Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: SCjdWV53vklblnAVmyC9kPa14Yz1Hq8VsOXnvvJTXPA=
Subject key identifier: 8E:0E:F5:2C:C2:A0:4C:24:1C:57:41:ED:E7:8E:2C:96:E9:33:78:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 079BA89997462D9F45180BC1DAC99B4A3456C8FA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Fri 25 Apr 2025 20:31:07 +0000
ROA not before: Fri 25 Apr 2025 20:31:07 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:9b:a8:99:97:46:2d:9f:45:18:0b:c1:da:c9:9b:4a:34:56:c8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:07 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=d4604a0bf60f043975f6a9ee9beb53e9d15dd6dca7d6afb7183fa3f1dbc691f4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7f:43:b1:35:67:23:7e:e8:e3:be:a6:b2:da:
e4:8c:df:34:94:64:8b:f7:bd:14:c0:b8:a7:63:e6:
0d:7f:7a:0d:b3:7d:08:e6:5a:d1:d2:11:d7:bc:6b:
c6:83:db:f6:6c:c8:96:a8:0c:ee:e7:0e:67:12:a8:
64:a6:84:95:4d:83:38:22:82:3d:03:f3:d1:1c:a7:
0e:c8:69:ce:f6:5d:48:2a:ed:e4:9f:4a:4c:75:a4:
9f:3d:93:38:6a:dd:d1:4a:a6:08:68:1b:16:69:b9:
86:5a:f4:f3:68:2a:06:68:9c:57:94:57:bd:ba:30:
af:39:00:4f:8d:e1:f9:c0:ff:f0:68:88:23:05:94:
1c:ac:95:13:f0:de:7e:2b:d9:90:5a:dc:b9:9a:7a:
e7:6d:db:e5:4c:d0:fc:9a:d0:9f:df:ee:7b:31:ba:
47:f5:95:5e:bf:4c:42:9a:0b:ca:98:5b:3b:74:da:
26:23:80:bd:25:38:06:66:cd:40:6d:83:16:52:5d:
c5:f0:86:ec:1c:3d:82:25:a4:65:a7:64:0d:5e:37:
39:cb:08:27:5d:2d:68:e6:c5:5a:15:4b:ac:0c:2a:
85:9a:59:fb:b4:f4:4e:bc:5b:d4:e0:11:74:b9:f0:
79:b6:5d:ea:75:29:bc:ee:a1:e6:85:01:c7:5c:36:
6a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:0E:F5:2C:C2:A0:4C:24:1C:57:41:ED:E7:8E:2C:96:E9:33:78:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
56:84:65:f8:64:f7:6f:56:29:08:13:95:87:9d:26:f9:94:e1:
ed:6d:26:57:4f:5b:c8:6a:c5:a2:84:0d:05:27:ad:89:49:07:
b6:a2:94:97:18:a5:f1:1e:ef:56:64:65:6e:7d:e1:fb:03:d3:
ca:62:70:2d:d9:8a:46:86:60:e5:4d:c9:94:19:5e:0d:0f:a3:
5a:0f:17:ee:d3:d3:5b:5c:2d:10:90:6b:75:fb:66:7a:aa:80:
60:f7:ea:a9:a7:99:da:c6:a8:2b:ec:8e:57:ac:df:bf:fb:ee:
45:9d:69:84:8c:22:28:f6:35:bb:85:da:8d:28:dd:93:67:da:
73:42:bf:1a:2c:33:37:99:44:c2:2d:ed:e0:e8:dd:a2:e8:2a:
93:84:c2:8e:c3:df:61:4f:fd:3e:d2:1d:0a:34:eb:bf:66:7f:
79:6c:03:76:fb:f3:45:c9:56:7a:ea:53:07:32:2f:43:42:a6:
e6:df:f6:46:2e:af:b6:e5:c0:07:a6:f6:3c:8f:29:73:ba:fd:
2b:71:fa:89:8c:67:f2:4d:5a:13:78:d5:50:62:92:c4:6d:6e:
81:b8:e7:1c:ce:79:ec:7a:0a:5f:b8:c2:e5:d8:9b:9a:98:a4:
b8:05:6e:05:b4:86:ed:1b:b1:3f:02:de:ec:2d:9b:c9:98:7d:
5d:9d:bc:9b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUB5uomZdGLZ9FGAvB2smbSjRWyPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMDdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NjA0YTBiZjYwZjA0Mzk3NWY2YTllZTliZWI1M2U5ZDE1ZGQ2ZGNhN2Q2
YWZiNzE4M2ZhM2YxZGJjNjkxZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMp/Q7E1ZyN+6OO+prLa5IzfNJRki/e9FMC4p2PmDX96DbN9COZa0dIR17xr
xoPb9mzIlqgM7ucOZxKoZKaElU2DOCKCPQPz0RynDshpzvZdSCrt5J9KTHWknz2T
OGrd0UqmCGgbFmm5hlr082gqBmicV5RXvbowrzkAT43h+cD/8GiIIwWUHKyVE/De
fivZkFrcuZp6523b5UzQ/JrQn9/uezG6R/WVXr9MQpoLyphbO3TaJiOAvSU4BmbN
QG2DFlJdxfCG7Bw9giWkZadkDV43OcsIJ10taObFWhVLrAwqhZpZ+7T0Trxb1OAR
dLnwebZd6nUpvO6h5oUBx1w2ao0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSODvUs
wqBMJBxXQe3njiyW6TN4zjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAVoRl+GT3b1YpCBOVh50m+ZTh7W0mV09byGrFooQN
BSetiUkHtqKUlxil8R7vVmRlbn3h+wPTymJwLdmKRoZg5U3JlBleDQ+jWg8X7tPT
W1wtEJBrdftmeqqAYPfqqaeZ2saoK+yOV6zfv/vuRZ1phIwiKPY1u4XajSjdk2fa
c0K/GiwzN5lEwi3t4Ojdougqk4TCjsPfYU/9PtIdCjTrv2Z/eWwDdvvzRclWeupT
BzIvQ0Km5t/2Ri6vtuXAB6b2PI8pc7r9K3H6iYxn8k1aE3jVUGKSxG1ugbjnHM55
7HoKX7jC5dibmpikuAVuBbSG7RuxPwLe7C2byZh9XZ28mw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:35 2025 by rpki-client