Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
File: d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa (raw, json)
Hash identifier: MBXaT0vtGNurrvfZqyeUJVPC5y9utJX+VUJBh6jXs+M=
Subject key identifier: E6:EA:BC:0B:F6:70:75:6C:37:94:65:C7:C5:5D:8A:64:F4:B0:7C:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30FEF6EE241FFD3DC3A5A7C73E2D77007F53AD53
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
Signing time: Tue 20 May 2025 20:41:32 +0000
ROA not before: Tue 20 May 2025 20:41:32 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:fe:f6:ee:24:1f:fd:3d:c3:a5:a7:c7:3e:2d:77:00:7f:53:ad:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:32 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=92423a9642434ee317c362eb8e574ad0ea019240c3b00d1820a1612430ab0563, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a5:87:23:a9:0b:f8:7d:ca:ee:77:bf:d8:aa:
79:78:85:7d:42:3c:09:b0:58:5b:c3:4e:01:e1:b2:
84:aa:ec:c0:5b:34:62:fa:4d:93:84:1d:6c:1b:03:
8c:e3:9a:75:ea:ea:05:02:42:e1:b7:6c:23:a4:9b:
62:37:4d:61:0d:ad:29:9d:0a:cf:ab:5c:ce:89:35:
f5:5b:5a:06:80:fb:8e:5d:d4:a7:67:12:2c:da:46:
97:eb:da:5e:e4:fe:75:c5:fe:a6:7e:34:03:cc:5d:
79:84:33:0d:84:89:8d:0d:22:df:5f:b5:ef:c4:d2:
66:59:c3:1f:d3:46:32:d7:3e:7e:4b:74:a9:5b:34:
26:87:39:24:01:aa:44:20:5c:23:d5:07:8d:f0:2e:
d0:15:cf:ba:f4:cb:a3:1f:54:e4:33:18:62:20:e7:
49:81:13:6b:a0:76:3a:1e:71:76:9c:7a:2b:8c:81:
48:17:59:7a:33:ca:78:ef:a9:73:7b:7c:35:ec:ff:
7d:59:a5:cc:7d:7d:86:2f:04:d6:13:7e:51:46:7b:
cf:d3:39:31:1a:db:95:8e:56:8f:7f:52:46:02:31:
85:f8:c9:67:24:96:e9:0e:21:6c:9c:ad:f6:b8:a5:
1c:9c:ec:cb:f9:35:3b:cd:b0:ca:b8:76:c9:7e:6b:
8d:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:EA:BC:0B:F6:70:75:6C:37:94:65:C7:C5:5D:8A:64:F4:B0:7C:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d241761a-4c6e-4db3-ba0a-26b2eda6222a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:13:22:ae:68:14:b9:40:9d:71:40:62:87:9a:06:48:6a:6e:
2c:b9:3a:5b:61:02:f7:bc:33:3e:7a:b3:19:2e:e4:32:8c:7c:
18:1f:ff:26:5f:88:f6:d4:72:30:3d:f3:ec:dd:f7:41:b9:a2:
08:05:d3:f1:16:09:03:cc:ef:11:c2:58:a6:6a:45:28:44:0a:
4a:b7:f8:8b:48:18:99:d7:3d:ab:81:17:46:d8:82:8b:17:36:
24:2c:0b:ce:92:8b:26:41:4c:bc:45:d2:3d:1c:00:8a:3e:d8:
65:94:d6:12:d7:c5:b0:5e:57:9d:c6:5a:15:61:fb:f8:71:68:
1b:9f:77:54:fa:72:01:1a:78:3d:17:16:e9:6a:ca:88:c6:24:
94:02:b3:f5:54:49:b8:34:cb:76:8a:c1:3e:dc:ac:97:6b:6c:
c7:2e:e7:16:26:7a:96:8a:05:13:d6:7b:9f:b3:c8:0f:49:cf:
76:d6:f7:25:85:b5:6f:68:59:4c:fe:c1:ae:a5:91:9c:1d:6b:
e2:84:a7:95:a8:4d:7d:35:39:0e:bc:c7:7c:fd:f5:99:49:02:
5c:4f:34:5f:2e:ce:6a:a9:c6:83:7f:d6:4f:1d:9f:fb:b9:3b:
2a:f7:b1:a3:c6:01:eb:03:cf:7c:fe:19:2b:24:59:e5:0d:9e:
1f:91:04:b5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMP727iQf/T3DpafHPi13AH9TrVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMzJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyNDIzYTk2NDI0MzRlZTMxN2MzNjJlYjhlNTc0YWQwZWEwMTkyNDBjM2Iw
MGQxODIwYTE2MTI0MzBhYjA1NjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANalhyOpC/h9yu53v9iqeXiFfUI8CbBYW8NOAeGyhKrswFs0YvpNk4QdbBsD
jOOaderqBQJC4bdsI6SbYjdNYQ2tKZ0Kz6tczok19VtaBoD7jl3Up2cSLNpGl+va
XuT+dcX+pn40A8xdeYQzDYSJjQ0i31+178TSZlnDH9NGMtc+fkt0qVs0Joc5JAGq
RCBcI9UHjfAu0BXPuvTLox9U5DMYYiDnSYETa6B2Oh5xdpx6K4yBSBdZejPKeO+p
c3t8Nez/fVmlzH19hi8E1hN+UUZ7z9M5MRrblY5Wj39SRgIxhfjJZySW6Q4hbJyt
9rilHJzsy/k1O82wyrh2yX5rjYcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTm6rwL
9nB1bDeUZcfFXYpk9LB8zTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDI0MTc2MWEtNGM2ZS00ZGIzLWJhMGEtMjZiMmVkYTYyMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQCvEyKuaBS5QJ1xQGKHmgZIam4suTpbYQL3vDM+erMZ
LuQyjHwYH/8mX4j21HIwPfPs3fdBuaIIBdPxFgkDzO8RwlimakUoRApKt/iLSBiZ
1z2rgRdG2IKLFzYkLAvOkosmQUy8RdI9HACKPthllNYS18WwXledxloVYfv4cWgb
n3dU+nIBGng9FxbpasqIxiSUArP1VEm4NMt2isE+3KyXa2zHLucWJnqWigUT1nuf
s8gPSc921vclhbVvaFlM/sGupZGcHWvihKeVqE19NTkOvMd8/fWZSQJcTzRfLs5q
qcaDf9ZPHZ/7uTsq97GjxgHrA898/hkrJFnlDZ4fkQS1
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:06:26 2025 by rpki-client