Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: P6B73FItr93WmAe4CLH2fewj8x6dV+YMcLmu7xnLXQ8=
Subject key identifier: 9F:C1:B7:C2:E5:C3:3C:A2:78:B2:71:4D:F7:27:22:73:3F:8F:9E:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 74DB4F53480F8527F0BA7088AE65186CDBDCB25D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Sat 31 May 2025 00:50:07 +0000
ROA not before: Sat 31 May 2025 00:50:07 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:db:4f:53:48:0f:85:27:f0:ba:70:88:ae:65:18:6c:db:dc:b2:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:07 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=4c0ef557bb1b6d039854ac1e616e62af17edca2ad8f8179dedc34224efd98aa4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8c:63:b1:74:44:58:b0:05:c4:1d:33:09:75:
18:25:c9:4b:f0:84:60:f9:fa:25:eb:21:f4:1c:ad:
9b:97:e6:2a:1d:15:38:30:dd:a8:d5:2c:f4:7e:b1:
8b:79:4b:c9:48:b0:55:3b:63:e4:9f:5d:a9:c2:89:
08:21:ac:6f:2f:e7:95:58:d5:d2:b8:4e:15:c7:63:
93:6e:28:06:2f:f5:97:1e:da:77:7a:b1:a9:36:59:
f0:49:b1:e6:f2:6d:1e:cd:2b:2f:97:e4:89:8f:13:
66:49:cd:bb:2f:1f:de:06:ad:c0:ba:d4:06:12:65:
dc:7a:9d:6d:50:24:8a:42:d4:77:be:86:de:f6:c2:
5c:59:61:ae:d0:79:94:7c:01:31:0a:a4:81:92:b6:
ea:e3:a0:eb:a5:12:85:93:66:40:2a:4a:c4:71:4f:
51:20:3f:ec:e8:fb:6e:b1:97:d7:00:be:a2:34:76:
cd:d9:15:98:4e:32:93:10:2c:f2:93:92:fb:2a:5d:
f3:17:34:96:80:1a:67:f0:bf:06:e9:1a:f3:29:69:
d3:f9:a8:ee:01:d7:67:41:87:c1:d6:5a:e8:0a:51:
1c:ae:f5:dc:49:95:d4:8e:73:0c:ea:29:07:50:a8:
b8:63:65:38:fd:89:20:82:06:46:f0:d1:74:6f:81:
88:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C1:B7:C2:E5:C3:3C:A2:78:B2:71:4D:F7:27:22:73:3F:8F:9E:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
75:22:50:08:26:66:3b:ea:7f:a9:5e:ab:92:a0:af:36:14:df:
2b:9d:41:c3:4f:79:b7:d3:14:bf:88:e4:61:1b:f7:56:4a:14:
0a:88:dd:49:dd:51:fd:8b:01:7e:c8:29:0b:34:b0:67:95:b4:
ae:3a:00:e7:03:9d:bd:05:04:68:b6:8b:97:c9:bf:a0:9f:12:
40:e7:79:21:38:b0:62:42:aa:88:d8:22:cc:e5:15:1a:90:6c:
c5:7c:d5:be:a0:57:e1:c9:91:4f:19:ad:b3:b3:88:66:99:10:
9d:7e:11:da:65:3b:12:4f:0e:28:c6:d3:7e:6a:4a:26:76:f7:
c8:d8:19:f1:ae:b2:16:be:3f:a6:d9:26:94:a9:78:2f:9b:eb:
bf:8b:1f:b5:a3:bd:1d:50:bd:3e:0f:29:51:9e:ce:67:fe:21:
8f:61:29:4b:07:eb:bc:ed:b5:4a:63:83:37:d4:72:73:a5:52:
02:06:2f:23:03:3b:0e:99:ae:6e:dc:2e:8f:d7:4d:69:d5:09:
ef:da:32:fa:a8:8b:a8:c4:93:2e:f7:fd:85:23:c3:a1:61:2d:
fe:87:7b:6a:c6:f8:61:26:09:81:e4:7f:dc:b4:6c:89:43:02:
4a:ad:12:ab:96:79:4b:ed:d9:85:08:39:c9:85:e6:7a:d6:d7:
3b:0b:fc:76
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdNtPU0gPhSfwunCIrmUYbNvcsl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMDdaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRjMGVmNTU3YmIxYjZkMDM5ODU0YWMxZTYxNmU2MmFmMTdlZGNhMmFkOGY4
MTc5ZGVkYzM0MjI0ZWZkOThhYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIiMY7F0RFiwBcQdMwl1GCXJS/CEYPn6Jesh9Bytm5fmKh0VODDdqNUs9H6x
i3lLyUiwVTtj5J9dqcKJCCGsby/nlVjV0rhOFcdjk24oBi/1lx7ad3qxqTZZ8Emx
5vJtHs0rL5fkiY8TZknNuy8f3gatwLrUBhJl3HqdbVAkikLUd76G3vbCXFlhrtB5
lHwBMQqkgZK26uOg66UShZNmQCpKxHFPUSA/7Oj7brGX1wC+ojR2zdkVmE4ykxAs
8pOS+ypd8xc0loAaZ/C/Buka8ylp0/mo7gHXZ0GHwdZa6ApRHK713EmV1I5zDOop
B1CouGNlOP2JIIIGRvDRdG+BiKkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSfwbfC
5cM8oniycU33JyJzP4+eKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAdSJQCCZmO+p/qV6rkqCvNhTfK51Bw095t9MUv4jk
YRv3VkoUCojdSd1R/YsBfsgpCzSwZ5W0rjoA5wOdvQUEaLaLl8m/oJ8SQOd5ITiw
YkKqiNgizOUVGpBsxXzVvqBX4cmRTxmts7OIZpkQnX4R2mU7Ek8OKMbTfmpKJnb3
yNgZ8a6yFr4/ptkmlKl4L5vrv4sftaO9HVC9Pg8pUZ7OZ/4hj2EpSwfrvO21SmOD
N9Ryc6VSAgYvIwM7Dpmubtwuj9dNadUJ79oy+qiLqMSTLvf9hSPDoWEt/od7asb4
YSYJgeR/3LRsiUMCSq0Sq5Z5S+3ZhQg5yYXmetbXOwv8dg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:25:19 2025 by rpki-client