Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: P9R0ZemUm45o+3W4fhemuBK06Tkz1kC7z6FL4D53cKA=
Subject key identifier: 2D:D2:37:4E:30:7A:17:13:7F:FB:02:6D:04:1F:49:AA:D6:30:F2:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A46B6FEECC3C16AC96D14F8F2FDF9F334311A34
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Sat 31 May 2025 00:50:34 +0000
ROA not before: Sat 31 May 2025 00:50:34 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:46:b6:fe:ec:c3:c1:6a:c9:6d:14:f8:f2:fd:f9:f3:34:31:1a:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:34 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=144178f91dad9a29bd8568cb0beb66c18631ad1fd8e710043d52ad28ab5fa75d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:53:a2:79:0f:8f:7f:9a:2a:1b:e3:b2:be:
33:e0:9f:15:e6:ad:80:76:78:b7:da:de:0b:5a:0c:
2d:9d:10:00:91:e4:06:b3:38:0e:69:63:ee:fc:89:
ae:e7:a5:f5:8f:ac:2b:28:7d:dc:a0:c3:79:03:5b:
dd:9f:37:dc:58:6f:66:ac:ac:cc:07:a6:f8:7f:6c:
9b:47:ff:b1:36:36:5e:e2:36:3c:39:a1:f1:b1:c7:
b4:e8:05:37:4a:a6:b4:ff:58:71:b3:1c:ab:c3:0a:
7b:89:33:14:28:67:0e:3d:2d:72:66:df:da:fc:d1:
1b:93:25:23:6b:16:68:f5:84:e9:e7:48:ac:00:95:
54:04:46:3e:03:94:15:ac:ef:da:af:c1:8a:20:84:
29:a9:de:ad:0c:fd:38:c0:61:d4:9a:7f:02:70:b9:
2c:83:9a:29:bd:b4:14:ba:ad:49:4e:4b:10:bf:9f:
61:3a:e7:6d:d8:ea:b6:1e:af:81:33:cc:d3:81:cb:
7d:d5:92:fb:71:b1:2b:28:8a:13:b8:df:52:c4:e5:
dc:be:2d:2f:bc:11:c4:9e:bf:3b:ef:69:b8:23:e5:
68:60:3c:f5:5c:20:ec:7a:06:5c:e7:e5:72:92:00:
26:03:19:b6:fa:97:35:1c:82:51:df:c2:66:5a:62:
aa:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D2:37:4E:30:7A:17:13:7F:FB:02:6D:04:1F:49:AA:D6:30:F2:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
95:04:06:41:f4:a1:11:6b:9a:ce:ae:b6:ed:00:51:d5:af:a8:
e8:6e:c2:82:b6:2f:74:1b:fd:82:0a:d0:f7:67:d8:53:30:df:
ff:51:90:15:c4:c3:e6:b1:88:18:a7:66:4e:ca:be:5f:fc:73:
45:d4:fc:83:bc:50:ee:5c:28:ba:17:54:4a:38:85:55:39:71:
c4:6c:54:d7:28:04:d4:8c:08:8a:38:00:7b:58:09:f8:9c:4f:
6e:ef:bb:92:a3:8b:e1:47:71:df:9a:39:bb:cb:c0:7c:d0:6d:
2c:05:39:bb:d5:e9:9e:2a:79:d6:6f:bb:a8:96:da:cb:92:0c:
e4:28:81:47:eb:93:13:ea:5f:05:c1:73:bf:5f:ea:62:6a:5b:
bc:79:2e:f7:dd:67:6d:87:71:3c:dc:5a:55:a2:9e:2f:0a:81:
a6:4e:ef:63:86:ee:69:f2:73:ce:29:a3:4e:1e:fe:56:91:78:
ba:64:94:d8:05:b6:97:a7:b6:f2:e0:ad:49:10:bb:77:e0:98:
02:7c:c0:c3:dc:37:3b:b8:8b:b4:95:ef:de:a9:90:19:f2:6b:
a1:10:0f:8e:e2:0a:a7:f0:08:29:a5:14:d2:e9:08:de:93:71:
1d:2a:04:62:65:c0:39:35:24:7a:e9:84:f5:52:97:63:42:27:
06:4e:73:6e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeka2/uzDwWrJbRT48v358zQxGjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMzRaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0NDE3OGY5MWRhZDlhMjliZDg1NjhjYjBiZWI2NmMxODYzMWFkMWZkOGU3
MTAwNDNkNTJhZDI4YWI1ZmE3NWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3EU6J5D49/miob47K+M+CfFeatgHZ4t9reC1oMLZ0QAJHkBrM4Dmlj7vyJ
ruel9Y+sKyh93KDDeQNb3Z833FhvZqyszAem+H9sm0f/sTY2XuI2PDmh8bHHtOgF
N0qmtP9YcbMcq8MKe4kzFChnDj0tcmbf2vzRG5MlI2sWaPWE6edIrACVVARGPgOU
Fazv2q/BiiCEKanerQz9OMBh1Jp/AnC5LIOaKb20FLqtSU5LEL+fYTrnbdjqth6v
gTPM04HLfdWS+3GxKyiKE7jfUsTl3L4tL7wRxJ6/O+9puCPlaGA89Vwg7HoGXOfl
cpIAJgMZtvqXNRyCUd/CZlpiql8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQt0jdO
MHoXE3/7Am0EH0mq1jDydDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCVBAZB9KERa5rOrrbtAFHVr6jobsKCti90G/2CCtD3
Z9hTMN//UZAVxMPmsYgYp2ZOyr5f/HNF1PyDvFDuXCi6F1RKOIVVOXHEbFTXKATU
jAiKOAB7WAn4nE9u77uSo4vhR3Hfmjm7y8B80G0sBTm71emeKnnWb7uoltrLkgzk
KIFH65MT6l8FwXO/X+pialu8eS733Wdth3E83FpVop4vCoGmTu9jhu5p8nPOKaNO
Hv5WkXi6ZJTYBbaXp7by4K1JELt34JgCfMDD3Dc7uIu0le/eqZAZ8muhEA+O4gqn
8AgppRTS6Qjek3EdKgRiZcA5NSR66YT1UpdjQicGTnNu
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:09:44 2025 by rpki-client