Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
File: f0b62efe-867d-4733-9b0c-8354a04195f8.roa (raw, json)
Hash identifier: bIlR1R1BTD7bEcdUJq29KbN3rJpCK+BWMfk5L5G/QiQ=
Subject key identifier: D2:B5:4E:C3:B7:CF:97:08:BC:90:19:55:0B:D3:B4:14:D6:29:30:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 554FC31D486E8E413AE03C89F1ACC9F8EC4F8C11
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
Signing time: Fri 25 Apr 2025 20:30:08 +0000
ROA not before: Fri 25 Apr 2025 20:30:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:4f:c3:1d:48:6e:8e:41:3a:e0:3c:89:f1:ac:c9:f8:ec:4f:8c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=3eacbb60747670356e6563b86c8d3fd4122445aae62b56afc23465940aaa8293, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:24:77:b8:1c:3b:16:7a:ce:04:81:ab:72:d6:
c2:9d:b9:8e:03:d8:95:99:46:cf:f4:a3:d2:38:3c:
47:37:77:c7:93:fa:b8:32:6a:06:b8:6a:71:9d:9e:
e0:f9:ae:6b:6a:ae:37:20:72:be:a5:57:6a:b3:db:
9a:ae:a5:ac:b1:91:11:c2:9b:70:2b:4b:09:ec:ce:
28:88:c9:ce:52:6a:9c:28:a0:12:a5:eb:30:1a:c0:
b1:9c:35:dd:08:f2:52:82:60:1f:fb:cc:1e:0d:75:
2f:7a:49:84:a8:50:d2:ab:6e:c9:20:44:f9:81:47:
03:41:d8:44:53:db:2c:b4:6a:10:da:45:30:7a:d8:
bd:15:24:c8:3b:81:3c:57:a6:eb:94:64:11:cc:79:
cd:39:3e:76:16:c0:0a:5e:89:94:f9:e7:e4:13:29:
48:77:75:82:14:98:4a:b5:99:6a:a0:7c:fc:78:88:
fd:29:33:84:cf:bf:23:45:7b:a3:b8:4b:2f:01:6e:
97:43:85:17:3d:fc:bc:fa:d0:a0:cc:2e:25:c7:1d:
9e:e5:86:99:fe:cc:71:9c:57:b1:60:d3:95:9f:a6:
c7:04:08:ef:77:51:3b:6f:d5:a4:6e:f2:63:93:8f:
8d:58:2a:3b:21:c9:f4:f4:a6:5c:a8:b5:b0:31:51:
ee:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B5:4E:C3:B7:CF:97:08:BC:90:19:55:0B:D3:B4:14:D6:29:30:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0b62efe-867d-4733-9b0c-8354a04195f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d3:42:f0:da:81:52:59:3f:46:f4:da:75:4a:8b:d7:f4:ff:7c:
b3:4d:8c:94:76:1e:14:07:8d:58:20:49:94:2b:c1:55:75:58:
e5:68:f3:6a:b3:4a:e5:e5:5d:95:e9:00:ac:62:d3:97:7e:d0:
ff:28:27:0d:c7:a5:2a:81:a0:f4:b1:20:c5:39:8a:22:75:89:
47:aa:53:58:d7:89:6c:aa:e2:d5:d3:51:b8:6a:03:41:0a:88:
b5:70:a4:9d:c3:cf:dc:7c:e2:68:c2:34:df:6e:cc:a2:ba:e9:
72:ce:a4:e5:38:1e:4b:7a:65:15:8e:61:0a:17:d8:fd:d3:c6:
f1:1d:87:9a:9e:2e:40:44:30:55:09:76:47:e2:c6:a6:6e:18:
b9:09:22:48:67:74:8c:d4:31:16:fa:ec:9b:91:9a:36:75:d4:
ba:7f:b2:b6:8a:a7:c9:b7:e4:fd:20:e1:ca:f1:ec:bf:e3:13:
88:8d:b6:d4:20:c3:bd:f2:60:d0:94:8f:36:aa:4f:5f:71:ba:
76:76:e6:df:83:84:a5:ad:35:ec:9e:4f:0d:55:07:88:90:25:
2a:94:5e:1d:54:17:8c:04:a7:2e:b1:85:db:01:68:79:e9:9f:
ee:88:98:60:b5:97:4a:8e:0f:f0:0c:3e:06:e9:8e:2a:db:c5:
73:0f:b7:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVU/DHUhujkE64DyJ8azJ+OxPjBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlYWNiYjYwNzQ3NjcwMzU2ZTY1NjNiODZjOGQzZmQ0MTIyNDQ1YWFlNjJi
NTZhZmMyMzQ2NTk0MGFhYTgyOTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI0kd7gcOxZ6zgSBq3LWwp25jgPYlZlGz/Sj0jg8Rzd3x5P6uDJqBrhqcZ2e
4Pmua2quNyByvqVXarPbmq6lrLGREcKbcCtLCezOKIjJzlJqnCigEqXrMBrAsZw1
3QjyUoJgH/vMHg11L3pJhKhQ0qtuySBE+YFHA0HYRFPbLLRqENpFMHrYvRUkyDuB
PFem65RkEcx5zTk+dhbACl6JlPnn5BMpSHd1ghSYSrWZaqB8/HiI/SkzhM+/I0V7
o7hLLwFul0OFFz38vPrQoMwuJccdnuWGmf7McZxXsWDTlZ+mxwQI73dRO2/VpG7y
Y5OPjVgqOyHJ9PSmXKi1sDFR7lUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTStU7D
t8+XCLyQGVUL07QU1ikwxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBiNjJlZmUtODY3ZC00NzMzLTliMGMtODM1NGEwNDE5NWY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQDTQvDagVJZP0b02nVKi9f0/3yzTYyUdh4UB41YIEmU
K8FVdVjlaPNqs0rl5V2V6QCsYtOXftD/KCcNx6UqgaD0sSDFOYoidYlHqlNY14ls
quLV01G4agNBCoi1cKSdw8/cfOJowjTfbsyiuulyzqTlOB5LemUVjmEKF9j908bx
HYeani5ARDBVCXZH4sambhi5CSJIZ3SM1DEW+uybkZo2ddS6f7K2iqfJt+T9IOHK
8ey/4xOIjbbUIMO98mDQlI82qk9fcbp2dubfg4SlrTXsnk8NVQeIkCUqlF4dVBeM
BKcusYXbAWh56Z/uiJhgtZdKjg/wDD4G6Y4q28VzD7f3
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:46:59 2025 by rpki-client