Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: HRpZy262Pb/k4pQD+edw/fa3HSJE49ZjAPI8KFFsnVU=
Subject key identifier: 84:B9:27:94:AA:EA:5C:EB:F6:21:8E:B3:F6:7A:84:9A:6F:D8:FF:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1EF7914EFB6A476C7AEA1247292052A3655917DD
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Fri 25 Apr 2025 20:31:22 +0000
ROA not before: Fri 25 Apr 2025 20:31:22 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:f7:91:4e:fb:6a:47:6c:7a:ea:12:47:29:20:52:a3:65:59:17:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:22 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7adef0d60dba2c61d1049750191198cb960daa31d2a95da176f4c37026616002, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4f:d7:e8:41:12:44:71:ea:6a:5c:64:f6:d1:
62:6e:ec:77:01:fd:d1:66:5d:b6:cc:b3:d3:90:52:
b8:84:d4:1f:f6:0d:87:77:7f:5e:03:d9:e7:52:75:
4a:1b:18:f0:84:20:65:6f:c8:a9:4e:46:a3:dc:78:
43:d2:22:fb:df:8a:8a:59:2e:4f:59:1f:d2:c5:49:
0c:d1:00:60:e5:c0:a1:b8:80:f5:6f:31:ae:8d:df:
73:25:ce:d0:5c:47:2b:c7:01:b5:13:82:92:77:2c:
af:61:5f:64:d6:e7:42:5c:e3:9b:ec:d7:e4:c3:90:
41:8c:99:53:5d:1f:1f:84:a4:8e:cc:ff:d9:4e:fa:
05:21:e0:2b:68:ea:63:f8:e4:a1:13:e7:33:9e:45:
54:f8:48:5e:5c:f9:33:c9:ca:4a:64:ac:2d:83:6c:
87:09:2a:2b:b6:ba:c6:af:d1:2c:70:5e:0b:37:08:
c7:00:75:aa:c7:b6:db:6d:c9:7e:2f:f2:34:1c:95:
e6:7e:e3:74:e8:30:83:f3:d3:d2:3f:89:1d:26:5c:
63:3f:cc:4d:a4:be:34:50:c5:28:c7:80:14:24:b7:
a7:41:07:75:12:3b:69:80:b5:ad:43:56:08:ce:f7:
db:a8:dd:c2:1c:f7:4f:6e:0f:16:16:2b:57:b2:12:
8c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B9:27:94:AA:EA:5C:EB:F6:21:8E:B3:F6:7A:84:9A:6F:D8:FF:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:26:89:ff:88:88:79:8a:9e:42:21:ff:a2:14:b7:fb:12:c6:
c2:e1:87:c0:b8:bd:eb:13:6c:15:ca:72:fb:ee:57:0e:68:71:
7c:c1:78:d7:42:9f:1f:b5:6f:3b:18:61:44:20:0d:f7:67:e2:
8f:2c:7f:e3:04:af:35:28:53:e8:fa:7e:fe:56:48:0e:09:9d:
52:62:75:38:66:36:09:2a:ae:0c:9c:86:db:88:1f:6f:44:cf:
24:67:40:3a:90:71:7a:98:ef:0a:a6:fa:8e:97:28:7f:ff:01:
b7:09:0e:22:9f:7c:10:7f:85:c9:8a:52:9b:c7:1f:a5:c1:22:
4b:15:5e:cb:5e:e4:fb:97:0e:9d:88:19:94:64:33:5c:9a:6c:
b0:de:74:54:5d:79:7a:25:21:a7:6c:2e:fb:83:35:9d:c6:e8:
18:98:de:da:a6:75:92:33:fb:4f:77:a0:44:64:fe:a5:65:e0:
08:8c:ce:4e:b7:e8:99:ce:99:1d:ad:ab:4a:37:9c:bc:21:73:
96:48:53:f8:cb:07:c2:a4:ab:21:d0:b3:1f:9a:66:96:29:3e:
62:cc:cc:25:ea:b4:62:a2:fc:9f:3a:fb:a0:a0:cc:3a:99:ce:
27:ec:06:ba:ab:cd:6e:0b:57:16:87:fc:da:aa:fa:2e:e3:37:
9a:90:87:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHveRTvtqR2x66hJHKSBSo2VZF90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZGVmMGQ2MGRiYTJjNjFkMTA0OTc1MDE5MTE5OGNiOTYwZGFhMzFkMmE5
NWRhMTc2ZjRjMzcwMjY2MTYwMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJP1+hBEkRx6mpcZPbRYm7sdwH90WZdtsyz05BSuITUH/YNh3d/XgPZ51J1
ShsY8IQgZW/IqU5Go9x4Q9Ii+9+KilkuT1kf0sVJDNEAYOXAobiA9W8xro3fcyXO
0FxHK8cBtROCkncsr2FfZNbnQlzjm+zX5MOQQYyZU10fH4Skjsz/2U76BSHgK2jq
Y/jkoRPnM55FVPhIXlz5M8nKSmSsLYNshwkqK7a6xq/RLHBeCzcIxwB1qse2223J
fi/yNByV5n7jdOgwg/PT0j+JHSZcYz/MTaS+NFDFKMeAFCS3p0EHdRI7aYC1rUNW
CM7326jdwhz3T24PFhYrV7ISjEMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSEuSeU
qupc6/YhjrP2eoSab9j/TzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQBwJon/iIh5ip5CIf+iFLf7EsbC4YfAuL3rE2wVynL7
7lcOaHF8wXjXQp8ftW87GGFEIA33Z+KPLH/jBK81KFPo+n7+VkgOCZ1SYnU4ZjYJ
Kq4MnIbbiB9vRM8kZ0A6kHF6mO8KpvqOlyh//wG3CQ4in3wQf4XJilKbxx+lwSJL
FV7LXuT7lw6diBmUZDNcmmyw3nRUXXl6JSGnbC77gzWdxugYmN7apnWSM/tPd6BE
ZP6lZeAIjM5Ot+iZzpkdratKN5y8IXOWSFP4ywfCpKsh0LMfmmaWKT5izMwl6rRi
ovyfOvugoMw6mc4n7Aa6q81uC1cWh/zaqvou4zeakIeb
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:56 2025 by rpki-client