Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: Lu50NiSY0crYMitHIxcYzGTkBSi360Mxtv0nk4S5SEo=
Subject key identifier: 1A:C1:9D:8C:E1:EF:76:5D:AF:7E:C7:8F:C7:98:6D:3E:C6:34:5C:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62FD39748E851A46FF0844669A8EE36F181270DC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Sat 31 May 2025 00:50:08 +0000
ROA not before: Sat 31 May 2025 00:50:08 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:fd:39:74:8e:85:1a:46:ff:08:44:66:9a:8e:e3:6f:18:12:70:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:08 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=781f69d507a70b1dac6bdc34cda6cb38e0e96c6f434689971d05b0ae982ad3cc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fd:a1:42:bf:a2:e4:15:7d:7c:20:c8:63:9d:
49:f6:cf:0b:60:c1:38:89:70:a2:05:46:6f:a1:9e:
17:a5:d0:14:e8:1f:79:ca:27:8f:6f:69:1f:61:8d:
58:30:57:48:91:eb:dd:cf:15:69:4e:f3:59:57:19:
f7:9b:ad:4f:92:61:e5:8f:3a:c0:46:46:9c:29:4b:
9c:66:76:1d:ea:41:05:23:3f:35:1e:5f:16:da:c5:
44:ec:10:e2:e2:f0:dc:c5:9f:38:bd:80:48:85:b6:
b9:80:91:d9:6e:63:43:27:e3:30:33:57:6f:46:d6:
43:24:d5:ed:ae:ed:2f:91:a8:64:09:55:d5:d4:ed:
09:1e:70:c6:9e:e1:5f:f0:7e:14:2b:f6:be:7a:0f:
50:99:ac:09:35:85:0f:47:cc:1c:19:76:c6:e2:9c:
78:9e:2a:72:f9:a5:5c:e6:c9:f5:5c:10:c2:9f:a5:
b7:93:bb:e5:5a:00:e8:2e:40:79:05:2d:bc:36:b1:
4c:d4:2f:9a:5b:01:51:86:20:39:37:35:7f:a1:3d:
12:b7:52:03:9e:ff:34:c3:cd:e9:d5:46:0a:36:ee:
e2:69:be:58:5a:0b:37:02:38:44:b0:5e:71:6c:dc:
67:77:b2:5d:d8:65:b7:eb:59:54:28:bc:f2:97:16:
c2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C1:9D:8C:E1:EF:76:5D:AF:7E:C7:8F:C7:98:6D:3E:C6:34:5C:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4f:9b:22:7d:3c:d8:76:fc:16:f5:f1:c8:18:e2:b8:ff:7f:f5:
2c:87:ca:62:92:41:67:99:b1:0b:e8:4d:74:2d:bd:d7:97:07:
cc:ed:16:cc:25:88:68:2b:b1:1d:cb:94:9d:40:97:a2:a5:76:
04:c8:ec:d3:49:e7:44:79:84:48:98:77:a6:0b:ce:1f:2b:ed:
0b:13:38:02:bd:8a:f2:70:1d:41:92:00:2c:7b:37:26:9f:b3:
97:80:70:9c:c5:ec:12:43:7f:e7:be:c6:bd:c8:b4:a6:41:ba:
77:db:cc:f1:3b:85:42:af:e1:e2:36:66:40:ff:a0:7b:8e:11:
3c:64:89:55:58:ca:ca:1e:fa:d1:f0:dc:c2:e6:e0:7e:05:14:
a2:b9:55:13:46:fa:7d:42:ed:d8:de:eb:db:b8:5a:10:f2:6c:
2f:ae:5e:16:22:ff:d1:69:a4:cc:f6:19:27:c2:ae:ee:53:0c:
48:31:3a:b0:ec:9c:a5:34:ec:95:82:2b:38:4f:8c:43:61:62:
64:8b:e1:7a:b5:fb:81:26:c2:84:b7:38:98:5d:aa:e8:b0:ce:
1c:64:4f:65:4c:2a:dc:73:97:fe:aa:8c:07:a5:06:7e:2e:ff:
8e:9f:82:36:fd:b2:89:9a:48:92:95:8f:03:49:a8:6d:cf:f7:
86:e5:30:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYv05dI6FGkb/CERmmo7jbxgScNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMDhaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4MWY2OWQ1MDdhNzBiMWRhYzZiZGMzNGNkYTZjYjM4ZTBlOTZjNmY0MzQ2
ODk5NzFkMDViMGFlOTgyYWQzY2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMv9oUK/ouQVfXwgyGOdSfbPC2DBOIlwogVGb6GeF6XQFOgfeconj29pH2GN
WDBXSJHr3c8VaU7zWVcZ95utT5Jh5Y86wEZGnClLnGZ2HepBBSM/NR5fFtrFROwQ
4uLw3MWfOL2ASIW2uYCR2W5jQyfjMDNXb0bWQyTV7a7tL5GoZAlV1dTtCR5wxp7h
X/B+FCv2vnoPUJmsCTWFD0fMHBl2xuKceJ4qcvmlXObJ9VwQwp+lt5O75VoA6C5A
eQUtvDaxTNQvmlsBUYYgOTc1f6E9ErdSA57/NMPN6dVGCjbu4mm+WFoLNwI4RLBe
cWzcZ3eyXdhlt+tZVCi88pcWwmsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQawZ2M
4e92Xa9+x4/HmG0+xjRcbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBPmyJ9PNh2/Bb18cgY4rj/f/Ush8pikkFnmbEL6E10
Lb3XlwfM7RbMJYhoK7Edy5SdQJeipXYEyOzTSedEeYRImHemC84fK+0LEzgCvYry
cB1BkgAsezcmn7OXgHCcxewSQ3/nvsa9yLSmQbp328zxO4VCr+HiNmZA/6B7jhE8
ZIlVWMrKHvrR8NzC5uB+BRSiuVUTRvp9Qu3Y3uvbuFoQ8mwvrl4WIv/RaaTM9hkn
wq7uUwxIMTqw7JylNOyVgis4T4xDYWJki+F6tfuBJsKEtziYXarosM4cZE9lTCrc
c5f+qowHpQZ+Lv+On4I2/bKJmkiSlY8DSahtz/eG5TBr
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:05:20 2025 by rpki-client