Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: cTaraGv+FnB9ns2TiEAXCXYk4RW+GwiBQ5XScVZL584=
Subject key identifier: 27:92:61:CA:91:E4:CD:78:F5:09:B4:EF:5F:CD:55:A6:9A:4C:90:B8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7919755F944EEA58FA8CB29201B0FF5ADB956DED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Fri 25 Apr 2025 20:40:44 +0000
ROA not before: Fri 25 Apr 2025 20:40:44 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:19:75:5f:94:4e:ea:58:fa:8c:b2:92:01:b0:ff:5a:db:95:6d:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:44 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4e94f35d5f4233ee332f01dd856beec248040513caacb308a5c921045a255c44, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:73:6d:d6:fe:19:ef:70:1a:15:97:50:35:f8:
f8:45:6e:82:e4:e0:9f:d0:35:a0:55:7b:71:65:09:
02:7e:96:e4:a0:04:de:24:1e:66:20:66:d6:d5:71:
70:45:da:4d:11:4e:b3:eb:11:c8:5a:01:a7:c9:d6:
9a:3d:ee:c4:e1:e9:67:13:80:0e:0b:44:46:8d:63:
7f:e7:5b:8e:0d:28:17:0b:18:8e:ff:c3:93:08:b6:
3d:03:d7:1a:87:8b:ed:92:a2:cc:14:21:4c:92:3b:
f8:de:46:41:0b:c6:0b:0c:59:2d:e2:f1:84:0b:16:
5d:d4:ba:77:fd:9b:1e:d3:e9:3c:02:aa:1e:e6:66:
96:b1:63:18:19:eb:9b:81:3c:63:a5:13:6e:c1:79:
35:e8:cc:c6:50:34:1d:1e:cf:b0:bd:16:99:36:58:
74:03:98:b9:63:9e:32:73:a1:29:fc:eb:f3:54:84:
55:3d:65:03:f5:db:09:f2:f6:aa:fe:0e:6a:b8:e8:
77:4f:78:6f:bf:b5:68:b3:1b:81:e3:1a:7a:06:8e:
be:a8:5c:84:cb:46:60:e5:b8:73:a4:f7:f3:53:a0:
3b:3c:40:bb:9c:61:35:a5:dc:b4:60:c2:82:5d:7e:
82:aa:ae:5e:7f:9e:1e:20:88:8b:8a:bf:51:25:ce:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:92:61:CA:91:E4:CD:78:F5:09:B4:EF:5F:CD:55:A6:9A:4C:90:B8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
96:38:f6:42:f2:d5:58:91:9c:01:26:11:de:eb:02:d3:b1:2b:
06:6d:71:67:aa:7d:a3:7c:68:7d:0d:dd:a9:fd:d6:b0:2f:9d:
49:5f:eb:6e:e3:82:a1:2f:39:6a:17:f8:f4:06:42:33:61:4d:
f2:7c:1a:29:76:e8:55:bf:83:bc:9e:bb:39:dc:cf:2f:9b:7f:
b9:47:0f:c8:24:0d:e7:80:dd:9e:c0:24:1c:e8:26:58:d5:00:
be:bc:5c:de:2f:2d:b4:57:43:bc:dd:3b:f6:c5:c5:fd:2b:5d:
c1:b6:7d:d1:c1:dd:88:78:de:7c:e9:66:f2:8b:9b:73:81:49:
80:f4:6b:db:15:bb:18:42:9f:f7:91:14:45:6a:f7:43:b5:2a:
ed:da:f0:32:a5:45:61:f5:2e:df:c3:f4:dc:94:59:12:ba:c3:
77:10:3b:f6:45:02:5b:3a:b4:89:70:7c:96:82:a7:58:c7:84:
9c:2c:65:63:d7:18:28:76:ad:11:0d:f1:40:82:27:6b:4e:6a:
a1:6c:f3:94:3e:35:de:e9:fe:01:e7:97:30:89:4e:12:3c:3a:
a0:63:5b:33:48:7b:b2:d8:13:14:88:96:25:17:c9:04:22:4b:
94:25:1a:8e:97:11:b1:dc:f8:10:6b:8b:58:98:2c:d9:fe:60:
ea:29:72:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeRl1X5RO6lj6jLKSAbD/WtuVbe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwNDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlOTRmMzVkNWY0MjMzZWUzMzJmMDFkZDg1NmJlZWMyNDgwNDA1MTNjYWFj
YjMwOGE1YzkyMTA0NWEyNTVjNDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1zbdb+Ge9wGhWXUDX4+EVuguTgn9A1oFV7cWUJAn6W5KAE3iQeZiBm1tVx
cEXaTRFOs+sRyFoBp8nWmj3uxOHpZxOADgtERo1jf+dbjg0oFwsYjv/Dkwi2PQPX
GoeL7ZKizBQhTJI7+N5GQQvGCwxZLeLxhAsWXdS6d/2bHtPpPAKqHuZmlrFjGBnr
m4E8Y6UTbsF5NejMxlA0HR7PsL0WmTZYdAOYuWOeMnOhKfzr81SEVT1lA/XbCfL2
qv4Oarjod094b7+1aLMbgeMaegaOvqhchMtGYOW4c6T381OgOzxAu5xhNaXctGDC
gl1+gqquXn+eHiCIi4q/USXO8DsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQnkmHK
keTNePUJtO9fzVWmmkyQuDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQCWOPZC8tVYkZwBJhHe6wLTsSsGbXFnqn2jfGh9Dd2p
/dawL51JX+tu44KhLzlqF/j0BkIzYU3yfBopduhVv4O8nrs53M8vm3+5Rw/IJA3n
gN2ewCQc6CZY1QC+vFzeLy20V0O83Tv2xcX9K13Btn3Rwd2IeN586Wbyi5tzgUmA
9GvbFbsYQp/3kRRFavdDtSrt2vAypUVh9S7fw/TclFkSusN3EDv2RQJbOrSJcHyW
gqdYx4ScLGVj1xgodq0RDfFAgidrTmqhbPOUPjXe6f4B55cwiU4SPDqgY1szSHuy
2BMUiJYlF8kEIkuUJRqOlxGx3PgQa4tYmCzZ/mDqKXIu
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:48:55 2025 by rpki-client