Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: 8C/CyyFNfgR6TWRT6XdMLbsaW87GWrQVscHmwtNYyUI=
Subject key identifier: 8D:65:66:FA:D7:22:7A:50:D3:10:A8:83:CB:23:FE:18:CC:BA:42:2B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DCD6D8F02CE1DA008C933400DA45D0AD5D9B765
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Tue 20 May 2025 20:40:45 +0000
ROA not before: Tue 20 May 2025 20:40:45 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:cd:6d:8f:02:ce:1d:a0:08:c9:33:40:0d:a4:5d:0a:d5:d9:b7:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:45 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=deefcc23a5802b759a30f69773d4bf5eca93ecc94512819d611c029e2a3ef09a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:74:00:0e:9a:87:a0:db:0b:86:10:f3:8f:fb:
b4:00:fb:a5:b1:96:8e:d9:2b:6c:0c:d6:b3:62:a1:
2d:59:69:1b:b7:49:58:04:22:4e:73:59:ec:91:c5:
54:bd:c4:31:f2:d5:d2:ad:b4:d1:3f:d3:40:89:a7:
91:23:80:0c:cc:ea:19:72:06:35:07:cd:ed:b1:3b:
e9:4a:59:81:01:6c:bd:66:99:5c:8f:67:59:e8:46:
13:6b:0e:66:e1:88:1e:65:12:96:e2:e5:7e:4f:ad:
73:91:e3:9b:ed:df:39:a5:48:ba:89:11:33:14:ce:
75:fa:fb:99:17:4a:7b:3c:4f:23:6c:a7:50:c1:3a:
69:12:1a:c9:dd:44:50:45:13:88:d2:f0:ac:40:2f:
ac:cb:d4:3e:6c:ed:5f:b8:58:1a:bc:b3:d0:b9:9f:
df:ea:90:70:ce:33:de:90:94:5f:fd:f6:23:93:1b:
65:95:2b:ad:67:d9:7d:e2:f8:34:8a:6b:a7:dc:0b:
b0:2b:2c:ba:18:dd:fb:41:09:b2:48:54:cc:98:49:
7c:46:8f:4c:14:e9:ef:15:05:f6:4c:02:6e:36:84:
b0:5a:c5:a7:52:f3:8d:a3:eb:67:b5:a2:cc:eb:ec:
29:87:02:3a:77:7c:4b:93:1a:b1:b7:9b:5e:19:45:
58:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:65:66:FA:D7:22:7A:50:D3:10:A8:83:CB:23:FE:18:CC:BA:42:2B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ba:7a:98:b8:4f:cb:61:75:cb:c4:0f:86:1e:a2:eb:80:32:57:
48:da:0e:d1:65:c1:d2:ce:c2:d3:bd:2c:c3:cf:7b:85:74:b7:
61:cf:8c:b4:cb:60:c4:f8:fa:cf:d8:c3:83:d1:b5:95:db:82:
0e:43:62:e4:46:d0:45:5e:be:9d:b9:d6:44:97:1e:34:2d:54:
6e:27:58:a3:f0:e7:58:7a:66:f7:31:a3:8c:6a:68:a1:ae:61:
3a:e3:e5:7e:55:7a:d3:a0:5e:bf:13:ee:3b:95:4d:b7:77:fc:
48:74:b8:bc:9a:b6:99:ec:90:e2:88:5f:52:51:b8:90:96:b6:
79:5a:24:c9:48:88:e9:89:83:d3:bb:d4:07:ee:20:c0:df:73:
28:8c:cc:e5:6d:5a:6e:cc:f5:96:f1:9a:ff:85:29:51:37:6f:
e3:f1:35:3e:3f:6c:a3:90:6f:4c:9f:bd:74:f8:69:30:f5:fc:
7d:cd:c9:f2:cb:0c:ec:d4:67:d5:52:7a:b3:ee:44:22:ee:47:
d5:ce:d7:0c:a8:27:0f:f1:a8:99:98:57:e3:a3:89:c8:7a:d1:
4e:70:f2:a9:c7:bb:7f:79:eb:e8:f2:76:60:d6:4a:ed:24:da:
97:2d:0f:a7:14:61:f8:94:f2:c7:20:19:3c:7f:51:ec:54:4a:
f8:bf:bd:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDc1tjwLOHaAIyTNADaRdCtXZt2UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNDVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlZWZjYzIzYTU4MDJiNzU5YTMwZjY5NzczZDRiZjVlY2E5M2VjYzk0NTEy
ODE5ZDYxMWMwMjllMmEzZWYwOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMB0AA6ah6DbC4YQ84/7tAD7pbGWjtkrbAzWs2KhLVlpG7dJWAQiTnNZ7JHF
VL3EMfLV0q200T/TQImnkSOADMzqGXIGNQfN7bE76UpZgQFsvWaZXI9nWehGE2sO
ZuGIHmUSluLlfk+tc5Hjm+3fOaVIuokRMxTOdfr7mRdKezxPI2ynUME6aRIayd1E
UEUTiNLwrEAvrMvUPmztX7hYGryz0Lmf3+qQcM4z3pCUX/32I5MbZZUrrWfZfeL4
NIprp9wLsCssuhjd+0EJskhUzJhJfEaPTBTp7xUF9kwCbjaEsFrFp1LzjaPrZ7Wi
zOvsKYcCOnd8S5MasbebXhlFWM0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSNZWb6
1yJ6UNMQqIPLI/4YzLpCKzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAunqYuE/LYXXLxA+GHqLrgDJXSNoO0WXB0s7C070s
w897hXS3Yc+MtMtgxPj6z9jDg9G1lduCDkNi5EbQRV6+nbnWRJceNC1UbidYo/Dn
WHpm9zGjjGpooa5hOuPlflV606BevxPuO5VNt3f8SHS4vJq2meyQ4ohfUlG4kJa2
eVokyUiI6YmD07vUB+4gwN9zKIzM5W1absz1lvGa/4UpUTdv4/E1Pj9so5BvTJ+9
dPhpMPX8fc3J8ssM7NRn1VJ6s+5EIu5H1c7XDKgnD/GomZhX46OJyHrRTnDyqce7
f3nr6PJ2YNZK7STaly0PpxRh+JTyxyAZPH9R7FRK+L+9BA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:17:23 2025 by rpki-client