Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: 36ubLo7CNGJ0u5o48ZIFyi+bDmlphmekKR4HFvMuRTQ=
Subject key identifier: C1:E5:A8:DE:96:15:81:AF:B0:B9:86:DF:15:E7:E0:26:53:DB:DC:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A7FC0E0D771FFCD6C3643B37510AC67549B3638
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Tue 06 May 2025 00:50:20 +0000
ROA not before: Tue 06 May 2025 00:50:20 +0000
ROA not after: Tue 10 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:7f:c0:e0:d7:71:ff:cd:6c:36:43:b3:75:10:ac:67:54:9b:36:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 6 00:50:20 2025 GMT
Not After : Jun 10 23:59:59 2025 GMT
Subject: serialNumber=935b7351441a3d7c586b3dbb8b7cc32b462dcf54235fd59dff2a1f9fe70bc325, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:89:77:1b:88:e2:28:2c:99:2e:40:97:2f:84:
e8:bb:c3:e9:a5:54:76:16:a4:d9:e7:02:e0:2a:7a:
a4:e3:93:a1:52:9b:4d:d2:38:ff:3d:30:88:46:0a:
40:42:93:31:d8:fa:9d:97:93:7f:5e:35:b8:6d:5a:
66:22:f2:6c:3f:c6:a5:e0:ad:32:61:d1:b2:03:9d:
b2:db:7d:95:d9:68:a4:d6:e0:a1:01:cb:7d:3c:66:
ce:0b:6d:6c:b4:30:cd:9e:67:8a:e0:7d:e0:15:3c:
2d:fb:2c:b2:33:01:88:d3:d2:44:61:df:c3:f1:1f:
45:29:f2:9c:a1:b7:2a:c4:59:7a:4c:ed:87:d1:02:
9a:7d:36:18:45:b6:cf:5b:54:b3:9d:41:9b:5b:68:
13:14:e4:7d:cc:c4:9d:68:b0:14:bd:06:17:c8:e3:
be:4e:95:b3:ec:f2:1c:75:b2:20:48:47:c5:b5:d6:
08:4b:36:d0:30:39:38:c9:1f:a2:a0:67:18:e7:0e:
cd:a9:32:15:7f:c8:ca:15:23:cf:36:11:5a:54:0a:
4d:df:f1:80:8b:6a:18:4b:48:7a:1e:8b:d4:fc:b6:
6e:c0:d2:7c:ef:01:0f:ab:85:68:de:a9:78:a4:0a:
23:ac:65:7f:3e:c1:98:90:5e:c0:60:9f:1d:9c:a9:
26:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E5:A8:DE:96:15:81:AF:B0:B9:86:DF:15:E7:E0:26:53:DB:DC:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
16:f1:91:5a:b6:52:c8:4c:e4:4a:26:f1:98:00:7d:5e:be:d7:
75:ee:10:7c:8f:64:2a:46:85:f9:45:0b:00:e9:40:02:08:b0:
b2:cd:a3:3d:73:c5:e6:51:33:dd:82:64:db:0b:34:a6:47:8f:
1d:6f:5c:45:21:82:e8:ba:fe:01:cd:b1:3b:b4:bb:bf:f0:a9:
2f:8a:17:ae:c7:c4:a3:11:9b:44:c8:b5:b9:63:65:e6:bb:e0:
99:ea:b0:d7:da:97:49:96:30:f3:91:a1:52:20:76:fe:b5:47:
10:1b:93:56:90:98:a2:69:0c:68:b4:ba:a5:a6:ce:ac:03:cd:
3d:03:cf:dc:f3:44:a9:b1:f9:d1:8a:63:38:67:f0:d8:57:64:
9a:47:8e:57:0f:6f:ac:5a:32:c4:13:27:4b:e1:82:b0:d3:07:
a6:cd:60:d5:a1:13:27:f2:a1:a9:5e:3d:cc:57:a0:ca:9e:ba:
ff:5e:a3:33:e4:58:0e:67:6a:29:38:d9:9b:74:dd:5e:39:cd:
bd:0a:1b:a3:ca:40:bd:55:dc:9a:31:d8:ec:fe:e4:fb:9c:54:
a9:07:1d:fa:95:7b:03:22:8c:f6:ef:d8:72:39:70:2e:f0:b3:
13:c2:3d:dd:28:6e:f1:90:10:eb:79:a7:c4:da:c2:9e:12:08:
ad:40:db:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUen/A4Ndx/81sNkOzdRCsZ1SbNjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDYwMDUwMjBaFw0yNTA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzNWI3MzUxNDQxYTNkN2M1ODZiM2RiYjhiN2NjMzJiNDYyZGNmNTQyMzVm
ZDU5ZGZmMmExZjlmZTcwYmMzMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKKJdxuI4igsmS5Aly+E6LvD6aVUdhak2ecC4Cp6pOOToVKbTdI4/z0wiEYK
QEKTMdj6nZeTf141uG1aZiLybD/GpeCtMmHRsgOdstt9ldlopNbgoQHLfTxmzgtt
bLQwzZ5niuB94BU8LfsssjMBiNPSRGHfw/EfRSnynKG3KsRZekzth9ECmn02GEW2
z1tUs51Bm1toExTkfczEnWiwFL0GF8jjvk6Vs+zyHHWyIEhHxbXWCEs20DA5OMkf
oqBnGOcOzakyFX/IyhUjzzYRWlQKTd/xgItqGEtIeh6L1Py2bsDSfO8BD6uFaN6p
eKQKI6xlfz7BmJBewGCfHZypJlUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTB5aje
lhWBr7C5ht8V5+AmU9vckTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQAW8ZFatlLITORKJvGYAH1evtd17hB8j2QqRoX5RQsA
6UACCLCyzaM9c8XmUTPdgmTbCzSmR48db1xFIYLouv4BzbE7tLu/8Kkviheux8Sj
EZtEyLW5Y2Xmu+CZ6rDX2pdJljDzkaFSIHb+tUcQG5NWkJiiaQxotLqlps6sA809
A8/c80SpsfnRimM4Z/DYV2SaR45XD2+sWjLEEydL4YKw0wemzWDVoRMn8qGpXj3M
V6DKnrr/XqMz5FgOZ2opONmbdN1eOc29ChujykC9VdyaMdjs/uT7nFSpBx36lXsD
Ioz279hyOXAu8LMTwj3dKG7xkBDreafE2sKeEgitQNt1
-----END CERTIFICATE-----
Generated at Tue May 6 02:48:32 2025 by rpki-client