Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
File: 676cc479-c956-49aa-8372-560fd674c62c.roa (raw, json)
Hash identifier: iZwCnK1pVNCNRZLRSH9KDfQTr5ABoPA0m0Hm9slf01g=
Subject key identifier: E7:93:E4:0D:B7:85:31:4E:4D:0C:4B:8E:AF:0C:83:A4:2B:71:AE:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C52FA0A22C92DB11FE95622C143CC745ED8D945
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
Signing time: Fri 23 May 2025 00:51:01 +0000
ROA not before: Fri 23 May 2025 00:51:01 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:52:fa:0a:22:c9:2d:b1:1f:e9:56:22:c1:43:cc:74:5e:d8:d9:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:51:01 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=fc27353fd720c6ed30a7b611e7f92466180713eea6447b9f058c8323beeb32b2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:90:eb:5c:28:0d:84:1f:64:53:a1:9a:10:53:
17:31:09:b7:f9:f2:a6:45:94:08:a2:66:56:e5:7f:
05:91:f6:5a:38:15:9f:2d:54:be:a5:a4:9c:19:e0:
ef:98:d6:0a:51:64:47:e0:7c:2b:04:db:64:24:67:
40:ba:b2:dc:16:e4:3d:87:1d:10:d9:03:4b:fa:f7:
a1:54:16:c3:0f:91:ce:fd:11:9f:75:a2:ba:bb:fd:
24:28:ca:53:f7:5b:12:17:de:d9:f9:20:62:d0:db:
27:7f:0f:7c:1d:1e:78:a6:27:75:57:c7:41:b0:d2:
33:35:ee:eb:c1:51:06:94:04:fc:1d:df:5b:39:5b:
42:b9:d4:af:bc:04:41:2b:fc:f6:4d:d3:0d:92:76:
55:4e:75:08:39:4a:2b:ac:d9:2d:27:9c:52:3c:e7:
db:28:c6:c8:0a:26:75:3d:f8:27:d5:52:e7:56:c9:
24:5c:bf:50:30:6d:c7:ea:ff:19:86:5b:7d:c6:b7:
7e:47:67:c9:8c:cd:c2:28:bd:0f:fa:4f:97:0b:77:
dc:a3:fa:2a:65:0b:12:18:7e:c5:70:82:83:1b:06:
12:d0:9b:ec:26:80:6e:ae:8c:09:a6:9b:ac:de:4c:
81:3f:72:89:d3:62:c3:fb:2f:35:2d:8c:bb:2a:39:
be:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:93:E4:0D:B7:85:31:4E:4D:0C:4B:8E:AF:0C:83:A4:2B:71:AE:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/676cc479-c956-49aa-8372-560fd674c62c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b5:ac:dd:64:84:b9:e1:0b:71:bf:41:c5:ac:5a:fd:98:fb:2d:
c4:2e:ea:51:ae:b2:d8:5d:39:32:4e:80:de:68:dd:14:52:59:
bd:13:9a:04:e6:5b:15:b6:ab:0e:36:60:fb:23:32:de:ef:60:
59:9d:d8:9c:45:33:7c:63:f7:56:be:24:ca:5a:72:77:6c:d0:
f9:e8:07:80:9f:ee:1c:96:cc:d3:ba:7b:91:8a:1c:a5:32:fa:
83:c2:ac:d0:40:70:57:a0:7f:c9:f9:d5:50:57:09:3d:45:18:
02:80:35:ab:3a:3b:3d:63:55:27:34:7a:87:9b:c8:ec:27:59:
43:b4:3b:81:6f:1c:30:5a:02:55:e2:dd:85:14:65:65:9a:7b:
f5:04:63:4e:e2:c1:b4:11:54:f3:82:ef:29:d7:46:d2:a1:a8:
e2:6a:f7:1a:94:02:82:8a:c3:86:b7:18:1a:89:99:78:e3:ae:
b4:15:8b:33:91:2e:91:3d:aa:80:e8:d6:db:51:34:e2:19:6b:
99:e0:67:f6:06:5a:e8:53:b1:09:3c:70:99:82:1c:a0:6e:24:
17:50:b0:6c:40:e8:f1:74:fd:c9:b9:1e:63:c5:11:30:22:10:
57:23:15:84:6d:82:c2:1e:8e:9a:c9:4a:ae:80:5c:95:b6:f0:
92:a6:c9:1c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXFL6CiLJLbEf6VYiwUPMdF7Y2UUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUxMDFaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZjMjczNTNmZDcyMGM2ZWQzMGE3YjYxMWU3ZjkyNDY2MTgwNzEzZWVhNjQ0
N2I5ZjA1OGM4MzIzYmVlYjMyYjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPKQ61woDYQfZFOhmhBTFzEJt/nypkWUCKJmVuV/BZH2WjgVny1UvqWknBng
75jWClFkR+B8KwTbZCRnQLqy3BbkPYcdENkDS/r3oVQWww+Rzv0Rn3Wiurv9JCjK
U/dbEhfe2fkgYtDbJ38PfB0eeKYndVfHQbDSMzXu68FRBpQE/B3fWzlbQrnUr7wE
QSv89k3TDZJ2VU51CDlKK6zZLSecUjzn2yjGyAomdT34J9VS51bJJFy/UDBtx+r/
GYZbfca3fkdnyYzNwii9D/pPlwt33KP6KmULEhh+xXCCgxsGEtCb7CaAbq6MCaab
rN5MgT9yidNiw/svNS2Muyo5vtcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTnk+QN
t4UxTk0MS46vDIOkK3GuQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njc2Y2M0NzktYzk1Ni00OWFhLTgzNzItNTYwZmQ2NzRjNjJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQC1rN1khLnhC3G/QcWsWv2Y+y3ELupRrrLYXTkyToDe
aN0UUlm9E5oE5lsVtqsONmD7IzLe72BZndicRTN8Y/dWviTKWnJ3bND56AeAn+4c
lszTunuRihylMvqDwqzQQHBXoH/J+dVQVwk9RRgCgDWrOjs9Y1UnNHqHm8jsJ1lD
tDuBbxwwWgJV4t2FFGVlmnv1BGNO4sG0EVTzgu8p10bSoajiavcalAKCisOGtxga
iZl44660FYszkS6RPaqA6NbbUTTiGWuZ4Gf2BlroU7EJPHCZghygbiQXULBsQOjx
dP3JuR5jxREwIhBXIxWEbYLCHo6ayUqugFyVtvCSpskc
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:38:51 2025 by rpki-client