Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: zpocYaw/jclyCSlswCcbs628WZ2QXXsXlLRs4XMT4gg=
Subject key identifier: B5:F2:33:7B:C4:DC:95:B5:33:92:29:30:CC:A5:F1:43:76:57:9B:BA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 56A9530A86C93B43B3B4346A0C1BEDFA883C0EEA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Sat 31 May 2025 00:50:21 +0000
ROA not before: Sat 31 May 2025 00:50:21 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a9:53:0a:86:c9:3b:43:b3:b4:34:6a:0c:1b:ed:fa:88:3c:0e:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:21 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=8f4db2a8f28d1e45b0525930d3778b8ddc147069e083b9a386bb9600c578a105, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d7:a6:79:b0:b2:da:f9:d6:eb:17:b3:c0:64:
a4:27:00:75:5f:1c:20:19:01:e9:a2:aa:9b:1f:65:
f5:c7:37:93:96:40:f8:b9:67:5f:b0:cd:7b:a4:05:
a6:04:45:94:0f:40:ed:c6:7a:4a:7a:e4:16:cd:20:
3f:54:17:58:f4:b2:b3:78:d3:46:b9:61:73:98:ad:
8b:54:07:f3:76:2e:3e:f0:50:59:10:9a:a7:86:4d:
a2:47:d2:20:51:3b:51:99:72:0c:1d:f3:a4:c0:e5:
24:54:fd:cc:5a:5c:7e:f5:0a:98:d9:0c:f0:cc:23:
59:82:70:06:c8:d5:94:f7:80:39:c4:92:c1:21:b4:
63:06:91:5c:32:4c:a9:13:cd:64:de:4f:7e:ec:3b:
e7:f7:89:f6:62:10:6e:8d:41:32:e9:2c:ce:42:ae:
3e:cb:2c:d9:1c:21:49:a4:26:c1:c2:58:b3:81:8b:
0a:5c:49:c7:bf:d9:d2:3f:c9:50:84:13:af:86:07:
2c:d2:65:28:7b:99:39:00:56:30:d0:6b:72:c6:3a:
4e:48:8f:e5:5e:8e:f6:a0:a1:41:75:27:f5:59:03:
f6:36:85:3d:9e:e2:39:e5:8a:50:f1:8a:36:0c:4c:
58:d3:d3:63:62:06:18:12:ec:b7:69:d6:07:15:3e:
1b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F2:33:7B:C4:DC:95:B5:33:92:29:30:CC:A5:F1:43:76:57:9B:BA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
26:ec:e1:fe:7a:e3:b5:37:6e:31:3d:60:4a:b4:18:d4:ca:88:
d8:f8:92:19:26:3d:ed:3a:33:3b:78:f8:90:ba:1c:4c:fa:05:
16:e3:33:ec:22:f5:40:89:d8:ee:70:26:74:dc:de:2a:09:4c:
db:59:be:ae:cc:84:fa:44:33:20:c2:f8:38:dc:bb:97:85:bb:
86:99:fb:56:d2:b3:09:b6:ee:8f:ea:dd:87:d9:b9:b1:4d:0a:
46:a1:02:49:6c:e7:87:19:f1:a0:55:ff:b2:e8:e9:9d:5a:84:
c0:46:05:a6:87:eb:39:b0:80:dc:da:ef:e4:92:d3:2e:f5:46:
6a:40:1b:e6:e3:ab:a8:3c:91:c4:2e:41:3f:b6:a5:aa:11:7f:
0a:4f:84:97:e5:e3:da:62:0a:6d:f6:97:36:b4:80:b3:e9:55:
30:9f:da:af:e4:22:0d:e2:73:db:bc:98:e8:83:60:90:89:f4:
db:49:93:e1:40:d1:b6:20:1a:e2:a3:9f:69:88:69:3d:37:32:
62:5b:eb:6e:7f:b0:ea:40:2d:c8:9d:9e:c4:04:20:cd:e3:73:
8a:d7:1c:cc:0e:c6:86:b6:0c:f1:5a:c6:8b:c3:ad:82:46:49:
11:b0:f1:2b:79:4c:d6:71:d9:fc:f2:c2:87:d3:16:12:97:29:
ac:f1:27:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVqlTCobJO0OztDRqDBvt+og8DuowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjFaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmNGRiMmE4ZjI4ZDFlNDViMDUyNTkzMGQzNzc4YjhkZGMxNDcwNjllMDgz
YjlhMzg2YmI5NjAwYzU3OGExMDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzXpnmwstr51usXs8BkpCcAdV8cIBkB6aKqmx9l9cc3k5ZA+LlnX7DNe6QF
pgRFlA9A7cZ6SnrkFs0gP1QXWPSys3jTRrlhc5iti1QH83YuPvBQWRCap4ZNokfS
IFE7UZlyDB3zpMDlJFT9zFpcfvUKmNkM8MwjWYJwBsjVlPeAOcSSwSG0YwaRXDJM
qRPNZN5Pfuw75/eJ9mIQbo1BMukszkKuPsss2RwhSaQmwcJYs4GLClxJx7/Z0j/J
UIQTr4YHLNJlKHuZOQBWMNBrcsY6TkiP5V6O9qChQXUn9VkD9jaFPZ7iOeWKUPGK
NgxMWNPTY2IGGBLst2nWBxU+G3kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS18jN7
xNyVtTOSKTDMpfFDdlebujAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQAm7OH+euO1N24xPWBKtBjUyojY+JIZJj3tOjM7ePiQ
uhxM+gUW4zPsIvVAidjucCZ03N4qCUzbWb6uzIT6RDMgwvg43LuXhbuGmftW0rMJ
tu6P6t2H2bmxTQpGoQJJbOeHGfGgVf+y6OmdWoTARgWmh+s5sIDc2u/kktMu9UZq
QBvm46uoPJHELkE/tqWqEX8KT4SX5ePaYgpt9pc2tICz6VUwn9qv5CIN4nPbvJjo
g2CQifTbSZPhQNG2IBrio59piGk9NzJiW+tuf7DqQC3InZ7EBCDN43OK1xzMDsaG
tgzxWsaLw62CRkkRsPEreUzWcdn88sKH0xYSlyms8SeQ
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:10:37 2025 by rpki-client