Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: Z5Fs6+/Z7TUewQ7AeZM/IbBGwjVhZ319vcLZYoTcmqA=
Subject key identifier: 73:07:1A:10:DC:AC:E9:F1:A8:85:DC:40:60:43:30:47:A6:6B:11:5E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6DD27A9474A9105E929DEE189387170880EDF473
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Fri 25 Apr 2025 20:30:56 +0000
ROA not before: Fri 25 Apr 2025 20:30:56 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:d2:7a:94:74:a9:10:5e:92:9d:ee:18:93:87:17:08:80:ed:f4:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:56 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f858c5eaac360e2722d35917bad94e7d4f00043333392e60288dd0827997c1be, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:cd:d9:5d:8d:cb:ab:e4:9a:9f:a2:45:72:
64:ce:92:b6:80:a6:f1:56:fc:ca:ff:a1:d8:de:77:
6a:ed:88:e7:be:34:35:a2:de:4b:c7:6b:60:57:27:
b5:3a:e0:f8:58:0c:b1:9b:28:74:d7:e1:4a:6f:92:
71:fa:9e:3f:e7:e7:ae:4e:ac:a8:d4:88:db:1c:03:
86:f2:c2:b9:be:3e:cd:c5:63:0b:2c:6b:1e:07:e5:
bf:68:e8:d1:25:e3:f7:8d:0a:3e:0f:51:bf:b7:5b:
be:55:a7:59:b3:2f:40:f2:0f:fa:7b:b5:a2:d8:cb:
00:84:b3:3b:e9:a7:cf:45:84:a7:d6:3b:1a:b7:9f:
98:b7:24:d3:b3:35:a6:48:81:e1:19:92:4a:c4:fd:
f3:71:7a:c9:f9:a9:bf:60:d8:6e:a3:8a:79:40:c2:
32:31:d2:d8:95:ec:57:75:c1:8d:c8:d0:a6:7f:5e:
16:c6:8b:77:fd:2c:ca:9d:01:ac:fc:7d:bc:7a:1a:
a0:15:81:ae:29:e4:85:bd:ed:ee:2b:5c:30:de:76:
53:fd:4e:33:69:30:0e:9d:a5:a2:11:bc:1c:01:aa:
71:cd:8a:73:73:84:df:03:dd:38:5c:e4:ca:4e:9a:
21:70:9e:9c:34:99:ee:c9:4b:0d:39:77:cc:08:34:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:07:1A:10:DC:AC:E9:F1:A8:85:DC:40:60:43:30:47:A6:6B:11:5E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bb:a5:cf:8f:8a:c1:04:1b:d7:8b:3f:5d:97:ee:3e:9c:19:5a:
d4:f6:78:4e:b8:d5:4f:8d:9c:39:48:e8:21:1d:81:8f:f8:ce:
99:b0:4f:96:a8:35:13:1a:cd:74:e0:ea:44:32:d4:f3:24:fc:
db:2a:b0:f8:f3:90:dc:55:8a:33:35:be:8e:ef:31:f5:fd:45:
97:8c:f3:a5:67:c1:56:5b:17:2e:44:9f:57:b3:6b:6b:ad:a9:
9e:21:da:b5:ae:60:06:35:7a:c9:e6:d5:55:51:82:a4:a1:d1:
02:4c:57:82:e1:50:c8:46:73:8e:be:a5:87:79:01:6f:28:6e:
44:fc:15:23:31:d9:ec:d5:85:72:7e:74:98:c7:6c:21:33:cf:
ad:40:a6:ff:94:fb:63:be:bc:3d:43:fa:52:8b:3e:4c:11:b1:
86:cc:b2:cf:6c:69:f5:a5:fe:5d:d0:1d:6f:3f:88:3c:18:9f:
3e:57:6d:36:1a:bf:04:e3:d0:61:95:49:2d:65:b7:dc:82:af:
49:1d:57:e1:4e:00:b1:44:2d:e9:28:bc:83:b9:c9:7e:6a:a5:
7d:7c:54:1f:bf:16:70:ce:56:ac:48:05:eb:69:8b:c9:a4:23:
98:a4:c2:4e:25:58:2d:65:cd:08:89:d3:8c:60:66:6c:03:cc:
60:6f:83:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbdJ6lHSpEF6Sne4Yk4cXCIDt9HMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4NThjNWVhYWMzNjBlMjcyMmQzNTkxN2JhZDk0ZTdkNGYwMDA0MzMzMzM5
MmU2MDI4OGRkMDgyNzk5N2MxYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ6Azdldjcur5JqfokVyZM6StoCm8Vb8yv+h2N53au2I5740NaLeS8drYFcn
tTrg+FgMsZsodNfhSm+ScfqeP+fnrk6sqNSI2xwDhvLCub4+zcVjCyxrHgflv2jo
0SXj940KPg9Rv7dbvlWnWbMvQPIP+nu1otjLAISzO+mnz0WEp9Y7GrefmLck07M1
pkiB4RmSSsT983F6yfmpv2DYbqOKeUDCMjHS2JXsV3XBjcjQpn9eFsaLd/0syp0B
rPx9vHoaoBWBrinkhb3t7itcMN52U/1OM2kwDp2lohG8HAGqcc2Kc3OE3wPdOFzk
yk6aIXCenDSZ7slLDTl3zAg0KNMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRzBxoQ
3Kzp8aiF3EBgQzBHpmsRXjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQC7pc+PisEEG9eLP12X7j6cGVrU9nhOuNVPjZw5SOgh
HYGP+M6ZsE+WqDUTGs104OpEMtTzJPzbKrD485DcVYozNb6O7zH1/UWXjPOlZ8FW
WxcuRJ9Xs2trrameIdq1rmAGNXrJ5tVVUYKkodECTFeC4VDIRnOOvqWHeQFvKG5E
/BUjMdns1YVyfnSYx2whM8+tQKb/lPtjvrw9Q/pSiz5MEbGGzLLPbGn1pf5d0B1v
P4g8GJ8+V202Gr8E49BhlUktZbfcgq9JHVfhTgCxRC3pKLyDucl+aqV9fFQfvxZw
zlasSAXraYvJpCOYpMJOJVgtZc0IidOMYGZsA8xgb4MR
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:51:55 2025 by rpki-client