Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: eAe9htLCE4YGF3tk8Qyb4WDzEsYBbhP6Lt1HjJ3mYXA=
Subject key identifier: 14:58:60:52:38:9C:BD:12:B4:B9:03:E4:C0:42:87:2D:74:A8:13:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E03C6CBE67FBDADE258382AEF1B89A535C1B7F4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Mon 26 May 2025 15:20:04 +0000
ROA not before: Mon 26 May 2025 15:20:04 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:03:c6:cb:e6:7f:bd:ad:e2:58:38:2a:ef:1b:89:a5:35:c1:b7:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 26 15:20:04 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=6af8fb7c61a291695111ca637eafada1a197b9c152605751e8d40f8b03211aff, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:74:7e:6b:90:70:38:79:ad:c8:76:91:1b:78:
1a:77:f3:71:c5:b2:0a:b5:a0:c2:96:bf:14:2a:b6:
dc:89:a8:96:6c:8e:e1:09:4a:ff:53:94:d6:50:3e:
ab:a6:41:eb:73:1b:0d:ff:18:5d:17:c9:1c:80:cc:
05:1a:36:3f:77:7d:02:73:18:2a:b2:09:a3:f7:6e:
2b:27:a8:30:fb:a7:9a:f2:69:a2:14:d5:a6:41:e0:
83:4b:f7:1e:d1:0f:dd:d9:64:bb:be:c4:2a:14:7f:
f4:39:b6:df:4d:b7:99:d2:0b:96:4b:55:0c:ad:b9:
53:5e:96:d2:32:29:fb:16:15:3f:32:b0:9d:fc:50:
5a:70:86:e2:2f:da:04:b1:5b:bc:7f:46:3b:9a:89:
f8:ae:e5:51:99:4c:5e:d4:6e:a0:ad:b3:5d:06:af:
ae:ea:20:f5:99:72:14:87:a5:11:83:e3:b0:39:4b:
31:6e:08:32:0a:34:de:27:2d:93:82:1f:70:32:d2:
44:d9:c8:a2:4d:48:86:04:f8:c9:ce:df:c1:82:0d:
52:c2:f8:94:23:94:0d:72:fc:35:db:58:8f:10:cb:
44:e0:54:57:7f:0f:7c:cf:a6:78:02:0a:91:90:b7:
bc:3c:af:50:9d:07:b3:06:58:f8:17:3b:99:83:bc:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:58:60:52:38:9C:BD:12:B4:B9:03:E4:C0:42:87:2D:74:A8:13:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c0:2a:2d:aa:f8:77:6b:32:43:40:0d:90:01:49:24:b7:77:
bf:13:77:71:7e:f2:e0:7f:3d:57:99:d9:56:f6:f0:f6:e3:2a:
a9:51:1f:f7:31:70:61:8a:18:60:4b:62:de:92:8c:03:37:98:
53:20:ae:c8:63:51:f3:2f:2a:d0:41:ac:e6:ec:cd:05:2c:1c:
65:b3:97:50:d6:d9:7d:b4:bf:34:80:e3:fd:f6:6c:4d:39:0f:
df:f1:38:34:42:ab:e8:9a:e5:52:0e:fe:49:ec:56:73:44:bb:
f5:e4:1d:38:7f:25:d2:b9:35:4c:45:91:b2:a5:85:96:21:55:
44:2a:78:73:41:0c:9f:9a:f6:1e:62:e2:a8:a7:3c:7e:7f:d4:
9b:cc:4f:77:f8:e3:d4:8a:d8:bd:57:76:b8:68:f0:8d:6f:b4:
b5:28:5c:c9:96:76:68:0d:6d:af:3b:00:47:84:bf:bd:72:ed:
51:72:3a:a0:d8:41:54:57:4f:f9:50:da:15:cc:db:07:2a:6a:
c7:06:bc:36:c1:aa:9a:e2:d7:35:9b:35:b4:96:80:0d:9e:8e:
d4:b5:97:f7:c0:c8:4c:d4:d4:69:da:44:5e:15:69:84:4e:96:
92:11:e9:46:12:b0:74:00:61:1e:6a:cb:02:bd:bd:43:dc:3b:
09:df:78:5e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULgPGy+Z/va3iWDgq7xuJpTXBt/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjYxNTIwMDRaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhZjhmYjdjNjFhMjkxNjk1MTExY2E2MzdlYWZhZGExYTE5N2I5YzE1MjYw
NTc1MWU4ZDQwZjhiMDMyMTFhZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALx0fmuQcDh5rch2kRt4GnfzccWyCrWgwpa/FCq23ImolmyO4QlK/1OU1lA+
q6ZB63MbDf8YXRfJHIDMBRo2P3d9AnMYKrIJo/duKyeoMPunmvJpohTVpkHgg0v3
HtEP3dlku77EKhR/9Dm23023mdILlktVDK25U16W0jIp+xYVPzKwnfxQWnCG4i/a
BLFbvH9GO5qJ+K7lUZlMXtRuoK2zXQavruog9ZlyFIelEYPjsDlLMW4IMgo03ict
k4IfcDLSRNnIok1IhgT4yc7fwYINUsL4lCOUDXL8NdtYjxDLROBUV38PfM+meAIK
kZC3vDyvUJ0HswZY+Bc7mYO8FJ0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQUWGBS
OJy9ErS5A+TAQoctdKgTyDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAU8AqLar4d2syQ0ANkAFJJLd3vxN3cX7y4H89V5nZ
Vvbw9uMqqVEf9zFwYYoYYEti3pKMAzeYUyCuyGNR8y8q0EGs5uzNBSwcZbOXUNbZ
fbS/NIDj/fZsTTkP3/E4NEKr6JrlUg7+SexWc0S79eQdOH8l0rk1TEWRsqWFliFV
RCp4c0EMn5r2HmLiqKc8fn/Um8xPd/jj1IrYvVd2uGjwjW+0tShcyZZ2aA1trzsA
R4S/vXLtUXI6oNhBVFdP+VDaFczbBypqxwa8NsGqmuLXNZs1tJaADZ6O1LWX98DI
TNTUadpEXhVphE6WkhHpRhKwdABhHmrLAr29Q9w7Cd94Xg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:27 2025 by rpki-client