Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: bsmtftvmstqSok/dXP/tCy/Y+iQyBQI3jvuSUlRkAgs=
Subject key identifier: F3:DC:76:8F:8B:F8:84:C1:48:0B:B9:22:C2:B5:BE:28:23:AF:BE:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0BF1B2AEB5B72C50575C5F593D003AD1ADE8970B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Fri 23 May 2025 00:50:06 +0000
ROA not before: Fri 23 May 2025 00:50:06 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f1:b2:ae:b5:b7:2c:50:57:5c:5f:59:3d:00:3a:d1:ad:e8:97:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:06 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=2fd5be876143818638d4605617e143dfddacb339a193b1bd21cde28a4c5fc808, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ed:6d:7a:b5:ed:51:29:5b:64:f1:31:9f:0e:
04:bb:e8:a3:82:42:45:8a:e8:bf:00:40:31:a7:3c:
87:b1:8a:84:60:d4:f7:6e:4b:b4:77:48:4c:90:20:
c1:50:45:00:40:0b:ba:c0:42:f6:d6:cb:2a:58:91:
6b:97:7b:ff:f0:21:2c:d0:99:12:94:e0:4b:a1:d0:
20:f4:7c:4a:8b:c5:98:cf:e9:f3:d0:ff:0c:ad:3d:
d8:ce:7a:31:aa:37:ed:31:26:aa:2e:7f:a8:0b:25:
8c:7d:d4:09:bb:e7:9c:ce:e4:f2:d7:44:a5:95:10:
c1:8b:a2:bc:c9:3f:4f:9c:ac:a7:b1:09:54:0c:f0:
a2:1b:fd:64:97:8e:fa:5e:0c:e3:24:a8:16:e1:01:
29:9d:4c:c2:14:4d:b6:69:18:8f:69:e2:d1:6a:1f:
ca:71:de:ce:b3:1b:b8:3b:dd:84:fe:5d:e4:14:1b:
56:5e:5b:c6:03:45:e0:bf:5a:6d:f1:14:b5:97:5b:
a3:97:9a:6b:c5:b1:aa:e1:cc:fd:74:a2:20:67:62:
c9:ed:58:5f:2b:97:ba:78:80:6b:cd:8f:78:b4:d2:
79:67:e8:de:2f:f9:6e:05:87:06:7e:59:95:06:e2:
3c:fb:12:c2:7e:72:8b:e6:cc:71:d8:ae:2f:b4:6b:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:DC:76:8F:8B:F8:84:C1:48:0B:B9:22:C2:B5:BE:28:23:AF:BE:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
be:7d:46:09:89:93:aa:4c:56:40:b3:2d:c2:b3:5b:23:d9:af:
1f:08:6b:15:a1:c4:be:d3:ea:a9:10:4e:12:a1:24:b1:3a:bc:
93:31:68:a5:cd:6a:d8:1e:7e:88:11:79:a3:7d:43:58:3e:82:
c5:02:f9:af:49:8e:54:9f:0a:37:df:99:75:30:78:ea:03:cc:
06:ac:4b:6d:a0:83:0c:39:ed:e2:35:b1:5f:89:ef:82:4d:27:
64:de:e4:82:0a:9d:14:0f:cb:04:c7:55:8f:34:8c:39:d8:4b:
20:b2:74:2b:f1:cc:dc:c8:3f:e9:ef:74:11:84:ab:05:00:e3:
9b:43:48:75:b9:da:38:99:b6:b1:6f:79:f1:81:07:39:f8:b8:
5b:74:8e:3b:32:bc:0e:cb:bb:8b:c4:5c:a3:9f:74:90:b3:b0:
2d:0f:ba:cb:a8:75:08:0f:a4:93:80:2a:61:55:6f:8d:a5:8b:
4e:b4:ed:91:4f:17:00:bc:ea:23:2c:e1:90:d9:ea:1a:59:4e:
3f:2a:4f:70:91:94:53:23:09:b6:ef:35:bf:46:55:51:9c:de:
14:e4:fd:78:fd:9f:da:df:d2:05:db:c1:f6:57:f2:c1:43:81:
c5:f9:de:45:e2:db:8a:0f:de:51:aa:cd:3b:70:00:a6:8c:67:
a7:ba:86:20
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUC/GyrrW3LFBXXF9ZPQA60a3olwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMDZaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmZDViZTg3NjE0MzgxODYzOGQ0NjA1NjE3ZTE0M2RmZGRhY2IzMzlhMTkz
YjFiZDIxY2RlMjhhNGM1ZmM4MDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMntbXq17VEpW2TxMZ8OBLvoo4JCRYrovwBAMac8h7GKhGDU925LtHdITJAg
wVBFAEALusBC9tbLKliRa5d7//AhLNCZEpTgS6HQIPR8SovFmM/p89D/DK092M56
Mao37TEmqi5/qAsljH3UCbvnnM7k8tdEpZUQwYuivMk/T5ysp7EJVAzwohv9ZJeO
+l4M4ySoFuEBKZ1MwhRNtmkYj2ni0WofynHezrMbuDvdhP5d5BQbVl5bxgNF4L9a
bfEUtZdbo5eaa8WxquHM/XSiIGdiye1YXyuXuniAa82PeLTSeWfo3i/5bgWHBn5Z
lQbiPPsSwn5yi+bMcdiuL7Rr5/0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTz3HaP
i/iEwUgLuSLCtb4oI6++ojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAvn1GCYmTqkxWQLMtwrNbI9mvHwhrFaHEvtPqqRBO
EqEksTq8kzFopc1q2B5+iBF5o31DWD6CxQL5r0mOVJ8KN9+ZdTB46gPMBqxLbaCD
DDnt4jWxX4nvgk0nZN7kggqdFA/LBMdVjzSMOdhLILJ0K/HM3Mg/6e90EYSrBQDj
m0NIdbnaOJm2sW958YEHOfi4W3SOOzK8Dsu7i8Rco590kLOwLQ+6y6h1CA+kk4Aq
YVVvjaWLTrTtkU8XALzqIyzhkNnqGllOPypPcJGUUyMJtu81v0ZVUZzeFOT9eP2f
2t/SBdvB9lfywUOBxfneReLbig/eUarNO3AApoxnp7qGIA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:22 2025 by rpki-client