Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: X2LAyfs7XK+3IRmkbSnMuRjOtxlDFMIoKPbeY+wERAU=
Subject key identifier: 5D:3A:E8:05:A5:42:4C:92:6C:66:C5:E2:3D:F8:35:2D:C7:C7:00:0B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E963DB96CAF74DB6CB63C9440F772B3EB2FB3B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Fri 25 Apr 2025 20:30:50 +0000
ROA not before: Fri 25 Apr 2025 20:30:50 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:96:3d:b9:6c:af:74:db:6c:b6:3c:94:40:f7:72:b3:eb:2f:b3:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:50 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a645bbb9a8076b6fef5c58ed6fc2a25441102a3e094cbe9c557ae3dddff82efa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:d0:22:c1:7a:4a:e1:f3:9a:02:b2:9d:43:
6e:ab:ed:1c:d0:7d:fa:ce:5a:86:d5:eb:02:9d:26:
ba:72:3d:83:dc:2b:ae:14:81:83:d8:05:61:96:b9:
ad:cb:26:7d:19:43:77:aa:c2:36:06:05:4e:e1:94:
42:f2:20:c0:99:d8:c7:76:38:ca:cf:37:cb:6b:fa:
cd:93:bf:43:28:e6:be:63:7e:93:bd:6e:c5:b9:70:
8c:df:7b:b4:7a:4e:a1:34:26:b5:c6:e6:74:42:77:
8b:d3:54:28:5b:fb:98:6e:42:0b:ee:f5:f1:65:ee:
1b:0a:5e:4a:0d:1c:4d:74:25:df:2a:4e:11:c1:df:
5a:4e:61:a1:ad:1d:7d:cc:1d:f8:81:b8:81:11:f4:
e7:16:57:af:b2:35:26:ac:84:f8:e2:e3:23:39:68:
bf:04:9f:09:4d:0e:dd:ba:02:02:a5:48:88:b1:c6:
49:a2:77:d4:12:f7:93:06:c6:f4:28:60:68:e4:41:
48:6c:23:69:0e:f5:d5:a7:8b:f3:d1:0e:95:04:6b:
01:d0:78:35:3b:f5:44:2e:ba:d5:a1:cf:29:3a:8f:
d8:72:c8:c5:68:1c:61:a3:6a:80:79:40:a5:23:13:
c9:8a:f3:a6:b8:ca:50:31:3f:ce:f1:18:3c:8f:ee:
8c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3A:E8:05:A5:42:4C:92:6C:66:C5:E2:3D:F8:35:2D:C7:C7:00:0B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:d9:20:5f:5a:ba:44:21:ee:2e:a2:07:ba:5b:75:8a:ec:46:
2b:21:9b:8e:e2:57:c4:88:45:8c:e7:57:2e:21:1b:4f:b8:45:
95:bf:4e:f7:bd:1e:d7:f2:b7:c2:7b:19:71:56:52:78:b9:ef:
10:4c:e3:90:ab:2b:4b:2f:c4:f7:b6:f6:e9:7a:7e:36:21:9f:
ad:d0:e9:85:97:ce:40:5b:d6:9c:7a:4e:0a:c6:02:4d:12:12:
b7:49:60:0c:d8:07:f7:28:20:d1:09:31:4c:d3:4a:63:42:06:
c3:a2:48:84:f1:9d:2b:dc:8c:66:2a:67:a5:c5:74:ea:16:1f:
c2:83:46:11:0c:5f:eb:07:c7:3e:6f:62:5e:c3:4e:a8:38:42:
2c:b1:e3:74:e0:e0:ac:1f:a2:f9:0c:8a:89:40:7a:5e:f9:dd:
26:7b:71:ee:b3:66:f9:37:1d:7c:c2:1a:02:18:c2:a9:06:9d:
76:cd:27:77:36:ff:36:ae:41:d2:84:bc:48:a1:94:cf:80:c2:
c3:21:2e:32:3f:3b:23:c4:1b:ab:48:1f:b1:de:51:55:f9:9c:
7d:96:75:8e:4f:d7:f0:9b:27:34:01:f0:d1:5e:a2:e8:04:bb:
1f:5c:a1:38:c0:f2:57:53:19:24:71:dd:df:a2:8b:6f:7b:0b:
14:6d:eb:88
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXpY9uWyvdNtstjyUQPdys+svs7YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE2NDViYmI5YTgwNzZiNmZlZjVjNThlZDZmYzJhMjU0NDExMDJhM2UwOTRj
YmU5YzU1N2FlM2RkZGZmODJlZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIwP0CLBekrh85oCsp1DbqvtHNB9+s5ahtXrAp0munI9g9wrrhSBg9gFYZa5
rcsmfRlDd6rCNgYFTuGUQvIgwJnYx3Y4ys83y2v6zZO/QyjmvmN+k71uxblwjN97
tHpOoTQmtcbmdEJ3i9NUKFv7mG5CC+718WXuGwpeSg0cTXQl3ypOEcHfWk5hoa0d
fcwd+IG4gRH05xZXr7I1JqyE+OLjIzlovwSfCU0O3boCAqVIiLHGSaJ31BL3kwbG
9ChgaORBSGwjaQ711aeL89EOlQRrAdB4NTv1RC661aHPKTqP2HLIxWgcYaNqgHlA
pSMTyYrzprjKUDE/zvEYPI/ujNkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdOugF
pUJMkmxmxeI9+DUtx8cACzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAStkgX1q6RCHuLqIHult1iuxGKyGbjuJXxIhFjOdX
LiEbT7hFlb9O970e1/K3wnsZcVZSeLnvEEzjkKsrSy/E97b26Xp+NiGfrdDphZfO
QFvWnHpOCsYCTRISt0lgDNgH9ygg0QkxTNNKY0IGw6JIhPGdK9yMZipnpcV06hYf
woNGEQxf6wfHPm9iXsNOqDhCLLHjdODgrB+i+QyKiUB6XvndJntx7rNm+TcdfMIa
AhjCqQadds0ndzb/Nq5B0oS8SKGUz4DCwyEuMj87I8Qbq0gfsd5RVfmcfZZ1jk/X
8JsnNAHw0V6i6AS7H1yhOMDyV1MZJHHd36KLb3sLFG3riA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:30:46 2025 by rpki-client