Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: nL8c1F148oKhGxE89AgLWTybpDJ9n+UtUaUlxsYJBQc=
Subject key identifier: 31:17:92:69:DE:E4:23:47:32:07:60:60:25:06:93:2A:2C:1A:32:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B966BDBB88F1EB274BFC40EC60BC00C695EB99E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Wed 25 Jun 2025 00:50:06 +0000
ROA not before: Wed 25 Jun 2025 00:50:06 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:96:6b:db:b8:8f:1e:b2:74:bf:c4:0e:c6:0b:c0:0c:69:5e:b9:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:06 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=9ca1ff68f4f301a42a5bf56f35b8084b6b69f0fe3f91b588d4471a5ce2ec8e58, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:06:0f:a7:a0:9f:0c:a4:dc:54:2d:ab:12:02:
80:52:ef:da:8a:96:f1:e6:47:af:7b:02:2f:8c:d6:
15:7d:a5:50:64:d9:db:c8:20:54:54:07:e3:c9:61:
e6:2e:83:9f:33:cb:c5:26:97:9b:21:2b:1d:2b:77:
19:8b:61:4f:d1:71:3b:ee:77:83:31:7f:f2:b4:54:
53:af:21:2b:ca:da:0a:dc:be:d6:5c:8b:a6:77:bd:
d9:57:19:1c:c3:9c:78:7a:41:01:91:ce:39:c4:8a:
d1:b3:0e:1d:db:a0:6b:f1:fe:7a:e3:b1:96:5b:ed:
f3:90:a8:ea:2d:fc:2c:0d:d2:0d:b2:4c:27:ba:55:
1b:28:51:f9:35:f4:c0:df:89:3c:a1:b0:33:f7:bd:
9c:da:c2:51:cc:3b:27:98:e6:f6:42:61:8e:c5:44:
42:00:6c:93:55:12:09:10:35:37:d9:02:bc:5f:fd:
0b:f0:b0:5c:24:b6:f9:c8:f8:8e:9e:bf:c5:fb:f6:
a1:7e:d5:20:53:38:75:be:c9:79:0c:1d:10:22:47:
a8:42:a9:fb:c3:bf:36:ae:81:fa:b9:fc:95:de:5a:
3b:81:a9:ee:df:1a:bc:c9:01:63:5a:f0:8f:9f:ed:
dd:7e:f5:68:83:3f:57:8f:c4:78:4a:69:47:5b:ba:
ac:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:17:92:69:DE:E4:23:47:32:07:60:60:25:06:93:2A:2C:1A:32:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
66:48:ce:9f:2d:e1:9c:42:20:bc:75:c1:34:44:f2:ed:8f:3a:
10:92:54:4c:78:dd:1c:29:71:fa:33:b0:da:76:2f:d6:af:1e:
0c:6e:29:32:7d:6c:72:34:22:6c:5e:c2:d8:11:f6:05:65:26:
b9:9f:8f:4b:3e:a0:97:c3:a0:8d:71:5e:b8:7f:eb:3c:ce:ad:
cf:03:9c:dc:f7:12:7d:42:e0:f0:eb:83:87:ab:7e:d6:87:a1:
27:98:cc:71:79:35:1f:00:09:fb:a0:7b:c7:e6:b3:7e:d5:ea:
7c:54:fc:2e:70:ed:12:07:25:86:b9:4f:58:5a:20:52:65:af:
54:4c:ed:b2:38:5e:25:27:8a:36:d8:eb:54:39:96:8d:af:e7:
62:be:2c:be:af:4b:38:04:71:dc:18:e9:ca:ce:bb:3c:2c:95:
3e:17:65:26:51:26:24:aa:27:3a:e7:4d:90:34:27:8d:f7:58:
26:0a:0a:5c:da:9c:ca:c6:c8:ec:43:9f:67:33:02:d9:90:a3:
06:dc:18:3d:2b:12:d3:84:ab:b8:f2:93:e4:17:12:4b:8d:a4:
20:9c:27:45:a3:08:27:47:ac:3b:ab:37:67:31:68:bb:ba:dc:
c7:8a:b0:83:46:8d:06:c3:62:a9:24:5f:1e:61:d0:bc:ed:94:
2e:74:9d:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUG5Zr27iPHrJ0v8QOxgvADGleuZ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMDZaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDljYTFmZjY4ZjRmMzAxYTQyYTViZjU2ZjM1YjgwODRiNmI2OWYwZmUzZjkx
YjU4OGQ0NDcxYTVjZTJlYzhlNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4GD6egnwyk3FQtqxICgFLv2oqW8eZHr3sCL4zWFX2lUGTZ28ggVFQH48lh
5i6DnzPLxSaXmyErHSt3GYthT9FxO+53gzF/8rRUU68hK8raCty+1lyLpne92VcZ
HMOceHpBAZHOOcSK0bMOHduga/H+euOxllvt85Co6i38LA3SDbJMJ7pVGyhR+TX0
wN+JPKGwM/e9nNrCUcw7J5jm9kJhjsVEQgBsk1USCRA1N9kCvF/9C/CwXCS2+cj4
jp6/xfv2oX7VIFM4db7JeQwdECJHqEKp+8O/Nq6B+rn8ld5aO4Gp7t8avMkBY1rw
j5/t3X71aIM/V4/EeEppR1u6rO0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQxF5Jp
3uQjRzIHYGAlBpMqLBoyfjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAZkjOny3hnEIgvHXBNETy7Y86EJJUTHjdHClx+jOw
2nYv1q8eDG4pMn1scjQibF7C2BH2BWUmuZ+PSz6gl8OgjXFeuH/rPM6tzwOc3PcS
fULg8OuDh6t+1oehJ5jMcXk1HwAJ+6B7x+azftXqfFT8LnDtEgclhrlPWFogUmWv
VEztsjheJSeKNtjrVDmWja/nYr4svq9LOARx3Bjpys67PCyVPhdlJlEmJKonOudN
kDQnjfdYJgoKXNqcysbI7EOfZzMC2ZCjBtwYPSsS04SruPKT5BcSS42kIJwnRaMI
J0esO6s3ZzFou7rcx4qwg0aNBsNiqSRfHmHQvO2ULnSd+A==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:57 2025 by rpki-client