Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: plLFQ+RxmTcYRRpOXSKpkgm282UgmruW7Rg7L4G1JBQ=
Subject key identifier: E0:53:E2:68:63:E4:BF:C5:5E:9B:B7:8F:34:3E:19:29:7D:06:3F:77
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: FDACDDC3FC48244296529E134C4C2F5A3955AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Mon 14 Apr 2025 17:30:13 +0000
ROA not before: Mon 14 Apr 2025 17:30:13 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
fd:ac:dd:c3:fc:48:24:42:96:52:9e:13:4c:4c:2f:5a:39:55:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 14 17:30:13 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=1bad0ba998934fd85524777730a832f11290e5c956b594545c89c27a4a4a9977, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a6:68:6f:a8:e2:2d:6c:13:88:24:62:53:56:
d6:a0:7e:21:b7:63:ec:26:37:1e:a0:dc:c9:91:5e:
99:da:17:dc:39:6a:6d:aa:92:4c:f4:83:a8:0f:4b:
da:5f:4c:8c:b3:67:8b:bd:d4:63:30:7b:4f:11:e5:
88:e7:5a:a6:96:69:98:1a:05:e5:30:ec:d9:29:6a:
0e:30:68:f0:30:46:fa:02:f5:79:a8:78:a8:b7:35:
07:3d:03:8c:1a:d3:46:d7:a1:8a:c3:e2:69:df:36:
75:e5:0d:7c:05:ef:a8:19:eb:ad:cf:11:40:da:06:
38:d7:dc:5e:43:1f:3b:49:c7:d5:4e:ca:6e:c0:d6:
f1:61:31:0d:57:87:76:bf:23:12:e8:fa:30:1b:02:
99:87:92:d1:2b:80:6a:cc:83:97:d3:e5:ca:31:55:
54:2d:f9:32:d6:1a:a7:5b:bd:1b:6e:b5:1a:bd:45:
5f:f0:ce:37:1f:fb:c5:f3:18:aa:0a:ac:06:d9:4f:
30:30:41:c9:19:c2:e1:5b:7e:41:80:e7:fb:ca:16:
33:4b:32:a1:83:72:71:f6:45:73:9d:cb:c0:7a:47:
58:34:bd:ea:1f:df:3e:4e:14:41:e7:20:4d:5b:31:
af:37:e4:8e:bf:1c:8a:1e:35:37:9f:ed:82:fb:9b:
86:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:53:E2:68:63:E4:BF:C5:5E:9B:B7:8F:34:3E:19:29:7D:06:3F:77
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
34:22:56:b3:96:1c:37:20:b3:db:2a:47:3e:b2:5d:48:82:4c:
bb:aa:0a:23:0e:bd:15:dc:5e:f3:2b:e1:98:39:e9:28:71:b7:
d7:33:03:4e:0a:5c:50:d9:83:96:4a:db:ef:73:e4:59:50:14:
bc:ec:99:b3:15:6a:9f:2a:8e:8d:fd:2e:0c:f0:10:ad:49:0d:
c6:ca:6b:30:6b:36:bc:19:3a:6c:02:1f:5c:a9:86:14:a4:e9:
d2:64:1c:7a:e8:53:e3:75:cc:ce:ea:e2:a9:ac:9a:2b:12:7d:
4f:ed:78:fa:5f:ec:1c:74:43:4b:41:50:22:e1:59:e3:b3:89:
5a:c2:94:10:28:58:3b:9d:37:0d:52:7f:21:5f:7f:81:45:b8:
e2:8c:70:ed:eb:5c:3a:3a:f3:c7:32:07:2e:de:3b:67:db:49:
ca:3b:26:aa:76:cc:16:a3:45:eb:48:9a:1d:8a:83:7a:39:5a:
a6:83:4e:f8:7f:b5:03:45:47:8c:c9:ee:51:f7:e7:a1:46:3e:
2d:71:d9:b6:fd:a6:31:25:bf:2a:d2:8a:6b:48:4c:2d:f9:f0:
f8:39:94:b2:9c:eb:75:89:53:8a:bd:ea:ca:eb:dc:09:97:f9:
c0:22:ef:2d:06:cf:46:40:da:15:d5:f7:40:63:90:98:d1:fc:
3a:6f:b9:62
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAP2s3cP8SCRCllKeE0xML1o5Va8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTQxNzMwMTNaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiYWQwYmE5OTg5MzRmZDg1NTI0Nzc3NzMwYTgzMmYxMTI5MGU1Yzk1NmI1
OTQ1NDVjODljMjdhNGE0YTk5NzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANKmaG+o4i1sE4gkYlNW1qB+Ibdj7CY3HqDcyZFemdoX3DlqbaqSTPSDqA9L
2l9MjLNni73UYzB7TxHliOdappZpmBoF5TDs2SlqDjBo8DBG+gL1eah4qLc1Bz0D
jBrTRtehisPiad82deUNfAXvqBnrrc8RQNoGONfcXkMfO0nH1U7KbsDW8WExDVeH
dr8jEuj6MBsCmYeS0SuAasyDl9PlyjFVVC35MtYap1u9G261Gr1FX/DONx/7xfMY
qgqsBtlPMDBByRnC4Vt+QYDn+8oWM0syoYNycfZFc53LwHpHWDS96h/fPk4UQecg
TVsxrzfkjr8cih41N5/tgvubhtECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTgU+Jo
Y+S/xV6bt480PhkpfQY/dzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEANCJWs5YcNyCz2ypHPrJdSIJMu6oKIw69Fdxe8yvh
mDnpKHG31zMDTgpcUNmDlkrb73PkWVAUvOyZsxVqnyqOjf0uDPAQrUkNxsprMGs2
vBk6bAIfXKmGFKTp0mQceuhT43XMzuriqayaKxJ9T+14+l/sHHRDS0FQIuFZ47OJ
WsKUEChYO503DVJ/IV9/gUW44oxw7etcOjrzxzIHLt47Z9tJyjsmqnbMFqNF60ia
HYqDejlapoNO+H+1A0VHjMnuUffnoUY+LXHZtv2mMSW/KtKKa0hMLfnw+DmUspzr
dYlTir3qyuvcCZf5wCLvLQbPRkDaFdX3QGOQmNH8Om+5Yg==
-----END CERTIFICATE-----
Generated at Tue May 6 01:50:59 2025 by rpki-client