Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: die/2ON9YrYi9dPl8tnNV5Ng4mSOT+EpUTXxex9IpIo=
Subject key identifier: 31:57:1A:FF:5B:D8:3E:F7:99:9D:99:05:21:86:2D:54:95:02:F5:69
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0CFE84BB2B0B18066840D400C151F4B53B8132E2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Mon 28 Apr 2025 15:50:06 +0000
ROA not before: Mon 28 Apr 2025 15:50:06 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:fe:84:bb:2b:0b:18:06:68:40:d4:00:c1:51:f4:b5:3b:81:32:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:06 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=522f5feaf6dbb36e9f8652fb9af679c49d45a13d2cc999abfcb8eb747ccb1cf2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:41:59:5e:27:00:8f:e8:b8:5c:15:7c:f9:b5:
ab:09:40:3c:84:83:99:7b:47:12:1d:1e:02:0f:e3:
a6:fb:fd:79:55:31:04:60:8e:09:3a:88:eb:97:62:
0e:ad:7c:31:94:48:88:50:b2:e0:d3:b7:b4:af:aa:
8a:ec:c2:35:1f:f9:35:63:fd:c3:e9:8e:3d:6f:2b:
79:1b:89:f7:c1:0f:d4:b1:dc:7f:da:e0:51:a8:d6:
8c:c3:f9:18:fe:0e:cc:32:ed:d2:58:c8:b9:ef:44:
09:bd:cc:5b:65:90:d6:46:f2:7d:82:ae:20:5e:89:
78:73:9d:5d:55:69:6e:75:77:c2:b2:0c:a7:68:7e:
a3:20:09:ae:01:ab:4c:39:c1:82:1c:a2:d3:25:1d:
42:e7:23:e6:c9:94:4e:d2:41:b1:f5:3d:60:7d:ff:
57:37:ba:8d:d7:ef:d2:a6:5a:dd:22:fc:71:b1:27:
00:01:69:9f:e5:44:b8:02:2b:07:14:bc:95:71:39:
a6:43:02:96:cf:ce:7b:71:ac:82:1c:fb:fb:38:e4:
4f:05:eb:77:78:1e:46:85:d1:ba:a2:24:c8:de:82:
eb:4f:e2:05:bc:54:a5:dc:80:78:6f:b5:c3:64:39:
24:c4:d2:a5:41:6c:09:06:5e:7c:ff:aa:9b:5c:c5:
81:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:57:1A:FF:5B:D8:3E:F7:99:9D:99:05:21:86:2D:54:95:02:F5:69
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
05:7b:9b:97:00:29:1b:b9:bf:48:fa:ef:93:c6:0b:8b:80:b7:
a2:45:05:94:77:80:90:7b:9e:0f:02:27:3a:fa:7a:a8:df:32:
a1:e9:5a:88:8e:aa:e8:d0:2f:08:0b:e2:86:9b:d8:06:ad:68:
28:eb:a1:f1:3a:15:c2:68:e3:78:a9:26:32:1c:88:3f:5d:e6:
bb:90:bc:5e:46:67:8b:b9:39:0c:a8:81:80:9a:6d:d1:17:ad:
1d:46:01:25:eb:2e:8d:91:59:d0:9d:b9:54:81:10:25:f9:69:
c6:b3:db:4d:23:4d:44:b4:30:cd:e0:bd:5f:c7:ee:1d:b0:ce:
7d:9b:07:cd:24:af:7e:0c:6d:05:dc:ae:4a:ce:a7:d2:23:77:
ef:3c:6b:ab:25:20:64:58:f5:6a:b9:e1:70:20:40:cc:50:c2:
a5:dc:66:f3:15:c1:4f:c9:29:11:48:31:5f:82:0e:55:78:71:
f6:31:18:59:25:78:43:cd:d7:e5:85:65:99:02:7e:84:dc:8a:
f3:d5:bd:e0:47:7b:6d:e0:08:48:6e:30:76:42:be:12:6d:6c:
c5:b6:09:fb:a9:46:bf:5c:fa:58:c1:2d:78:c8:e7:de:48:26:
3b:8f:6d:e3:63:28:7c:74:9d:d9:cf:be:ca:2c:7f:3f:ba:1a:
a8:47:0e:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDP6EuysLGAZoQNQAwVH0tTuBMuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMDZaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUyMmY1ZmVhZjZkYmIzNmU5Zjg2NTJmYjlhZjY3OWM0OWQ0NWExM2QyY2M5
OTlhYmZjYjhlYjc0N2NjYjFjZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdBWV4nAI/ouFwVfPm1qwlAPISDmXtHEh0eAg/jpvv9eVUxBGCOCTqI65di
Dq18MZRIiFCy4NO3tK+qiuzCNR/5NWP9w+mOPW8reRuJ98EP1LHcf9rgUajWjMP5
GP4OzDLt0ljIue9ECb3MW2WQ1kbyfYKuIF6JeHOdXVVpbnV3wrIMp2h+oyAJrgGr
TDnBghyi0yUdQucj5smUTtJBsfU9YH3/Vze6jdfv0qZa3SL8cbEnAAFpn+VEuAIr
BxS8lXE5pkMCls/Oe3Gsghz7+zjkTwXrd3geRoXRuqIkyN6C60/iBbxUpdyAeG+1
w2Q5JMTSpUFsCQZefP+qm1zFgbcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQxVxr/
W9g+95mdmQUhhi1UlQL1aTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEABXublwApG7m/SPrvk8YLi4C3okUFlHeAkHueDwIn
Ovp6qN8yoelaiI6q6NAvCAvihpvYBq1oKOuh8ToVwmjjeKkmMhyIP13mu5C8XkZn
i7k5DKiBgJpt0RetHUYBJesujZFZ0J25VIEQJflpxrPbTSNNRLQwzeC9X8fuHbDO
fZsHzSSvfgxtBdyuSs6n0iN37zxrqyUgZFj1arnhcCBAzFDCpdxm8xXBT8kpEUgx
X4IOVXhx9jEYWSV4Q83X5YVlmQJ+hNyK89W94Ed7beAISG4wdkK+Em1sxbYJ+6lG
v1z6WMEteMjn3kgmO49t42MofHSd2c++yix/P7oaqEcOaw==
-----END CERTIFICATE-----
Generated at Tue May 6 14:02:28 2025 by rpki-client