGI3NDhjNDIxNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvxuiE6iIyKzR6L4IDoAmGcf7tzc8sbynBkfzdhb0M/LqsSP9E3WgYIBzS4
H9oEpW7jXeSFSOPPVKx4fuipnYDHtMTOpzE+MIYs0O+1XZHO0PhESkQiH6fm3qC8
pWHAzhT4onD+3c/5UXb4uwx5nNkR5DBbepP/kFGp/yX8tyewdDmIWaxDUjAyVrsM
TJXlMHSj62hkoF7gf8JH47Xw/p95OQ20t9U82KM7pUvPEOEkULNz8d9XBtBpZ/dK
lacNHLcWozBblvCADANO5Fvq48jDakAA0SWYJ6bqPigQ/PHda2Tze372e+F9acfb
tnFw8owvmW1I+nVLzJzyho3fCrMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRu2rPF
2B0r/3EiU5ghTCYA88OuIzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmFkNTlkZTQtYWRhZC00MWM1LWJjZDktMTA1OTk0MTljN2I1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEARGD6LvGtRGjILbJlyIb4m/KfkFGmWD4bmwqwhK6f
InniiKJCMS4cSbpFwXz5qUIuSiiIMCcILgaKvDC5RDwfjGjd0ujAau2Zlzq4JGdE
dpHhJnv79tqPQCWfrFM7H0kwn6IUsB9Rmm1pLPIj2V2UTK2jxyuxjQC0SMcW1Q3o
5X0VOV4FFeMUiEtthL8dv8tICTBzcQfMLKJpW5eoS5THHQIRRCrzodQyrf/kFlOE
pgpYFQmvm3vegMe616gbp7oZR1T+eyP1bNAhAGeN5jvnV2H1hLI+QaAFiqvE3sXN
djj0C9kNz7hJvaiTwcCuWj+9m4cpP31pvOzQiM948PYI2w==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:50:33 2025 by rpki-client