Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: Vc6vkck/uz3g9B5nq1XbvbZoOnKz+Pk0msxNlD69iL0=
Subject key identifier: FE:90:BB:CC:0E:26:2F:79:6F:CA:B2:72:FE:5F:18:CB:53:16:27:C0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11F60CFB673D89FE4A6FBF941AE6A372BAD8B3EB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Tue 20 May 2025 20:50:13 +0000
ROA not before: Tue 20 May 2025 20:50:13 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:f6:0c:fb:67:3d:89:fe:4a:6f:bf:94:1a:e6:a3:72:ba:d8:b3:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:13 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b7570dae924397df13d9706bbe2aeaeb4fb3a5cc2435dda36c73c82aa214307d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0a:35:1f:c1:dc:36:a0:03:bc:4c:50:75:d3:
40:4e:d2:ad:29:a5:78:9a:22:45:77:89:15:91:c1:
96:b5:69:38:46:dd:de:59:82:bb:63:ed:59:1c:40:
cd:23:67:33:05:23:e4:e4:9b:16:49:0d:d5:55:a4:
71:49:cb:6c:5f:50:09:a4:b1:77:b3:52:80:08:87:
2d:8a:66:8e:c9:f0:15:77:0c:9b:3a:46:64:71:23:
3d:d5:50:96:45:cb:c6:06:a6:73:b8:0a:20:f1:a6:
69:b2:07:82:ab:81:fc:3e:75:68:c8:67:a8:2b:69:
6b:79:65:49:75:dd:a8:20:7e:7c:3f:1d:0b:bc:79:
b8:a7:b2:6c:80:ba:10:d5:f9:b2:1e:35:c0:15:eb:
ed:4c:3c:0e:2b:e3:4f:f3:5c:3a:4e:1d:44:65:86:
bf:0c:d8:57:77:86:7f:b2:6c:e4:78:64:d2:dc:e5:
aa:51:60:52:20:f0:b5:39:14:e4:fe:31:f1:47:a8:
78:35:ef:8d:48:7c:c0:2a:05:cf:64:1b:36:13:75:
ae:f4:27:e0:18:80:e7:34:fb:25:7a:ff:36:0c:45:
48:bc:84:0e:d2:8c:e1:53:29:12:0c:fc:d0:85:a8:
4f:c1:9a:93:83:4c:23:83:2c:63:85:9d:51:66:68:
22:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:90:BB:CC:0E:26:2F:79:6F:CA:B2:72:FE:5F:18:CB:53:16:27:C0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:f3:8b:89:91:17:35:d2:c2:3f:c8:7d:9f:78:a7:59:c5:62:
f6:1f:02:c5:76:ca:10:a6:21:f0:ef:27:13:7f:93:3a:f8:a6:
cc:ef:9e:fb:db:8b:c2:2f:e8:92:f1:2c:d8:eb:0a:c0:11:55:
27:56:25:7d:d2:c1:de:63:e8:79:27:39:e5:08:4b:64:0a:18:
fb:85:b4:05:9c:21:2b:9e:08:ad:a6:64:1e:0a:95:34:98:c3:
e7:ec:29:1d:91:03:b0:fb:a1:db:e2:fc:00:26:19:a8:94:e2:
45:12:14:0b:7d:cb:0a:ee:ef:19:6c:f2:02:24:c1:91:64:79:
13:d0:a7:99:a5:1e:bc:d5:9f:1a:4f:51:60:32:e1:c5:31:5f:
51:3c:11:6c:aa:f3:32:64:c7:3a:c0:e9:5a:12:5e:6d:16:2d:
3f:d1:40:9a:c0:0e:c2:53:a5:e0:fc:f5:4b:6b:20:ff:30:e5:
af:09:bd:cf:43:e3:e8:90:3b:50:1c:5c:67:93:e2:70:24:2a:
e5:ad:2f:06:6f:80:af:c0:04:a0:a6:52:78:25:c6:9f:be:f9:
ac:91:be:d0:48:ca:01:f5:cb:53:34:9f:df:17:c5:b4:8c:43:
3b:48:44:9d:0b:13:4d:c6:2d:8e:bd:70:84:61:0b:c1:be:ba:
ff:0d:cb:50
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEfYM+2c9if5Kb7+UGuajcrrYs+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI3NTcwZGFlOTI0Mzk3ZGYxM2Q5NzA2YmJlMmFlYWViNGZiM2E1Y2MyNDM1
ZGRhMzZjNzNjODJhYTIxNDMwN2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIsKNR/B3DagA7xMUHXTQE7SrSmleJoiRXeJFZHBlrVpOEbd3lmCu2PtWRxA
zSNnMwUj5OSbFkkN1VWkcUnLbF9QCaSxd7NSgAiHLYpmjsnwFXcMmzpGZHEjPdVQ
lkXLxgamc7gKIPGmabIHgquB/D51aMhnqCtpa3llSXXdqCB+fD8dC7x5uKeybIC6
ENX5sh41wBXr7Uw8DivjT/NcOk4dRGWGvwzYV3eGf7Js5Hhk0tzlqlFgUiDwtTkU
5P4x8UeoeDXvjUh8wCoFz2QbNhN1rvQn4BiA5zT7JXr/NgxFSLyEDtKM4VMpEgz8
0IWoT8Gak4NMI4MsY4WdUWZoIpUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+kLvM
DiYveW/KsnL+XxjLUxYnwDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQAE84uJkRc10sI/yH2feKdZxWL2HwLFdsoQpiHw7ycT
f5M6+KbM757724vCL+iS8SzY6wrAEVUnViV90sHeY+h5JznlCEtkChj7hbQFnCEr
ngitpmQeCpU0mMPn7CkdkQOw+6Hb4vwAJhmolOJFEhQLfcsK7u8ZbPICJMGRZHkT
0KeZpR681Z8aT1FgMuHFMV9RPBFsqvMyZMc6wOlaEl5tFi0/0UCawA7CU6Xg/PVL
ayD/MOWvCb3PQ+PokDtQHFxnk+JwJCrlrS8Gb4CvwASgplJ4Jcafvvmskb7QSMoB
9ctTNJ/fF8W0jEM7SESdCxNNxi2OvXCEYQvBvrr/DctQ
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:30 2025 by rpki-client