Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: HXsQKmVg+xbQkvPeCk/3HR36Fla/0E31bGL0UZBMyVs=
Subject key identifier: 94:D6:88:A5:1F:25:E1:46:91:3F:7C:DD:DA:50:E7:35:AE:BC:25:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7801640CDB385C91E52CAD467CD9F8167E88320A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Tue 20 May 2025 20:41:25 +0000
ROA not before: Tue 20 May 2025 20:41:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:01:64:0c:db:38:5c:91:e5:2c:ad:46:7c:d9:f8:16:7e:88:32:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=f40605b925dc832dcdef1f3e56980f2684c7050231b968fc1b336c160d5e0ff7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d7:7c:07:a7:a5:0e:9f:85:6d:76:35:a2:d4:
8c:4f:d6:21:66:5f:b5:1e:3d:b2:fd:ac:eb:82:5d:
85:88:28:5e:db:a0:33:01:ef:a5:00:b7:a9:c2:84:
85:34:10:e0:1b:1c:5d:fa:13:05:35:d7:ad:e6:ff:
7d:20:0a:1b:91:40:35:03:bf:03:91:59:15:fc:f4:
6b:cb:f2:65:b1:fa:f3:93:c8:9e:2d:b8:d8:b8:c6:
80:29:51:89:ae:fd:8a:2a:0e:35:5e:0d:fb:52:56:
41:6f:48:d4:e3:2d:2a:b5:3d:64:82:76:e0:39:66:
83:a2:0b:b8:ca:0b:64:66:ad:83:81:75:73:f5:f6:
f7:8e:fb:7d:8d:16:e9:6d:f1:02:e2:6a:16:87:3a:
63:70:64:c7:6f:af:d4:09:ac:cb:73:0e:85:ee:67:
ca:70:71:d1:2c:a6:2f:df:c8:23:64:8b:62:6e:39:
d5:69:03:57:4e:3a:98:59:12:a8:28:f7:00:30:f7:
c2:cf:dc:a4:71:7d:a9:7a:ef:3b:05:56:ca:c8:90:
90:90:66:78:c3:d7:51:1a:cc:cc:df:91:b1:08:07:
e4:80:f5:29:c8:64:d9:87:55:59:aa:09:6c:27:ff:
5b:cf:c9:85:23:18:43:6e:af:6b:8c:4e:0f:64:7c:
6a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D6:88:A5:1F:25:E1:46:91:3F:7C:DD:DA:50:E7:35:AE:BC:25:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
cb:b0:1e:81:42:86:ca:08:b0:59:14:54:a7:d7:07:ee:9e:d7:
82:24:43:11:c1:7b:dc:33:19:a3:55:3e:f1:73:1b:57:28:8e:
58:29:fe:b1:e4:b0:ff:72:5a:d0:c2:01:ad:77:d5:bf:51:d0:
54:3c:dd:c5:e1:35:4d:18:ee:80:02:60:bc:8a:0f:d5:15:97:
8a:6a:4d:82:64:cd:e3:fd:ef:31:51:ef:89:21:b7:e5:fb:5e:
3c:2e:3b:71:e0:7f:73:fb:16:e0:d6:a6:27:cf:07:ab:08:dc:
a3:20:9e:0b:e6:22:4f:ec:73:46:f9:fc:05:03:df:7b:10:4e:
96:f9:f7:7c:31:a9:33:19:ed:6a:33:24:de:55:d6:16:4a:ea:
03:6b:fd:20:3d:33:f8:ef:5d:43:cf:1f:ca:1f:97:3a:ad:73:
c5:aa:1b:eb:50:26:48:af:93:0e:a5:a7:27:20:eb:6d:0b:bc:
5a:7e:aa:d0:9b:bf:20:e3:e4:5e:8c:de:48:a0:3d:47:4d:b0:
56:d8:70:25:75:49:04:a3:00:ac:5b:d7:19:46:79:28:d6:17:
c6:a7:dd:08:fb:86:6f:a9:3c:ff:d4:70:d5:e9:76:54:50:70:
63:5e:97:d2:d4:79:8c:2e:23:52:2f:b7:f7:c6:02:26:eb:da:
6f:f8:17:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeAFkDNs4XJHlLK1GfNn4Fn6IMgowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MDYwNWI5MjVkYzgzMmRjZGVmMWYzZTU2OTgwZjI2ODRjNzA1MDIzMWI5
NjhmYzFiMzM2YzE2MGQ1ZTBmZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/XfAenpQ6fhW12NaLUjE/WIWZftR49sv2s64JdhYgoXtugMwHvpQC3qcKE
hTQQ4BscXfoTBTXXreb/fSAKG5FANQO/A5FZFfz0a8vyZbH685PIni242LjGgClR
ia79iioONV4N+1JWQW9I1OMtKrU9ZIJ24Dlmg6ILuMoLZGatg4F1c/X29477fY0W
6W3xAuJqFoc6Y3Bkx2+v1Amsy3MOhe5nynBx0SymL9/II2SLYm451WkDV046mFkS
qCj3ADD3ws/cpHF9qXrvOwVWysiQkJBmeMPXURrMzN+RsQgH5ID1Kchk2YdVWaoJ
bCf/W8/JhSMYQ26va4xOD2R8ajsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSU1oil
HyXhRpE/fN3aUOc1rrwlOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAy7AegUKGygiwWRRUp9cH7p7XgiRDEcF73DMZo1U+
8XMbVyiOWCn+seSw/3Ja0MIBrXfVv1HQVDzdxeE1TRjugAJgvIoP1RWXimpNgmTN
4/3vMVHviSG35ftePC47ceB/c/sW4NamJ88HqwjcoyCeC+YiT+xzRvn8BQPfexBO
lvn3fDGpMxntajMk3lXWFkrqA2v9ID0z+O9dQ88fyh+XOq1zxaob61AmSK+TDqWn
JyDrbQu8Wn6q0Ju/IOPkXozeSKA9R02wVthwJXVJBKMArFvXGUZ5KNYXxqfdCPuG
b6k8/9Rw1el2VFBwY16X0tR5jC4jUi+398YCJuvab/gXlQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:31 2025 by rpki-client