Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
File: 9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa (raw, json)
Hash identifier: ZXLpR8mJBW25DJNL3ZUZfbp38BZUB3rai5+CbdO8SUg=
Subject key identifier: E2:5C:5C:20:DB:3D:B3:AE:8B:18:5D:C7:6D:64:2D:47:68:33:58:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38089136A7A68448856D6DF1A428F2E028C2202D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
Signing time: Mon 28 Apr 2025 15:50:53 +0000
ROA not before: Mon 28 Apr 2025 15:50:53 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/14 maxlen: 14
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:08:91:36:a7:a6:84:48:85:6d:6d:f1:a4:28:f2:e0:28:c2:20:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:53 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=be6c4dc1b0a85363217afa19ce5501d256dac78e443c162e626143997b5d7788, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d4:3c:84:6f:e4:62:ca:db:1d:18:5f:96:29:
91:df:bd:7f:a3:6c:aa:21:d2:06:3b:c2:84:f6:5b:
5f:b5:3f:fd:a5:2d:ec:9b:da:ea:7b:61:82:3b:8f:
e1:17:81:74:f2:24:c4:df:6d:31:3f:22:91:06:d3:
34:56:6f:df:07:c3:ec:9e:73:31:12:b8:d4:51:9a:
cf:c8:68:b5:da:b8:23:71:05:2a:70:07:e7:d2:3b:
a4:c7:40:d8:44:ed:b6:57:b1:4b:c5:c3:d0:9d:d1:
cb:59:92:97:26:aa:26:09:e9:53:b7:1d:74:c7:fa:
8d:0b:ec:6d:55:23:38:f8:6f:da:74:fa:14:4b:f2:
dc:35:47:8f:18:c9:e7:a0:85:10:ec:d0:d6:25:ea:
db:55:44:f3:cd:60:c7:38:39:c6:ed:80:2b:b8:d3:
29:ec:e3:d3:ab:6e:8f:f7:e3:67:b6:af:b6:1b:42:
c1:19:25:98:4f:21:3d:f8:e7:05:e9:54:b2:84:bb:
b4:20:6f:8a:fd:3c:8c:4d:27:69:32:5d:66:9a:7e:
41:fc:3e:73:3a:a8:bf:4e:59:22:7e:b0:ae:9a:ab:
2d:2b:6f:77:32:67:37:12:ba:e8:24:4d:6a:10:5d:
9c:26:cc:94:65:2b:3f:a1:9c:05:eb:61:11:4f:bc:
27:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5C:5C:20:DB:3D:B3:AE:8B:18:5D:C7:6D:64:2D:47:68:33:58:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a1fa391-4377-44ba-a6c7-c785fc9a7733.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/14
Signature Algorithm: sha256WithRSAEncryption
7d:36:26:04:a3:9e:7c:63:b8:95:29:6a:de:84:9c:fa:9f:90:
8a:b2:9c:01:aa:64:55:33:b8:4a:57:23:14:c3:e3:ef:71:b8:
9f:87:64:5d:3e:97:c7:0e:3e:0d:e3:f8:f2:ba:e4:8a:00:9c:
16:e3:cc:77:70:ac:9e:e8:74:d8:4a:78:17:e4:03:3e:cd:ce:
a3:20:9d:19:ee:a7:ee:a2:e3:93:7f:6f:34:60:f3:0e:28:9d:
64:cc:9e:ae:c0:4e:db:2e:d4:41:2a:dc:d2:a3:4d:7e:2e:3d:
a4:89:e5:0d:b2:57:a0:38:09:33:6e:eb:c2:fd:5f:10:14:a9:
8e:a6:2e:25:2f:3d:6a:06:60:cb:74:22:34:cb:90:1b:55:ea:
75:69:7a:76:76:4b:da:a2:94:bb:48:98:50:1d:84:c2:91:49:
29:6e:66:49:8d:08:3f:e4:4b:eb:a9:26:79:0b:15:98:0c:f6:
ca:1c:89:e8:b1:f1:1f:d5:83:8c:43:86:61:12:3e:4e:ba:17:
e3:04:14:a5:26:a1:a8:f7:ac:fa:77:69:ed:80:ef:dc:43:bb:
f1:23:d5:9a:30:b9:ee:aa:f3:b5:cf:a7:e5:29:a1:8d:b3:c9:
00:bd:fd:f7:63:f6:7c:fe:fb:65:71:77:c0:02:bf:5e:9c:bd:
a7:cb:c6:d6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOAiRNqemhEiFbW3xpCjy4CjCIC0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTNaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlNmM0ZGMxYjBhODUzNjMyMTdhZmExOWNlNTUwMWQyNTZkYWM3OGU0NDNj
MTYyZTYyNjE0Mzk5N2I1ZDc3ODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbUPIRv5GLK2x0YX5Ypkd+9f6NsqiHSBjvChPZbX7U//aUt7Jva6nthgjuP
4ReBdPIkxN9tMT8ikQbTNFZv3wfD7J5zMRK41FGaz8hotdq4I3EFKnAH59I7pMdA
2ETttlexS8XD0J3Ry1mSlyaqJgnpU7cddMf6jQvsbVUjOPhv2nT6FEvy3DVHjxjJ
56CFEOzQ1iXq21VE881gxzg5xu2AK7jTKezj06tuj/fjZ7avthtCwRklmE8hPfjn
BelUsoS7tCBviv08jE0naTJdZpp+Qfw+czqov05ZIn6wrpqrLStvdzJnNxK66CRN
ahBdnCbMlGUrP6GcBethEU+8J30CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTiXFwg
2z2zrosYXcdtZC1HaDNYATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWExZmEzOTEtNDM3Ny00NGJhLWE2YzctYzc4NWZjOWE3NzMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNUMA0G
CSqGSIb3DQEBCwUAA4IBAQB9NiYEo558Y7iVKWrehJz6n5CKspwBqmRVM7hKVyMU
w+Pvcbifh2RdPpfHDj4N4/jyuuSKAJwW48x3cKye6HTYSngX5AM+zc6jIJ0Z7qfu
ouOTf280YPMOKJ1kzJ6uwE7bLtRBKtzSo01+Lj2kieUNslegOAkzbuvC/V8QFKmO
pi4lLz1qBmDLdCI0y5AbVep1aXp2dkvaopS7SJhQHYTCkUkpbmZJjQg/5EvrqSZ5
CxWYDPbKHInosfEf1YOMQ4ZhEj5OuhfjBBSlJqGo96z6d2ntgO/cQ7vxI9WaMLnu
qvO1z6flKaGNs8kAvf33Y/Z8/vtlcXfAAr9enL2ny8bW
-----END CERTIFICATE-----
Generated at Mon May 5 06:06:31 2025 by rpki-client