Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: 430b3+0rgkv2olHJpeFin86xUnlVjTshzEKZTy1pvbk=
Subject key identifier: 75:98:A1:FA:9F:B8:39:B8:6B:58:3F:7C:A3:BA:50:59:E7:33:CC:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4CAC27F5FF8105AE0FAFA5BA28E07B7C37CF44E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Sat 31 May 2025 00:50:36 +0000
ROA not before: Sat 31 May 2025 00:50:36 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:ac:27:f5:ff:81:05:ae:0f:af:a5:ba:28:e0:7b:7c:37:cf:44:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:36 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=81bfa358267a7579e4ac7a9e5b2aa65df8919065c40ed99da145a9acd3c8ed0f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f1:a9:53:69:54:a1:7b:aa:6e:f9:dd:e3:2c:
c5:4d:8b:41:aa:3a:84:0c:c0:8f:78:b9:56:c2:e5:
c8:31:5d:bb:b5:84:8b:b7:54:9c:67:a6:82:31:d0:
5f:be:e7:4a:b0:4e:1a:f8:40:ff:d9:0b:f9:33:ba:
b3:04:3d:f4:93:62:57:a0:1b:ef:12:dd:17:59:32:
75:88:ba:da:55:b5:19:a7:78:c9:15:1e:5e:4e:dd:
48:23:19:24:30:3f:d8:db:e5:6d:9e:56:52:2e:a1:
99:35:0e:1a:ed:4f:9c:45:e1:b1:a3:a4:8c:6c:33:
75:d5:de:0d:19:af:05:a4:3e:f2:7f:80:fc:b2:e6:
c0:9f:97:3f:29:cf:b1:07:71:31:9b:b6:d7:17:ce:
6b:c5:fc:a9:bf:b4:3d:10:d4:c7:b3:4a:20:90:13:
f4:fb:29:c4:a0:c6:06:26:5d:58:d2:27:95:ac:ce:
58:6e:2c:49:0f:a6:a3:ab:21:ed:01:5e:87:ac:3a:
51:6b:e4:b9:f3:50:ac:72:de:d4:a2:56:e1:b5:f5:
bf:2d:4a:db:c6:df:7b:79:f2:87:c4:16:f5:0c:4a:
bd:8c:c7:4c:e5:05:ac:1d:fc:ed:88:49:f5:c4:00:
02:ce:c7:75:1b:65:b3:6d:ae:a2:18:49:69:3b:e2:
a7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:98:A1:FA:9F:B8:39:B8:6B:58:3F:7C:A3:BA:50:59:E7:33:CC:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
d3:e8:09:23:c2:41:cb:68:e9:1c:79:97:0a:c0:33:49:87:34:
7d:ce:c0:8f:8b:a1:e0:ce:63:70:38:ad:84:85:77:ea:d2:44:
d8:64:e4:64:ee:3c:80:fd:9e:ce:f6:a2:84:3d:d7:55:90:82:
08:e5:27:31:7a:e0:7e:ca:67:68:32:d3:bb:a8:90:78:10:fa:
cd:4e:74:e0:7f:65:e8:62:63:7c:2b:43:77:3f:1f:d4:f5:a0:
2f:e3:91:cc:3b:cb:86:a0:a3:af:97:49:65:e2:ca:30:c8:58:
f9:6d:55:e2:ac:e3:06:91:63:44:48:93:66:19:4b:7b:f3:26:
ea:9e:4f:68:34:e7:5c:ca:30:d8:29:80:08:d2:9f:97:5a:43:
d6:14:2a:64:5e:e2:f5:6f:94:53:ed:1d:89:71:0b:d6:56:05:
e7:e5:b8:83:78:44:e3:8e:6b:85:f7:d4:6c:c0:4c:f8:01:0e:
a4:e0:d5:78:ee:c1:11:ea:8a:81:7f:9d:a9:56:fe:21:83:f3:
95:92:d9:45:7c:f6:0c:2a:95:36:30:90:4a:83:7f:dd:f1:19:
f5:62:9f:ee:ff:a2:cf:6f:f3:c3:5c:8b:4c:62:ca:3e:bc:d4:
fe:8a:e7:54:f8:33:82:87:cc:a7:c2:63:a9:ee:fa:0a:e6:a4:
70:54:46:34
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTKwn9f+BBa4Pr6W6KOB7fDfPROkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMzZaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxYmZhMzU4MjY3YTc1NzllNGFjN2E5ZTViMmFhNjVkZjg5MTkwNjVjNDBl
ZDk5ZGExNDVhOWFjZDNjOGVkMGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTxqVNpVKF7qm753eMsxU2LQao6hAzAj3i5VsLlyDFdu7WEi7dUnGemgjHQ
X77nSrBOGvhA/9kL+TO6swQ99JNiV6Ab7xLdF1kydYi62lW1Gad4yRUeXk7dSCMZ
JDA/2NvlbZ5WUi6hmTUOGu1PnEXhsaOkjGwzddXeDRmvBaQ+8n+A/LLmwJ+XPynP
sQdxMZu21xfOa8X8qb+0PRDUx7NKIJAT9PspxKDGBiZdWNInlazOWG4sSQ+mo6sh
7QFeh6w6UWvkufNQrHLe1KJW4bX1vy1K28bfe3nyh8QW9QxKvYzHTOUFrB387YhJ
9cQAAs7HdRtls22uohhJaTvip5MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR1mKH6
n7g5uGtYP3yjulBZ5zPM/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEA0+gJI8JBy2jpHHmXCsAzSYc0fc7Aj4uh4M5jcDit
hIV36tJE2GTkZO48gP2ezvaihD3XVZCCCOUnMXrgfspnaDLTu6iQeBD6zU504H9l
6GJjfCtDdz8f1PWgL+ORzDvLhqCjr5dJZeLKMMhY+W1V4qzjBpFjREiTZhlLe/Mm
6p5PaDTnXMow2CmACNKfl1pD1hQqZF7i9W+UU+0diXEL1lYF5+W4g3hE445rhffU
bMBM+AEOpODVeO7BEeqKgX+dqVb+IYPzlZLZRXz2DCqVNjCQSoN/3fEZ9WKf7v+i
z2/zw1yLTGLKPrzU/ornVPgzgofMp8Jjqe76CuakcFRGNA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:32 2025 by rpki-client