Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: wPxQjn05F3ePdYYn5sVKjMbnEcMLKBnSzriwTvylXg8=
Subject key identifier: 3A:3A:0D:91:D0:11:7D:8E:97:DE:1C:4E:F3:EE:72:42:22:CE:AD:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14ABDA8C7ABE5678CD1510A33E1F585F1C57E66E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Sat 31 May 2025 00:50:18 +0000
ROA not before: Sat 31 May 2025 00:50:18 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ab:da:8c:7a:be:56:78:cd:15:10:a3:3e:1f:58:5f:1c:57:e6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:18 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=32a693767cc8a4c26841248b426d8a5c5a5e8f916acfe64e7d9366742343a2df, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bf:d1:0b:de:24:3b:15:6e:52:0c:ed:e8:6f:
f0:de:b9:c3:48:fd:d3:4e:da:cd:83:83:69:f7:48:
b8:3a:40:8b:9b:a0:bc:38:e8:83:8b:63:f9:dd:d1:
ee:23:37:dd:fb:5b:1e:a1:b3:86:16:bb:4b:f0:f5:
12:6d:02:6b:51:3d:34:8e:68:81:30:73:f5:be:31:
e5:19:c1:67:9b:11:8d:68:f3:ba:82:68:a2:4e:c2:
e3:22:b0:cd:8d:f9:bb:85:d9:50:5f:2f:c3:4c:a3:
e6:b6:2c:b2:5d:52:91:f1:70:95:12:f2:07:37:55:
17:59:66:8d:65:6e:eb:5a:a8:e2:fe:68:5a:74:ad:
6e:cd:09:c9:69:d9:aa:33:04:51:9f:20:2b:3a:37:
60:4c:d6:6f:7f:ee:31:9a:db:df:a5:0a:cb:23:9a:
43:08:18:b4:2b:05:39:4c:dc:0e:94:09:89:99:35:
68:d6:8e:ba:ed:32:a8:ed:71:bf:5a:96:7b:8b:58:
72:8b:1b:7e:fd:6b:1c:e0:b3:74:86:bd:e7:f2:f6:
50:d7:e8:44:41:c1:fe:f6:4c:1b:23:b2:5a:04:a3:
23:23:e2:c5:f3:ad:f4:a8:28:6b:b3:8d:9d:1e:11:
8c:89:00:0e:77:3a:55:4f:ac:44:7f:85:15:0e:24:
95:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:3A:0D:91:D0:11:7D:8E:97:DE:1C:4E:F3:EE:72:42:22:CE:AD:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:ee:42:10:ec:6d:63:af:20:fe:00:bc:2a:87:3a:8e:f4:5f:
f3:64:92:be:4e:11:14:a5:f6:76:ca:60:53:db:d4:7a:ce:95:
30:96:fe:6e:14:77:de:9d:c3:71:6e:ca:0f:55:c7:01:fd:4c:
ad:1b:d0:03:a5:72:72:9c:cf:dc:a0:54:8d:66:26:7e:92:ef:
78:02:3f:eb:1e:f2:da:60:58:75:ae:44:72:dd:c7:0d:de:b4:
12:76:02:3e:ef:55:af:e6:7e:87:98:c6:ef:cb:92:8f:e9:c4:
cf:42:2c:5e:a4:5c:f9:b4:d0:ad:4d:3b:eb:10:d5:c5:f1:62:
fe:b5:9b:f3:80:f0:c5:5b:5d:38:ba:83:fa:5f:fd:3c:a0:0e:
f2:c7:ac:21:64:88:06:63:4c:2d:da:1f:80:0e:64:99:15:aa:
0c:ee:a4:cf:e1:35:6a:a7:5b:ed:44:bb:78:92:b2:d5:25:27:
78:09:bc:9e:e1:c2:02:4a:13:2c:9c:2e:0d:14:a0:a7:91:90:
49:9a:0c:62:73:bc:b0:e5:b3:d3:df:4f:bd:a3:2f:8d:e3:77:
33:95:fc:f2:d4:1d:f2:72:30:d4:12:62:42:c3:7d:a0:46:93:
6c:24:7f:52:e0:25:29:06:f6:73:d6:7a:92:5d:11:78:32:ab:
fb:0d:84:26
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFKvajHq+VnjNFRCjPh9YXxxX5m4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMThaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyYTY5Mzc2N2NjOGE0YzI2ODQxMjQ4YjQyNmQ4YTVjNWE1ZThmOTE2YWNm
ZTY0ZTdkOTM2Njc0MjM0M2EyZGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6/0QveJDsVblIM7ehv8N65w0j9007azYODafdIuDpAi5ugvDjog4tj+d3R
7iM33ftbHqGzhha7S/D1Em0Ca1E9NI5ogTBz9b4x5RnBZ5sRjWjzuoJook7C4yKw
zY35u4XZUF8vw0yj5rYssl1SkfFwlRLyBzdVF1lmjWVu61qo4v5oWnStbs0JyWnZ
qjMEUZ8gKzo3YEzWb3/uMZrb36UKyyOaQwgYtCsFOUzcDpQJiZk1aNaOuu0yqO1x
v1qWe4tYcosbfv1rHOCzdIa95/L2UNfoREHB/vZMGyOyWgSjIyPixfOt9Kgoa7ON
nR4RjIkADnc6VU+sRH+FFQ4klckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ6Og2R
0BF9jpfeHE7z7nJCIs6tSDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2E5ZDQ5NzAtOGU5Yy00ZDExLWExYzYtNzcyYTU3MTMzNGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAbO5CEOxtY68g/gC8Koc6jvRf82SSvk4RFKX2dspg
U9vUes6VMJb+bhR33p3DcW7KD1XHAf1MrRvQA6VycpzP3KBUjWYmfpLveAI/6x7y
2mBYda5Ect3HDd60EnYCPu9Vr+Z+h5jG78uSj+nEz0IsXqRc+bTQrU076xDVxfFi
/rWb84DwxVtdOLqD+l/9PKAO8sesIWSIBmNMLdofgA5kmRWqDO6kz+E1aqdb7US7
eJKy1SUneAm8nuHCAkoTLJwuDRSgp5GQSZoMYnO8sOWz099PvaMvjeN3M5X88tQd
8nIw1BJiQsN9oEaTbCR/UuAlKQb2c9Z6kl0ReDKr+w2EJg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:51 2025 by rpki-client