Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: OBfBNgWt+Wa+gjJREE2pusrbtZLrD3EZGNMifaUGB4U=
Subject key identifier: 9A:41:DC:F3:5C:AE:FA:89:80:4F:13:2C:EE:28:14:44:6F:FE:B5:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 727612C6620500DD29BFD808EA84BCD560EF9FA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Sat 31 May 2025 00:50:20 +0000
ROA not before: Sat 31 May 2025 00:50:20 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:76:12:c6:62:05:00:dd:29:bf:d8:08:ea:84:bc:d5:60:ef:9f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:20 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=e0faca669a3701efc9cb0c31108d9fd8a1e6de4d20ff722281708562c3e3eeb5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:76:f2:86:6f:c5:23:cf:93:27:ef:47:8b:1e:
90:a0:28:f3:34:07:37:2d:df:e2:30:4d:6d:23:61:
5a:15:bc:d6:20:62:34:7b:ce:4d:71:9d:7c:d0:4a:
8c:79:ce:c9:9e:7e:c5:b3:31:9d:6c:02:45:f7:38:
b1:c8:79:f1:c4:fa:a4:46:b6:d3:0d:ff:cc:45:88:
e5:d0:b2:83:f2:b1:ca:ba:5f:0b:54:c3:33:d2:b4:
72:fa:12:c0:13:52:36:5a:5a:42:40:71:ce:63:ff:
f2:f8:82:ca:f0:ab:a7:ea:2f:63:35:2a:78:eb:fc:
fa:b4:ad:58:f2:df:b8:48:32:0c:14:4f:5e:0e:c9:
73:10:bd:a0:0c:9b:37:34:75:f7:52:30:36:1a:c4:
0e:d0:49:6c:6f:fe:f7:4b:ab:90:ef:42:65:a4:70:
c9:9c:60:f0:f4:e9:23:68:f3:45:2b:07:ca:e2:52:
41:d4:0f:1c:12:89:31:32:d4:e8:8a:46:2b:83:62:
b9:f4:16:66:00:28:bf:1a:b3:82:20:9a:b9:d4:55:
7b:5a:af:46:a2:a5:90:98:87:37:9c:f7:dc:26:ea:
4b:25:4d:3b:78:e1:d5:04:44:cb:31:f2:d2:f0:78:
bb:6e:d8:d9:b2:70:45:b5:29:24:95:16:ec:2a:df:
0b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:41:DC:F3:5C:AE:FA:89:80:4F:13:2C:EE:28:14:44:6F:FE:B5:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:c8:b4:6b:3a:fa:17:17:ee:fd:6a:1b:d5:86:16:86:21:73:
68:f9:6a:5e:f7:d2:2a:7a:3b:a4:f8:fb:c0:68:f4:27:1a:75:
12:92:fb:90:79:7b:f7:13:1a:e3:1b:6b:f1:5e:83:5e:59:27:
41:8b:52:66:00:56:00:e4:89:54:15:8c:dc:de:3b:07:8f:ae:
59:d9:0a:e3:17:8f:47:29:d8:b2:b9:46:eb:15:1a:ac:57:8e:
3f:2b:9c:66:dc:ab:d3:1c:8a:4d:d4:97:16:12:0a:13:97:91:
dd:ab:d7:16:86:4f:be:6e:00:ec:97:97:4f:a0:1f:9b:0e:ef:
00:9b:33:d4:a1:59:94:b1:61:87:c2:56:10:2c:df:c2:07:0e:
2e:bd:02:b1:e2:6f:b6:2e:5b:c2:82:9c:89:9f:fb:dd:ea:dd:
8b:1f:65:5e:34:1d:77:67:39:29:77:86:19:1e:6b:d5:2b:42:
23:a9:c8:9d:b1:c4:a3:f3:b6:fc:1d:0c:8c:0c:11:f8:12:e6:
37:b0:43:44:c5:63:b3:36:df:f3:1d:ca:3b:7a:33:76:d6:97:
6c:b6:b9:53:a8:5b:af:9b:79:9b:8e:14:0c:c7:ed:f7:71:b9:
1f:7c:9a:2c:88:82:bf:64:3c:a4:27:fe:a9:74:eb:58:a9:2e:
ca:0e:32:1d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcnYSxmIFAN0pv9gI6oS81WDvn6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjBaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwZmFjYTY2OWEzNzAxZWZjOWNiMGMzMTEwOGQ5ZmQ4YTFlNmRlNGQyMGZm
NzIyMjgxNzA4NTYyYzNlM2VlYjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALh28oZvxSPPkyfvR4sekKAo8zQHNy3f4jBNbSNhWhW81iBiNHvOTXGdfNBK
jHnOyZ5+xbMxnWwCRfc4sch58cT6pEa20w3/zEWI5dCyg/KxyrpfC1TDM9K0cvoS
wBNSNlpaQkBxzmP/8viCyvCrp+ovYzUqeOv8+rStWPLfuEgyDBRPXg7JcxC9oAyb
NzR191IwNhrEDtBJbG/+90urkO9CZaRwyZxg8PTpI2jzRSsHyuJSQdQPHBKJMTLU
6IpGK4NiufQWZgAovxqzgiCaudRVe1qvRqKlkJiHN5z33CbqSyVNO3jh1QREyzHy
0vB4u27Y2bJwRbUpJJUW7CrfCxsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSaQdzz
XK76iYBPEyzuKBREb/61uDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEA1Mi0azr6Fxfu/Wob1YYWhiFzaPlqXvfSKno7pPj7
wGj0Jxp1EpL7kHl79xMa4xtr8V6DXlknQYtSZgBWAOSJVBWM3N47B4+uWdkK4xeP
RynYsrlG6xUarFeOPyucZtyr0xyKTdSXFhIKE5eR3avXFoZPvm4A7JeXT6Afmw7v
AJsz1KFZlLFhh8JWECzfwgcOLr0CseJvti5bwoKciZ/73erdix9lXjQdd2c5KXeG
GR5r1StCI6nInbHEo/O2/B0MjAwR+BLmN7BDRMVjszbf8x3KO3ozdtaXbLa5U6hb
r5t5m44UDMft93G5H3yaLIiCv2Q8pCf+qXTrWKkuyg4yHQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:02 2025 by rpki-client