Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: oFwsfdCQC4wZyJXXyaUEdQVs06jBsJpyhlarpNN2ing=
Subject key identifier: B9:7F:6E:58:F8:6C:54:B1:5A:AD:EE:9D:E1:DF:34:57:30:CB:B2:FD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AAA52D00F61315C833925A3ED5BB934EE2161BC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Tue 20 May 2025 20:41:03 +0000
ROA not before: Tue 20 May 2025 20:41:03 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:aa:52:d0:0f:61:31:5c:83:39:25:a3:ed:5b:b9:34:ee:21:61:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:03 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=72fba22c66d1e6fcfb50ef105db436195b3e2b15cded6ef84e37eec25e7065fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ba:e1:dd:6e:56:32:98:e7:74:6d:ac:22:6f:
cf:e4:5f:c9:59:6e:17:32:71:58:9e:8b:30:0f:8c:
ea:d8:a3:6c:a1:2f:4f:8a:81:f9:02:1c:30:05:99:
55:df:e6:0f:94:a0:2f:bd:59:64:0a:7f:f3:31:d6:
59:7a:a0:96:35:3e:a8:c2:e2:e1:b8:7b:62:b8:57:
24:d7:a8:4e:c4:d8:b9:7d:9c:b9:37:51:21:fd:99:
52:aa:85:3a:63:60:c4:1c:8f:b8:0d:56:22:bb:15:
e4:5b:d3:cc:92:a3:b3:57:3b:f9:22:e0:68:8f:02:
3b:33:37:a4:f6:15:a8:13:d0:5d:87:1a:d2:b8:29:
82:65:bb:9f:b7:ab:89:a4:65:32:97:4c:26:f2:c8:
74:b2:74:a9:8a:7d:53:48:ff:c6:78:8b:d4:ba:31:
ad:99:b3:41:52:17:5c:6d:c1:17:1f:d4:d7:a2:0c:
e7:a6:d9:af:32:ca:43:14:d6:42:81:5e:cd:e5:7d:
d5:f2:03:a2:fc:e8:66:56:c9:ca:1b:15:45:49:7a:
1c:a6:e0:6e:8f:89:18:bc:ee:d0:0e:08:87:94:8d:
e4:fe:b5:72:00:5e:ca:c1:ad:58:8c:a4:41:91:ff:
09:74:3a:75:7f:76:2d:ba:ca:4c:d8:82:0b:6e:0d:
63:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:7F:6E:58:F8:6C:54:B1:5A:AD:EE:9D:E1:DF:34:57:30:CB:B2:FD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:c9:a8:81:78:04:5f:b9:78:c6:81:c4:5f:55:3a:f9:3b:58:
03:0a:2e:4b:c1:07:f1:4a:22:7f:17:32:81:aa:17:de:50:0b:
6a:8a:0e:fc:92:41:6b:db:d5:67:dd:4e:a6:ef:73:4f:e9:16:
16:b7:3f:3e:64:b9:5d:6d:b4:8a:00:fa:d7:17:9c:30:b1:bd:
fc:6e:c7:ec:38:27:f2:78:57:07:99:df:11:24:1a:89:ae:66:
de:84:0e:b9:b1:66:ea:fd:35:6c:2e:8f:dc:0c:ac:d2:6b:cb:
c6:88:4a:e8:48:f0:68:66:29:b5:d1:e8:cb:4a:8d:33:4b:d1:
87:4a:ca:04:4a:67:e7:a9:ad:54:00:16:82:29:77:25:8b:11:
07:46:bf:04:93:f5:6d:4b:c0:1d:d8:37:4f:70:ce:5d:8b:e2:
de:60:9d:9c:48:b2:2a:bb:83:58:28:cf:ad:5d:42:79:1e:60:
28:7a:32:9b:97:f5:83:60:9c:50:0e:8a:66:38:cc:92:f5:35:
01:82:c0:cc:4d:5e:72:2b:1d:23:a0:e3:1b:f8:d0:93:aa:15:
6e:6d:d3:de:6d:35:7b:7b:e5:8d:0e:76:a0:66:1d:72:b4:8a:
5f:30:34:a2:35:e7:27:a7:47:f4:ac:58:2a:ee:4c:d0:e9:45:
4e:54:95:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCqpS0A9hMVyDOSWj7Vu5NO4hYbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMDNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZmJhMjJjNjZkMWU2ZmNmYjUwZWYxMDVkYjQzNjE5NWIzZTJiMTVjZGVk
NmVmODRlMzdlZWMyNWU3MDY1ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMy64d1uVjKY53RtrCJvz+RfyVluFzJxWJ6LMA+M6tijbKEvT4qB+QIcMAWZ
Vd/mD5SgL71ZZAp/8zHWWXqgljU+qMLi4bh7YrhXJNeoTsTYuX2cuTdRIf2ZUqqF
OmNgxByPuA1WIrsV5FvTzJKjs1c7+SLgaI8COzM3pPYVqBPQXYca0rgpgmW7n7er
iaRlMpdMJvLIdLJ0qYp9U0j/xniL1LoxrZmzQVIXXG3BFx/U16IM56bZrzLKQxTW
QoFezeV91fIDovzoZlbJyhsVRUl6HKbgbo+JGLzu0A4Ih5SN5P61cgBeysGtWIyk
QZH/CXQ6dX92LbrKTNiCC24NY2kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5f25Y
+GxUsVqt7p3h3zRXMMuy/TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQAMyaiBeARfuXjGgcRfVTr5O1gDCi5LwQfxSiJ/FzKB
qhfeUAtqig78kkFr29Vn3U6m73NP6RYWtz8+ZLldbbSKAPrXF5wwsb38bsfsOCfy
eFcHmd8RJBqJrmbehA65sWbq/TVsLo/cDKzSa8vGiEroSPBoZim10ejLSo0zS9GH
SsoESmfnqa1UABaCKXclixEHRr8Ek/VtS8Ad2DdPcM5di+LeYJ2cSLIqu4NYKM+t
XUJ5HmAoejKbl/WDYJxQDopmOMyS9TUBgsDMTV5yKx0joOMb+NCTqhVubdPebTV7
e+WNDnagZh1ytIpfMDSiNecnp0f0rFgq7kzQ6UVOVJUL
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:47:25 2025 by rpki-client