Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
File: c50006d0-c65f-4259-ace3-46351e9d23c5.roa (raw, json)
Hash identifier: rYhOAGVX7HDf5aRp3jDS+m8QShzw1ol1pWzOqyXV4o0=
Subject key identifier: 69:BC:1D:EB:62:15:AF:FE:B6:C3:99:21:CB:EF:A0:9C:BD:AD:81:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A175167946E4C3F4C919A9EBE2CD08B5D8D5E67
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
Signing time: Mon 28 Apr 2025 15:50:54 +0000
ROA not before: Mon 28 Apr 2025 15:50:54 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:17:51:67:94:6e:4c:3f:4c:91:9a:9e:be:2c:d0:8b:5d:8d:5e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:54 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=225dca460367139d9eebaa589038e7438c210e94d618f20d69ea776e7370db87, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:83:9a:9c:52:37:77:c6:46:25:cb:14:61:96:
7c:9b:1c:3a:78:99:be:ea:44:b5:0a:e5:4e:70:41:
42:36:5a:88:5c:13:79:27:a3:ba:9f:31:90:ac:6c:
45:18:e2:ed:f8:be:d6:58:78:54:fd:7c:b1:1e:ff:
a0:61:a2:ae:be:4b:3c:3f:fa:8b:f6:52:de:61:c6:
94:f8:0e:c7:4c:72:56:c3:a1:b5:92:3f:98:6a:0b:
fd:06:a9:b5:98:36:31:3f:d8:a5:d8:a5:07:b3:a9:
9f:1b:5b:6a:30:77:fe:81:f5:e0:81:2e:f7:d7:85:
ce:8c:14:86:92:a0:1a:0f:9c:25:09:a5:9e:a0:10:
09:a4:7e:50:09:97:6c:30:0e:a9:9c:06:ab:ee:87:
3b:23:67:c4:64:2e:78:8f:36:79:fb:66:86:76:71:
74:8c:9b:db:6f:4d:d2:88:f1:e0:bf:9d:36:93:a0:
57:a6:ac:ed:41:d5:c5:08:9d:ae:74:da:38:9b:b4:
2c:50:57:9e:b3:8a:0f:f3:db:a6:c9:08:b0:63:2e:
e7:2e:08:23:2f:7c:ff:c4:c8:5f:8c:ce:f2:d7:e2:
e8:fa:67:8f:eb:b7:b5:af:46:e3:80:1a:e0:1c:17:
a4:29:ba:f9:f5:e6:d8:f1:a8:ee:f2:f8:d4:ba:c5:
5e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:BC:1D:EB:62:15:AF:FE:B6:C3:99:21:CB:EF:A0:9C:BD:AD:81:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c50006d0-c65f-4259-ace3-46351e9d23c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:87:2d:42:da:7a:65:18:ea:4b:8c:08:e4:3b:7d:a1:ac:bf:
1f:c1:70:01:af:89:66:1c:94:8b:2e:2f:63:05:89:c5:b9:71:
2e:08:31:4e:62:6a:4a:f4:a3:01:0d:76:f5:84:4a:75:9a:d3:
2d:6c:12:97:9d:67:b8:3b:6e:e7:89:0d:52:7b:2c:e0:48:0a:
e8:78:39:67:78:c9:3e:e6:00:ad:7d:36:b9:e6:1f:22:04:4b:
8e:04:b6:a4:29:07:81:bb:c3:d8:34:8e:06:eb:96:44:d1:83:
1c:7b:9f:bd:7a:a4:6f:ed:85:4b:75:15:ae:cd:c3:72:b5:03:
ff:3c:3e:00:e4:c6:81:25:50:38:a8:63:c5:db:d1:f1:7a:17:
11:2e:9a:57:1d:70:5e:5e:ac:95:6b:48:8b:ed:fc:dc:f8:20:
f2:c6:75:d7:36:8d:54:32:91:2f:03:30:18:1c:bb:b4:99:0b:
82:52:97:99:20:d5:fc:bc:b7:6c:53:fb:11:14:95:cf:23:e2:
e2:b9:fe:e0:68:34:98:f2:af:1d:8c:b4:2d:28:76:2a:ba:b0:
0a:24:c5:76:a4:2e:55:cc:9f:a2:1d:79:da:d0:c2:65:14:83:
68:99:fd:2d:a8:a0:1d:e3:e0:5b:79:da:cd:7d:d0:ba:57:8a:
3e:74:86:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUShdRZ5RuTD9MkZqevizQi12NXmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwNTRaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNWRjYTQ2MDM2NzEzOWQ5ZWViYWE1ODkwMzhlNzQzOGMyMTBlOTRkNjE4
ZjIwZDY5ZWE3NzZlNzM3MGRiODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2DmpxSN3fGRiXLFGGWfJscOniZvupEtQrlTnBBQjZaiFwTeSejup8xkKxs
RRji7fi+1lh4VP18sR7/oGGirr5LPD/6i/ZS3mHGlPgOx0xyVsOhtZI/mGoL/Qap
tZg2MT/YpdilB7OpnxtbajB3/oH14IEu99eFzowUhpKgGg+cJQmlnqAQCaR+UAmX
bDAOqZwGq+6HOyNnxGQueI82eftmhnZxdIyb229N0ojx4L+dNpOgV6as7UHVxQid
rnTaOJu0LFBXnrOKD/PbpskIsGMu5y4IIy98/8TIX4zO8tfi6Ppnj+u3ta9G44Aa
4BwXpCm6+fXm2PGo7vL41LrFXtUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRpvB3r
YhWv/rbDmSHL76Ccva2BQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUwMDA2ZDAtYzY1Zi00MjU5LWFjZTMtNDYzNTFlOWQyM2M1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQCphy1C2nplGOpLjAjkO32hrL8fwXABr4lmHJSLLi9j
BYnFuXEuCDFOYmpK9KMBDXb1hEp1mtMtbBKXnWe4O27niQ1SeyzgSAroeDlneMk+
5gCtfTa55h8iBEuOBLakKQeBu8PYNI4G65ZE0YMce5+9eqRv7YVLdRWuzcNytQP/
PD4A5MaBJVA4qGPF29HxehcRLppXHXBeXqyVa0iL7fzc+CDyxnXXNo1UMpEvAzAY
HLu0mQuCUpeZINX8vLdsU/sRFJXPI+Liuf7gaDSY8q8djLQtKHYqurAKJMV2pC5V
zJ+iHXna0MJlFINomf0tqKAd4+BbedrNfdC6V4o+dIYK
-----END CERTIFICATE-----
Generated at Tue May 6 04:23:33 2025 by rpki-client