Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: 3H+AFK0f87zc47lVuWm4yugL3szH9mb/qxQxbiKL6rE=
Subject key identifier: 8E:7B:3E:14:F0:04:B2:DE:B3:70:C9:E6:83:3B:18:6B:B8:5E:45:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22CF29F0B4F6589E2AD8033EAF2AB3128F72A0FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Tue 03 Jun 2025 16:30:11 +0000
ROA not before: Tue 03 Jun 2025 16:30:11 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:cf:29:f0:b4:f6:58:9e:2a:d8:03:3e:af:2a:b3:12:8f:72:a0:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 3 16:30:11 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=8084ec49bf5ec6a8472f65b9da5f7697d87bcf20f23b8740c8374d07cf368ccc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:6d:df:13:5e:8d:67:dc:2c:00:91:4d:cd:
5a:e9:4c:46:6e:31:95:b8:b3:4d:05:4b:a3:82:6d:
e4:7e:ff:04:d8:7c:b4:53:c7:0f:e3:66:d1:40:ee:
8f:b8:7f:96:15:47:99:ef:01:49:17:e1:8e:96:2e:
59:16:d2:02:87:0b:f6:d8:34:a0:60:76:9e:13:8f:
f8:3e:ff:33:da:62:fa:d7:82:8f:29:7f:9c:50:01:
d5:45:4f:46:f2:0b:39:e5:b5:28:43:8d:f4:4d:8a:
37:d0:39:f0:2a:1c:bc:6a:f9:6d:c7:e6:6d:fd:c3:
24:ed:ea:3a:fd:3c:74:ce:34:c9:14:4e:67:90:0b:
b4:81:e1:ed:41:85:a8:b1:40:40:00:a6:78:0c:04:
b5:ee:2f:47:a1:bb:d3:84:98:77:1f:7c:49:9b:83:
b7:9d:4c:c3:4c:c6:c5:a4:d4:5e:6a:42:37:8f:4a:
df:68:41:e2:9c:98:20:fe:16:b1:32:10:b4:9a:8e:
28:d4:af:1c:cb:9f:e0:69:d2:c3:96:aa:28:a0:34:
5a:c7:d4:ef:a2:06:ad:34:91:90:f7:d4:cf:ba:98:
5d:80:a1:fd:93:78:5c:ef:2c:1a:57:7d:e9:a1:84:
28:a9:46:8d:1f:5c:45:1f:9d:64:5c:ed:d7:3c:36:
1e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7B:3E:14:F0:04:B2:DE:B3:70:C9:E6:83:3B:18:6B:B8:5E:45:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:1a:96:47:1f:23:6a:5a:ce:7e:51:21:33:a5:17:a5:fe:95:
a5:70:82:ef:f5:13:02:ee:64:64:15:37:0d:ed:df:4b:24:e7:
67:9e:a6:0b:78:c2:a8:53:d3:e3:5f:ba:10:f3:e4:a1:77:5d:
fd:ad:15:7f:1e:92:fb:53:00:e7:d5:ed:e9:d7:67:da:88:ee:
4f:c8:6d:fa:9b:62:8d:05:7d:91:eb:f9:e5:ca:aa:42:16:36:
bb:98:ad:8a:f3:1e:ad:bc:2c:5f:f0:85:0a:e3:5b:f7:10:e3:
89:ab:04:ac:d7:03:ff:54:15:c5:96:08:67:f2:6e:9e:7b:56:
44:69:77:e7:42:20:69:6d:b6:7b:e6:28:6d:78:8d:52:5a:59:
2c:09:9b:9e:b1:a9:4f:d7:a6:6a:b9:ee:a1:12:29:a4:5b:33:
b1:8b:a1:16:1a:c5:1c:e1:4d:53:77:17:1e:70:2a:2b:2b:d1:
5f:ef:b8:48:94:ca:a6:a4:0d:e9:5c:ab:a0:81:6e:42:1a:67:
d1:f7:ee:6a:c4:e8:4d:2c:db:3e:38:f8:cf:ed:85:33:5d:e9:
35:32:37:49:67:ce:56:54:d9:c7:81:b6:0a:20:e3:e1:29:2f:
5f:c9:bb:01:2f:c7:50:94:7a:6e:74:66:33:10:ab:3e:58:d0:
11:d5:79:b5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIs8p8LT2WJ4q2AM+ryqzEo9yoPswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MDMxNjMwMTFaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwODRlYzQ5YmY1ZWM2YTg0NzJmNjViOWRhNWY3Njk3ZDg3YmNmMjBmMjNi
ODc0MGM4Mzc0ZDA3Y2YzNjhjY2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJNobd8TXo1n3CwAkU3NWulMRm4xlbizTQVLo4Jt5H7/BNh8tFPHD+Nm0UDu
j7h/lhVHme8BSRfhjpYuWRbSAocL9tg0oGB2nhOP+D7/M9pi+teCjyl/nFAB1UVP
RvILOeW1KEON9E2KN9A58CocvGr5bcfmbf3DJO3qOv08dM40yRROZ5ALtIHh7UGF
qLFAQACmeAwEte4vR6G704SYdx98SZuDt51Mw0zGxaTUXmpCN49K32hB4pyYIP4W
sTIQtJqOKNSvHMuf4GnSw5aqKKA0WsfU76IGrTSRkPfUz7qYXYCh/ZN4XO8sGld9
6aGEKKlGjR9cRR+dZFzt1zw2HkMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSOez4U
8ASy3rNwyeaDOxhruF5FJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEALhqWRx8jalrOflEhM6UXpf6VpXCC7/UTAu5kZBU3
De3fSyTnZ56mC3jCqFPT41+6EPPkoXdd/a0Vfx6S+1MA59Xt6ddn2ojuT8ht+pti
jQV9kev55cqqQhY2u5itivMerbwsX/CFCuNb9xDjiasErNcD/1QVxZYIZ/JunntW
RGl350IgaW22e+YobXiNUlpZLAmbnrGpT9emarnuoRIppFszsYuhFhrFHOFNU3cX
HnAqKyvRX++4SJTKpqQN6VyroIFuQhpn0ffuasToTSzbPjj4z+2FM13pNTI3SWfO
VlTZx4G2CiDj4SkvX8m7AS/HUJR6bnRmMxCrPljQEdV5tQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:17:40 2025 by rpki-client