Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: YlA7yvL8c1ayD2aOcA3w76iOOLNXAfGPoOWISgF6bLQ=
Subject key identifier: 75:CA:7C:60:F2:F1:8E:9D:9B:C2:DA:06:BE:F0:0A:E8:5F:AE:78:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2CEBBA85FE787DB26105203586FFF48D2B14B033
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Mon 14 Apr 2025 17:30:10 +0000
ROA not before: Mon 14 Apr 2025 17:30:10 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:eb:ba:85:fe:78:7d:b2:61:05:20:35:86:ff:f4:8d:2b:14:b0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 14 17:30:10 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=305613571bbca9d354f0e545353e95afd055c5650e952d3f73c1df4d52c015cf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c3:de:b3:5a:5a:61:d6:51:49:a7:8e:2e:3d:
50:98:86:b7:c9:fe:af:74:7f:1e:85:76:96:c3:4c:
47:29:b1:9c:fa:2b:18:47:9a:7b:43:69:52:6a:f7:
52:39:27:5a:a8:f3:25:cc:e6:91:74:73:40:59:60:
3e:6f:54:c1:4b:76:2b:a3:8b:c6:87:a3:fd:4a:33:
35:04:23:2d:13:18:9a:d8:74:16:88:7a:49:3f:d6:
ae:7e:78:d8:cf:7e:39:34:3c:a9:3d:84:18:b2:7d:
ce:92:47:c1:89:3a:46:63:9c:55:6b:74:43:6a:23:
2f:93:38:e2:42:b8:f4:8f:f2:b1:26:d8:37:6a:d7:
15:a1:07:42:fe:0f:4d:c9:3e:2d:f4:22:00:63:ef:
18:d4:27:d8:74:b4:65:20:39:d9:1c:77:e4:5b:45:
1d:3c:9a:24:62:11:c4:7f:63:c8:f2:99:c5:72:80:
b1:1d:e7:9a:ae:88:6c:13:75:2e:58:17:4d:89:7d:
e3:60:b2:87:cb:69:c0:b3:9a:02:bd:9c:5f:5c:17:
d0:e8:af:c3:c3:79:6a:1f:37:96:b1:4f:01:25:d3:
b6:00:61:4e:39:ad:48:93:74:be:12:a2:bd:66:25:
2a:d6:34:ca:8b:5a:06:80:51:ec:cd:96:fe:32:09:
e5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CA:7C:60:F2:F1:8E:9D:9B:C2:DA:06:BE:F0:0A:E8:5F:AE:78:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:cf:67:31:29:bd:cc:96:23:94:49:c7:db:1d:5b:5b:fa:09:
5e:a9:87:f1:f3:cf:b7:70:19:50:71:85:ee:e4:e4:78:28:83:
b7:14:22:6a:d3:f9:72:d2:ea:70:05:b5:3e:16:8a:99:a5:f3:
ab:8e:69:2d:c2:d7:63:3e:06:e2:df:a1:fd:a6:c7:24:d5:98:
41:5d:38:8c:19:4d:78:3e:31:76:eb:88:9e:c4:8d:e8:8f:2e:
81:76:43:a5:04:74:91:80:e9:20:ea:39:cc:7c:ca:eb:f3:b1:
d5:a1:86:a1:89:5d:b7:76:fd:5f:2c:55:39:e5:20:55:f1:54:
9e:a0:8c:05:78:d3:04:e0:6b:4c:85:39:6b:b5:98:1b:86:96:
b6:ab:16:4e:0c:da:46:2c:09:e4:ba:4b:7c:e6:60:c6:1c:4e:
d0:6f:18:49:1d:f1:64:de:ba:5b:d6:ff:1e:d3:9e:93:e9:8d:
10:4b:fd:b9:0d:43:7e:2d:fe:9a:15:f6:9b:58:b0:1a:84:d8:
9d:56:61:a8:9a:d4:af:9e:9d:8c:38:cc:b0:f3:4d:52:44:2b:
5f:2b:8c:5f:22:fc:1f:4c:a9:e1:43:c7:b7:bf:30:5c:bd:a1:
c4:2a:be:79:96:9d:13:e1:58:f8:01:d5:eb:ce:49:f0:b0:ac:
18:af:b4:60
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULOu6hf54fbJhBSA1hv/0jSsUsDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTQxNzMwMTBaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwNTYxMzU3MWJiY2E5ZDM1NGYwZTU0NTM1M2U5NWFmZDA1NWM1NjUwZTk1
MmQzZjczYzFkZjRkNTJjMDE1Y2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLD3rNaWmHWUUmnji49UJiGt8n+r3R/HoV2lsNMRymxnPorGEeae0NpUmr3
UjknWqjzJczmkXRzQFlgPm9UwUt2K6OLxoej/UozNQQjLRMYmth0Foh6ST/Wrn54
2M9+OTQ8qT2EGLJ9zpJHwYk6RmOcVWt0Q2ojL5M44kK49I/ysSbYN2rXFaEHQv4P
Tck+LfQiAGPvGNQn2HS0ZSA52Rx35FtFHTyaJGIRxH9jyPKZxXKAsR3nmq6IbBN1
LlgXTYl942Cyh8tpwLOaAr2cX1wX0Oivw8N5ah83lrFPASXTtgBhTjmtSJN0vhKi
vWYlKtY0yotaBoBR7M2W/jIJ5T8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR1ynxg
8vGOnZvC2ga+8AroX654NTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEAC89nMSm9zJYjlEnH2x1bW/oJXqmH8fPPt3AZUHGF
7uTkeCiDtxQiatP5ctLqcAW1PhaKmaXzq45pLcLXYz4G4t+h/abHJNWYQV04jBlN
eD4xduuInsSN6I8ugXZDpQR0kYDpIOo5zHzK6/Ox1aGGoYldt3b9XyxVOeUgVfFU
nqCMBXjTBOBrTIU5a7WYG4aWtqsWTgzaRiwJ5LpLfOZgxhxO0G8YSR3xZN66W9b/
HtOek+mNEEv9uQ1Dfi3+mhX2m1iwGoTYnVZhqJrUr56djDjMsPNNUkQrXyuMXyL8
H0yp4UPHt78wXL2hxCq+eZadE+FY+AHV685J8LCsGK+0YA==
-----END CERTIFICATE-----
Generated at Sun Apr 27 12:08:51 2025 by rpki-client