Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
File: 80e298e3-975b-4cea-9586-8d04a37a53a2.roa (raw, json)
Hash identifier: PPbRF9R2PhMEoZgM2MgT5H/6Tdy7GOnMSMTAymh4TVw=
Subject key identifier: E0:69:4F:AC:4E:CE:E2:21:0B:1A:E0:08:1B:E5:53:C6:66:85:D2:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 779F41A71C04FD1489CA6D109F92BEFFB11D4110
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
Signing time: Tue 15 Apr 2025 15:10:07 +0000
ROA not before: Tue 15 Apr 2025 15:10:07 +0000
ROA not after: Tue 20 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:9f:41:a7:1c:04:fd:14:89:ca:6d:10:9f:92:be:ff:b1:1d:41:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 15 15:10:07 2025 GMT
Not After : May 20 23:59:59 2025 GMT
Subject: serialNumber=ff23b812ca6b68867e670975c47b6241b2b62c1ca089f17154b5d874ff8d09e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c3:71:63:c2:0e:23:6f:59:92:73:1e:1d:b8:
df:30:53:97:71:2a:2b:08:0e:97:0f:96:b8:f5:9a:
72:23:07:6b:85:50:6e:d0:91:89:09:54:8b:58:9e:
dc:37:39:22:4a:c8:ac:25:26:a7:2c:3e:3c:9b:3c:
f5:76:d1:ef:e0:e3:77:e1:f1:86:fa:f3:89:66:ea:
d3:a7:cd:80:60:b9:b4:98:2d:1c:cc:3f:c8:ca:17:
32:5f:5a:08:94:3e:79:0a:40:6e:26:28:2e:b6:4b:
18:2d:12:82:a4:05:14:e8:21:f2:d6:04:98:e3:71:
e5:a4:d7:b0:d2:b9:ff:e3:05:cb:18:59:0f:e3:5f:
06:4d:ab:32:15:f3:f9:e7:34:c1:56:27:b5:3e:f6:
dc:92:12:f3:78:82:5b:29:f0:df:75:95:cd:6b:16:
44:a3:e6:12:3d:23:b6:37:32:f9:09:da:6c:56:62:
6b:15:27:d3:7f:62:14:9c:7b:6e:82:b4:35:ec:cd:
e5:6c:0e:36:9e:e0:46:ed:c1:35:31:50:d7:40:c8:
a8:ab:0a:9a:6b:7b:0c:1d:d1:14:a4:94:8c:3d:63:
6a:cf:52:ce:79:16:4a:6a:86:fa:92:1b:03:aa:56:
5f:09:96:a8:9f:64:b6:91:f5:9e:b6:ea:f2:d2:94:
30:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:69:4F:AC:4E:CE:E2:21:0B:1A:E0:08:1B:E5:53:C6:66:85:D2:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:ba:56:cc:22:f5:87:37:0c:9e:53:f6:48:57:69:18:c9:28:
39:cc:92:f1:2b:dd:ff:37:cc:ef:a7:ad:66:91:59:4f:47:63:
f7:c5:1d:29:32:ec:a6:01:94:d5:f3:8f:b0:04:a3:84:83:1d:
e7:bf:da:44:c5:3d:d6:e2:16:85:2c:1c:04:8e:1d:86:c8:29:
45:ae:f2:1f:6f:40:f8:d0:75:3d:8f:a4:d8:eb:21:07:05:03:
e2:e4:d8:fd:0a:86:b5:4d:73:7b:01:61:3f:79:2a:51:10:f2:
c2:e5:d3:ee:e7:1d:56:b9:1c:0a:30:18:c6:3f:4d:1d:e4:e5:
d9:72:52:dd:32:08:80:6f:34:57:c3:6c:28:7b:97:dc:1e:9b:
37:cd:0b:06:7f:5f:4c:db:b2:78:80:7b:ee:65:95:66:97:3e:
7f:a3:91:91:0a:81:99:72:c2:ff:99:70:da:79:5d:fb:20:3b:
3a:12:73:db:ef:15:e9:ce:e3:52:d0:3d:26:0c:88:47:cb:d0:
e0:b8:d3:be:4d:ab:d4:70:5e:8e:bc:4d:43:c2:7b:cf:2a:b5:
01:f9:0c:80:31:6e:39:3e:70:e9:af:0b:7a:bf:8d:8b:fc:7d:
d2:72:be:52:19:cc:72:74:fb:af:b3:40:58:0e:e6:7a:8f:f5:
bd:51:0e:10
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd59BpxwE/RSJym0Qn5K+/7EdQRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MTUxNTEwMDdaFw0yNTA1MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmMjNiODEyY2E2YjY4ODY3ZTY3MDk3NWM0N2I2MjQxYjJiNjJjMWNhMDg5
ZjE3MTU0YjVkODc0ZmY4ZDA5ZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3DcWPCDiNvWZJzHh243zBTl3EqKwgOlw+WuPWaciMHa4VQbtCRiQlUi1ie
3Dc5IkrIrCUmpyw+PJs89XbR7+Djd+HxhvrziWbq06fNgGC5tJgtHMw/yMoXMl9a
CJQ+eQpAbiYoLrZLGC0SgqQFFOgh8tYEmONx5aTXsNK5/+MFyxhZD+NfBk2rMhXz
+ec0wVYntT723JIS83iCWynw33WVzWsWRKPmEj0jtjcy+QnabFZiaxUn039iFJx7
boK0NezN5WwONp7gRu3BNTFQ10DIqKsKmmt7DB3RFKSUjD1jas9SznkWSmqG+pIb
A6pWXwmWqJ9ktpH1nrbq8tKUMDcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgaU+s
Ts7iIQsa4Agb5VPGZoXS1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBlMjk4ZTMtOTc1Yi00Y2VhLTk1ODYtOGQwNGEzN2E1M2EyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADldMA0G
CSqGSIb3DQEBCwUAA4IBAQCZulbMIvWHNwyeU/ZIV2kYySg5zJLxK93/N8zvp61m
kVlPR2P3xR0pMuymAZTV84+wBKOEgx3nv9pExT3W4haFLBwEjh2GyClFrvIfb0D4
0HU9j6TY6yEHBQPi5Nj9Coa1TXN7AWE/eSpREPLC5dPu5x1WuRwKMBjGP00d5OXZ
clLdMgiAbzRXw2woe5fcHps3zQsGf19M27J4gHvuZZVmlz5/o5GRCoGZcsL/mXDa
eV37IDs6EnPb7xXpzuNS0D0mDIhHy9DguNO+TavUcF6OvE1DwnvPKrUB+QyAMW45
PnDprwt6v42L/H3Scr5SGcxydPuvs0BYDuZ6j/W9UQ4Q
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:51:14 2025 by rpki-client