Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
File: 1fa61929-412c-4540-85ff-6ae53d3a9f99.roa (raw, json)
Hash identifier: 1E9as/zVq9O6Lm+6PL7YU/sqMyUxg30VeFqkxzprMuc=
Subject key identifier: CF:15:B4:0A:3B:CE:77:2E:34:8C:AD:92:C2:4E:9D:D1:0C:ED:A5:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 78C7E4DEBA3DE3BEB0027679B25A862EEF2AAD39
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
Signing time: Fri 25 Apr 2025 20:40:08 +0000
ROA not before: Fri 25 Apr 2025 20:40:08 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:c7:e4:de:ba:3d:e3:be:b0:02:76:79:b2:5a:86:2e:ef:2a:ad:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:08 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=27d73a4c324dfe34d84ebfde74b55f79d148fd75047f4d7f1c60218f45e4e38d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:be:e3:7f:9d:2f:ec:06:81:0e:75:e7:fc:b5:
24:6a:41:6f:b1:ae:40:78:a3:31:42:d9:9d:c8:d3:
82:c5:d4:ec:b1:a7:c4:62:50:e8:b7:81:83:0c:f1:
b1:73:de:cd:a8:92:70:8b:e1:8f:5c:b7:b8:21:a9:
db:97:b1:85:4d:3e:41:93:c6:8b:65:be:dc:06:2d:
52:bb:22:a7:20:ff:64:91:f9:e0:3d:04:c0:8f:09:
31:40:bd:d6:08:7f:82:5e:f8:e1:74:07:7d:90:7c:
66:62:48:e6:b0:0f:c2:50:9b:3b:49:8e:dd:f1:c0:
93:d9:69:d5:a9:3a:ee:9e:6e:81:49:f0:80:ec:83:
c0:52:ef:fa:33:47:05:6c:07:9b:2d:8f:5c:1a:44:
0b:f6:39:3e:a0:e3:81:45:aa:8d:34:05:4b:e2:0f:
9f:a6:25:11:58:c2:f2:1c:d8:97:6d:e3:f5:9f:a6:
92:df:df:79:6d:43:73:66:36:5c:53:23:75:3b:10:
c9:75:36:59:75:de:90:7f:70:49:70:9d:2c:b4:08:
2b:7e:dd:26:b3:31:2f:d2:c7:fa:a2:9f:2b:5b:5f:
4a:3c:4b:2e:57:65:cc:03:51:70:29:cc:e9:01:17:
a5:ce:6c:06:65:05:d1:f3:72:1d:08:f0:a7:44:1c:
7b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:15:B4:0A:3B:CE:77:2E:34:8C:AD:92:C2:4E:9D:D1:0C:ED:A5:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa61929-412c-4540-85ff-6ae53d3a9f99.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1c:03:74:83:14:27:03:e1:ed:08:a3:80:a9:ae:49:19:b7:ab:
c1:dc:e4:cb:75:65:da:25:f0:51:24:c0:7f:80:85:1b:14:b1:
3e:ba:c7:df:ca:f5:04:5c:c2:9b:8f:13:db:9e:77:0f:ac:41:
99:67:48:08:b0:c6:c1:02:5a:36:4e:1c:2b:e8:b1:79:eb:36:
4b:35:4e:fa:fb:95:2f:89:33:96:71:e5:e4:41:db:85:55:5c:
0d:81:2e:6e:a9:74:97:26:a5:01:d8:5d:61:39:09:2c:0d:24:
28:88:66:03:a6:db:d6:26:e1:f7:b7:0f:1a:fd:32:b5:9f:04:
05:42:57:5d:88:15:38:f4:be:cb:18:19:b8:14:33:d4:50:73:
18:d8:04:dd:8f:08:a0:b2:b2:ac:b7:73:fd:88:e7:71:27:b5:
8c:12:11:ab:8b:82:6f:f6:6e:61:a9:fb:75:2b:f6:1f:6d:7e:
60:6d:07:7f:d2:50:8d:e0:65:22:92:d6:30:46:45:f3:41:d1:
f1:3a:6b:f2:79:25:92:3f:db:9e:f3:58:46:03:92:da:cf:b2:
3d:44:ad:25:ec:02:dc:b2:ef:d2:71:8e:fb:f0:f2:31:eb:24:
9d:a2:a9:23:9f:6f:2f:6d:53:49:72:b4:9e:22:88:45:90:60:
46:e5:e8:32
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeMfk3ro9476wAnZ5slqGLu8qrTkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwMDhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3ZDczYTRjMzI0ZGZlMzRkODRlYmZkZTc0YjU1Zjc5ZDE0OGZkNzUwNDdm
NGQ3ZjFjNjAyMThmNDVlNGUzOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOa+43+dL+wGgQ515/y1JGpBb7GuQHijMULZncjTgsXU7LGnxGJQ6LeBgwzx
sXPezaiScIvhj1y3uCGp25exhU0+QZPGi2W+3AYtUrsipyD/ZJH54D0EwI8JMUC9
1gh/gl744XQHfZB8ZmJI5rAPwlCbO0mO3fHAk9lp1ak67p5ugUnwgOyDwFLv+jNH
BWwHmy2PXBpEC/Y5PqDjgUWqjTQFS+IPn6YlEVjC8hzYl23j9Z+mkt/feW1Dc2Y2
XFMjdTsQyXU2WXXekH9wSXCdLLQIK37dJrMxL9LH+qKfK1tfSjxLLldlzANRcCnM
6QEXpc5sBmUF0fNyHQjwp0Qcez8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTPFbQK
O853LjSMrZLCTp3RDO2lDTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNjE5MjktNDEyYy00NTQwLTg1ZmYtNmFlNTNkM2E5Zjk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQAcA3SDFCcD4e0Io4CprkkZt6vB3OTLdWXaJfBRJMB/
gIUbFLE+usffyvUEXMKbjxPbnncPrEGZZ0gIsMbBAlo2Thwr6LF56zZLNU76+5Uv
iTOWceXkQduFVVwNgS5uqXSXJqUB2F1hOQksDSQoiGYDptvWJuH3tw8a/TK1nwQF
QlddiBU49L7LGBm4FDPUUHMY2ATdjwigsrKst3P9iOdxJ7WMEhGri4Jv9m5hqft1
K/YfbX5gbQd/0lCN4GUiktYwRkXzQdHxOmvyeSWSP9ue81hGA5Laz7I9RK0l7ALc
su/ScY778PIx6ySdoqkjn28vbVNJcrSeIohFkGBG5egy
-----END CERTIFICATE-----
Generated at Fri May 9 10:10:16 2025 by rpki-client