Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: 5G35yoDddOzKe3OY020Y+iO+J3ydN8vHMXpAq8Q3TGk=
Subject key identifier: E3:78:73:99:A3:17:D8:48:8B:C3:77:1B:E0:49:5F:C5:E3:0E:F1:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F14922ADC976F83459C99AE5149BC2E3BD9DA48
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Mon 14 Apr 2025 17:30:12 +0000
ROA not before: Mon 14 Apr 2025 17:30:12 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:14:92:2a:dc:97:6f:83:45:9c:99:ae:51:49:bc:2e:3b:d9:da:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 14 17:30:12 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=33feb25316be18816d26ebcf4c9cff0a080d6f81ed5df484c814b77447d14ed8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:34:f5:a2:22:47:db:9a:39:b4:4e:14:82:
6b:19:73:cd:ab:bc:b2:eb:63:87:c0:92:c2:63:4e:
78:2d:03:b6:b2:07:af:9d:d4:f0:1a:69:53:1a:06:
bc:9d:ea:8f:8c:f4:1a:04:f3:97:a4:5f:80:60:25:
0a:9b:1c:d3:8e:7f:82:7a:31:f9:29:ca:62:6f:f8:
94:2c:c6:8f:e2:59:61:c9:d4:17:c1:87:8a:ec:66:
ea:f2:e1:01:d0:b5:8f:a6:00:4a:d7:07:66:57:30:
b8:17:b7:06:0e:06:f1:e3:45:21:25:8b:e5:31:b2:
f0:76:dd:b1:6b:ef:70:2f:b5:c0:65:00:14:4e:64:
a4:37:e0:5f:33:51:3f:53:d1:ac:14:b3:96:cf:29:
c2:5b:f4:6c:7a:d1:d7:af:fc:fe:4a:c2:cf:0a:70:
86:fa:30:d1:ef:7f:c7:97:0e:79:47:46:d6:8e:0a:
83:4e:aa:f8:12:46:75:8b:49:04:c8:d3:99:77:dd:
4e:60:06:4a:e4:a0:a7:c4:09:cc:3a:ca:77:6e:dc:
17:0d:5e:a2:03:a3:65:34:0e:1f:12:c8:97:11:a1:
fa:2f:66:99:72:22:8a:5f:53:ea:48:71:0c:bf:d6:
ad:5e:71:fc:f2:55:3c:a8:0d:4b:3e:38:c5:e7:36:
5a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:78:73:99:A3:17:D8:48:8B:C3:77:1B:E0:49:5F:C5:E3:0E:F1:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
13:3d:44:06:90:e0:13:cf:88:13:2a:2b:c0:78:a7:35:c4:95:
9f:2f:ca:f9:38:78:bd:c0:7c:03:89:21:f8:26:6d:f3:f3:7b:
36:e4:d9:ad:7a:db:37:12:08:35:37:19:d7:42:89:0d:a3:97:
b3:fb:dd:e5:2f:81:3b:3d:ab:55:d3:6c:ee:5a:e7:86:a3:df:
a4:cf:40:10:6f:64:99:55:68:19:d2:dc:ae:72:ad:9b:db:8b:
ee:95:95:56:14:b5:3f:3d:c2:27:23:3d:1d:1e:5e:7e:fa:41:
ed:87:19:4c:3d:11:fc:8a:42:bc:22:3e:09:b1:60:be:3a:c5:
ec:a8:42:e3:ce:92:9e:b5:e0:b0:f0:2a:43:c5:a0:ac:35:4f:
b9:b7:9e:28:df:c8:eb:aa:34:3a:38:29:fc:80:17:51:6f:3a:
aa:65:ca:3e:cd:eb:33:8d:6c:3a:37:16:6c:88:b7:98:88:c8:
89:52:6d:9f:46:cb:13:04:3b:bf:33:cc:19:26:09:91:b3:48:
69:07:a5:7b:de:5f:54:6d:fc:ab:1e:68:d6:25:37:8b:c3:d0:
cd:fc:2e:48:73:e0:13:12:88:f3:91:84:e3:7c:1c:13:f5:d7:
06:1a:e7:73:bc:2f:ac:39:8d:73:2d:f6:73:6a:12:fb:ac:5f:
b6:55:9c:1b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDxSSKtyXb4NFnJmuUUm8LjvZ2kgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTQxNzMwMTJaFw0yNTA1MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzZmViMjUzMTZiZTE4ODE2ZDI2ZWJjZjRjOWNmZjBhMDgwZDZmODFlZDVk
ZjQ4NGM4MTRiNzc0NDdkMTRlZDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMStNPWiIkfbmjm0ThSCaxlzzau8sutjh8CSwmNOeC0DtrIHr53U8BppUxoG
vJ3qj4z0GgTzl6RfgGAlCpsc045/gnox+SnKYm/4lCzGj+JZYcnUF8GHiuxm6vLh
AdC1j6YAStcHZlcwuBe3Bg4G8eNFISWL5TGy8HbdsWvvcC+1wGUAFE5kpDfgXzNR
P1PRrBSzls8pwlv0bHrR16/8/krCzwpwhvow0e9/x5cOeUdG1o4Kg06q+BJGdYtJ
BMjTmXfdTmAGSuSgp8QJzDrKd27cFw1eogOjZTQOHxLIlxGh+i9mmXIiil9T6khx
DL/WrV5x/PJVPKgNSz44xec2Wq8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjeHOZ
oxfYSIvDdxvgSV/F4w7xhzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAEz1EBpDgE8+IEyorwHinNcSVny/K+Th4vcB8A4kh
+CZt8/N7NuTZrXrbNxIINTcZ10KJDaOXs/vd5S+BOz2rVdNs7lrnhqPfpM9AEG9k
mVVoGdLcrnKtm9uL7pWVVhS1Pz3CJyM9HR5efvpB7YcZTD0R/IpCvCI+CbFgvjrF
7KhC486SnrXgsPAqQ8WgrDVPubeeKN/I66o0Ojgp/IAXUW86qmXKPs3rM41sOjcW
bIi3mIjIiVJtn0bLEwQ7vzPMGSYJkbNIaQele95fVG38qx5o1iU3i8PQzfwuSHPg
ExKI85GE43wcE/XXBhrnc7wvrDmNcy32c2oS+6xftlWcGw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:51:18 2025 by rpki-client