Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: rSweknXqHkRO8uuAr5S9jixjFarJfZ3ihQmIPQjBrsg=
Subject key identifier: A1:1F:3D:D8:6C:A3:33:FE:08:3F:2B:29:1D:81:80:9D:54:32:72:FC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27297726B4E34AC91F1AA25B7D3D9490FE3B9014
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Tue 20 May 2025 20:41:18 +0000
ROA not before: Tue 20 May 2025 20:41:18 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:29:77:26:b4:e3:4a:c9:1f:1a:a2:5b:7d:3d:94:90:fe:3b:90:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:18 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e8ac0271a9bdf9dd0c1d836abfeeeae1039eb06f1ed58514c56967394ce1f370, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5e:1f:41:ee:e4:96:94:26:bf:45:b6:ed:2c:
88:97:9b:c8:c4:6a:57:8a:5a:d9:08:8a:aa:1a:5f:
54:bf:81:51:83:62:c4:9c:59:28:43:ff:b6:f1:fd:
77:da:aa:09:fb:aa:d4:a7:d4:c3:1e:86:e8:29:f4:
e1:ba:82:65:ae:8b:3f:dc:8a:95:9a:e7:7a:2a:68:
9f:35:3f:b3:39:6f:23:6a:9c:b3:2f:97:62:dc:88:
18:55:df:c8:ac:27:4a:4e:52:a3:f2:57:75:25:56:
b6:da:83:5b:2f:b0:23:6b:26:4d:d3:cc:56:aa:d3:
06:34:89:33:11:65:ca:41:43:fd:ef:d8:86:06:fa:
be:0b:89:21:ee:1e:b2:99:12:f8:6a:87:8e:4f:dc:
08:c5:c0:4a:43:ef:84:a5:39:a0:c3:63:9a:72:1b:
8f:24:18:d2:94:4a:60:8e:72:de:d9:ef:ee:cc:e4:
ec:f3:bb:bc:76:3c:7a:a0:ed:74:f2:c4:09:4a:86:
7d:cc:20:fa:00:75:3b:56:22:e4:52:a2:36:4b:81:
c8:91:20:c5:57:fd:d9:c0:cf:29:21:be:2c:a1:91:
25:a2:3f:7c:59:85:73:42:2c:b6:14:53:5a:d3:40:
c5:7c:0e:e9:6a:ce:2a:a8:00:24:cb:d7:9d:93:57:
7f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1F:3D:D8:6C:A3:33:FE:08:3F:2B:29:1D:81:80:9D:54:32:72:FC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:eb:62:6e:7f:18:da:35:a4:4b:01:a0:f9:f3:1f:b3:d7:86:
9c:d2:55:b8:0a:3f:03:13:aa:ca:8e:7b:52:fd:fe:af:75:79:
77:98:2b:d6:d2:7a:5a:80:75:af:cc:79:13:e4:e1:9d:8d:d9:
df:2f:b6:01:ff:34:4e:bb:28:35:84:4f:7b:bb:e3:34:11:88:
37:05:8a:65:9d:a2:4e:ba:56:e3:3e:3b:6a:09:75:98:8d:03:
c4:bb:03:d2:64:f5:39:2c:51:65:78:08:13:15:e7:eb:17:47:
3a:16:a6:97:9a:3d:b7:21:11:48:a3:2e:ff:df:df:a2:d7:bd:
bc:ad:65:a0:4f:a6:30:a4:4e:b0:6b:51:72:b5:50:28:83:56:
89:f8:c9:5a:6d:32:fc:2b:a9:1d:5d:87:19:22:d5:fa:4c:3a:
41:e3:d0:8c:20:56:e3:bd:6c:e1:5b:d1:3c:ab:4a:0f:e8:2b:
03:d2:3d:fe:54:87:44:ae:3a:00:83:9e:0e:25:78:f6:ed:b6:
b7:b6:7c:1d:b1:f1:24:11:fc:89:26:db:3b:30:29:a0:ff:b5:
7b:cf:94:ab:f3:ce:58:53:5e:02:db:a2:60:9b:18:77:f2:53:
81:55:76:a6:fb:c3:8e:51:3d:ed:ef:e9:dd:f6:b8:3b:68:d7:
a9:5a:ee:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJyl3JrTjSskfGqJbfT2UkP47kBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4YWMwMjcxYTliZGY5ZGQwYzFkODM2YWJmZWVlYWUxMDM5ZWIwNmYxZWQ1
ODUxNGM1Njk2NzM5NGNlMWYzNzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALteH0Hu5JaUJr9Ftu0siJebyMRqV4pa2QiKqhpfVL+BUYNixJxZKEP/tvH9
d9qqCfuq1KfUwx6G6Cn04bqCZa6LP9yKlZrneiponzU/szlvI2qcsy+XYtyIGFXf
yKwnSk5So/JXdSVWttqDWy+wI2smTdPMVqrTBjSJMxFlykFD/e/Yhgb6vguJIe4e
spkS+GqHjk/cCMXASkPvhKU5oMNjmnIbjyQY0pRKYI5y3tnv7szk7PO7vHY8eqDt
dPLECUqGfcwg+gB1O1Yi5FKiNkuByJEgxVf92cDPKSG+LKGRJaI/fFmFc0IsthRT
WtNAxXwO6WrOKqgAJMvXnZNXf9MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBShHz3Y
bKMz/gg/KykdgYCdVDJy/DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQAj62JufxjaNaRLAaD58x+z14ac0lW4Cj8DE6rKjntS
/f6vdXl3mCvW0npagHWvzHkT5OGdjdnfL7YB/zROuyg1hE97u+M0EYg3BYplnaJO
ulbjPjtqCXWYjQPEuwPSZPU5LFFleAgTFefrF0c6FqaXmj23IRFIoy7/39+i1728
rWWgT6YwpE6wa1FytVAog1aJ+MlabTL8K6kdXYcZItX6TDpB49CMIFbjvWzhW9E8
q0oP6CsD0j3+VIdErjoAg54OJXj27ba3tnwdsfEkEfyJJts7MCmg/7V7z5Sr885Y
U14C26Jgmxh38lOBVXam+8OOUT3t7+nd9rg7aNepWu52
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:28 2025 by rpki-client