Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: UEKa9BEca6npApoXAvhvqFzPBB0k3CcezPrhdn4xBZM=
Subject key identifier: A9:91:30:B2:FC:DE:DC:46:93:5D:2C:ED:40:C2:87:76:B2:5C:C7:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4774061325B6B611CB2341E5D494A4E47824E605
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Tue 20 May 2025 20:40:49 +0000
ROA not before: Tue 20 May 2025 20:40:49 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:74:06:13:25:b6:b6:11:cb:23:41:e5:d4:94:a4:e4:78:24:e6:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:49 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=11020aed901d46623bf6a4af796b7579ab5c9c26e90c2ca733477ba421a7e363, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:10:5d:24:51:b3:5c:ff:ea:b2:bc:2e:38:7e:
c7:f4:ad:14:10:f1:92:ac:1c:db:2e:d6:f2:90:23:
10:68:ee:a9:03:94:22:56:e4:8a:d4:e7:d7:7a:86:
59:ed:71:32:76:50:7c:86:64:32:74:85:6d:5a:15:
d4:68:13:16:40:d6:9b:e6:e2:e2:00:b8:2d:2f:84:
07:ee:14:37:e4:5f:0d:69:ec:39:ac:a5:48:2b:5a:
20:e1:40:d6:35:fb:26:46:f6:c2:3d:09:15:2b:b4:
fb:d1:71:e9:52:83:79:8e:c9:02:d9:be:76:39:fd:
77:de:3b:57:1e:11:71:0a:9f:1a:6a:4c:06:3d:98:
4c:d6:e4:c8:b1:1e:b9:97:00:60:cb:a1:6b:3e:65:
19:7a:bd:94:83:a7:b9:5a:b3:33:a3:2a:2e:04:76:
ad:66:4c:2f:3c:3d:92:11:0b:c6:3b:89:3e:e3:32:
52:6c:d7:49:f7:6f:02:ef:5d:cf:55:d8:e6:81:82:
78:aa:ef:0f:6f:2f:53:22:9b:7e:a5:d3:9d:85:13:
3c:26:ff:dc:69:b2:43:80:c1:58:a8:3e:92:2e:53:
8d:91:75:67:b4:e9:82:42:c8:53:eb:54:94:f4:df:
c0:b5:c6:07:8a:c5:46:48:0b:de:9b:2f:16:94:b9:
07:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:91:30:B2:FC:DE:DC:46:93:5D:2C:ED:40:C2:87:76:B2:5C:C7:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:92:60:0e:2e:9b:8f:e7:3e:a6:6c:cf:9b:be:c5:c7:ed:03:
3e:c5:ed:63:34:47:5a:85:96:7c:26:d0:cc:4a:df:11:8b:ea:
75:1c:69:c5:a7:00:ab:1d:fe:a8:b4:86:b4:d6:ad:a9:61:5b:
60:0b:ed:6f:78:64:eb:8e:fa:4a:a3:88:b9:71:db:e4:46:be:
d8:36:37:d6:6b:57:2a:38:1b:be:a8:48:ea:df:f8:df:19:8c:
47:96:60:cc:92:6d:2a:b2:de:3c:14:3d:f5:21:f3:6c:7d:79:
e2:75:d0:0f:7c:f4:2f:1e:ae:f1:96:22:d8:a2:22:1b:1d:4d:
53:4c:c6:1b:27:52:ec:3d:d8:2e:22:bf:6c:87:d1:59:e2:63:
fe:c1:27:c2:b1:20:40:20:36:65:aa:cc:5f:a3:14:be:1d:12:
85:c8:b2:7c:34:fc:f0:f2:e8:31:8d:e9:1e:d4:dc:9d:71:f1:
6c:35:92:45:8a:ea:6a:dd:ca:1e:d4:e8:dc:bf:7b:83:11:1f:
18:48:56:f2:66:f9:fa:ac:8a:e2:e2:84:67:0a:8c:8a:29:cb:
b9:04:bb:81:67:42:09:cb:ea:f2:9b:da:e3:60:b1:1e:f7:de:
7b:6b:f8:bd:b9:c0:ba:a6:1c:f3:5c:12:69:db:31:a0:4e:4a:
36:95:a7:8e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR3QGEyW2thHLI0Hl1JSk5Hgk5gUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNDlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDExMDIwYWVkOTAxZDQ2NjIzYmY2YTRhZjc5NmI3NTc5YWI1YzljMjZlOTBj
MmNhNzMzNDc3YmE0MjFhN2UzNjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcQXSRRs1z/6rK8Ljh+x/StFBDxkqwc2y7W8pAjEGjuqQOUIlbkitTn13qG
We1xMnZQfIZkMnSFbVoV1GgTFkDWm+bi4gC4LS+EB+4UN+RfDWnsOaylSCtaIOFA
1jX7Jkb2wj0JFSu0+9Fx6VKDeY7JAtm+djn9d947Vx4RcQqfGmpMBj2YTNbkyLEe
uZcAYMuhaz5lGXq9lIOnuVqzM6MqLgR2rWZMLzw9khELxjuJPuMyUmzXSfdvAu9d
z1XY5oGCeKrvD28vUyKbfqXTnYUTPCb/3GmyQ4DBWKg+ki5TjZF1Z7TpgkLIU+tU
lPTfwLXGB4rFRkgL3psvFpS5B70CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSpkTCy
/N7cRpNdLO1Awod2slzHtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQCRkmAOLpuP5z6mbM+bvsXH7QM+xe1jNEdahZZ8JtDM
St8Ri+p1HGnFpwCrHf6otIa01q2pYVtgC+1veGTrjvpKo4i5cdvkRr7YNjfWa1cq
OBu+qEjq3/jfGYxHlmDMkm0qst48FD31IfNsfXniddAPfPQvHq7xliLYoiIbHU1T
TMYbJ1LsPdguIr9sh9FZ4mP+wSfCsSBAIDZlqsxfoxS+HRKFyLJ8NPzw8ugxjeke
1NydcfFsNZJFiupq3coe1Ojcv3uDER8YSFbyZvn6rIri4oRnCoyKKcu5BLuBZ0IJ
y+rym9rjYLEe9957a/i9ucC6phzzXBJp2zGgTko2laeO
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:27 2025 by rpki-client