Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: Iq3qBupHoWTz4lJl8qQAzLxM7FndVuWDNKSt81Dj5+Q=
Subject key identifier: 51:5E:D6:3C:2B:CC:4E:57:73:C4:DC:E3:1C:B7:7E:12:3F:CD:9C:1C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39B2FB77F56FC4FCB4546BFF9E46A2CDB5BC346C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Fri 25 Apr 2025 20:31:28 +0000
ROA not before: Fri 25 Apr 2025 20:31:28 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:b2:fb:77:f5:6f:c4:fc:b4:54:6b:ff:9e:46:a2:cd:b5:bc:34:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:28 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5669685a43b0318f6b29eccacdee2019f110351a36b086208eec632479ada8bf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e5:09:68:bb:af:5e:a8:50:a4:84:47:1f:ac:
1b:3e:be:b1:72:36:92:c4:be:0f:2c:6a:24:7e:33:
1c:73:1d:16:19:4d:ed:06:68:ca:de:71:1d:c5:74:
f6:9c:eb:b1:c8:2b:b8:80:54:77:62:77:58:28:45:
77:7e:92:90:16:ba:b6:08:e8:11:fe:e8:49:e9:c8:
6d:40:b7:d5:9f:cf:b5:c2:b4:ce:e9:0d:92:b7:21:
f5:e7:54:c8:ac:91:3f:96:f6:29:3d:93:9d:69:3d:
ce:51:6d:15:07:10:32:02:5e:ef:1d:4d:79:de:c1:
8d:4f:b9:99:61:e6:9e:1a:c4:1c:53:08:60:60:6d:
64:02:cc:96:c8:3f:82:eb:5d:d9:a6:4e:80:da:46:
55:a5:3c:55:da:61:ee:d1:42:b5:f9:f2:d0:16:bd:
b8:12:c8:02:d3:29:e0:16:29:c6:21:6d:a0:f6:d4:
8a:39:de:15:c0:75:b0:6c:3c:93:90:68:c3:74:9f:
a6:53:8a:00:e2:c8:39:7c:02:3a:51:69:88:7b:6c:
32:98:61:07:7a:51:23:73:75:5b:31:2f:0b:c0:af:
74:08:58:d4:eb:a1:cd:ff:2f:9f:6f:85:0c:b8:de:
56:07:13:ac:ec:2b:d8:46:8e:7d:77:51:60:66:6e:
60:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:5E:D6:3C:2B:CC:4E:57:73:C4:DC:E3:1C:B7:7E:12:3F:CD:9C:1C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
c9:72:54:02:b2:97:41:df:5d:0b:c5:8b:ea:7a:43:6f:3d:6b:
c7:d5:f0:63:ff:51:a4:87:9b:38:c0:fb:b1:72:31:8f:ab:8c:
35:58:f6:08:7d:95:e4:17:47:3a:27:22:85:45:c4:44:ac:e6:
c3:36:2f:de:ff:99:ae:a3:ca:32:c6:51:3c:97:91:c7:5c:65:
1e:35:e6:61:58:ae:64:26:69:e9:01:95:4f:1e:5d:a7:a8:b4:
3e:8d:e7:13:df:58:b0:e1:35:81:06:38:7a:7c:e4:cc:b7:4d:
b5:51:82:9b:e3:17:ec:8a:77:fb:02:e2:cc:50:67:09:37:9c:
63:1b:0d:25:84:29:87:b7:a2:3d:e2:89:f6:fb:b8:e3:68:fd:
59:89:77:8e:50:70:86:04:e1:e3:c4:0e:42:5a:89:1b:6b:80:
6b:b2:4a:f0:03:0e:68:c0:43:10:76:e4:d8:ec:5f:a7:8a:56:
e8:9e:76:bc:ac:3d:21:64:e7:3c:8e:77:47:fd:19:55:05:d3:
6a:4f:72:2e:1e:6f:c7:9b:2a:12:e0:a1:35:29:b8:c0:9c:48:
05:74:fc:72:d1:9b:c4:a0:91:6b:70:08:28:29:d5:41:42:cb:
47:b0:0b:25:cd:67:d1:f3:33:8e:8b:7d:b8:ec:bf:95:41:04:
00:ca:cd:98
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUObL7d/VvxPy0VGv/nkaizbW8NGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjhaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2Njk2ODVhNDNiMDMxOGY2YjI5ZWNjYWNkZWUyMDE5ZjExMDM1MWEzNmIw
ODYyMDhlZWM2MzI0NzlhZGE4YmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/lCWi7r16oUKSERx+sGz6+sXI2ksS+DyxqJH4zHHMdFhlN7QZoyt5xHcV0
9pzrscgruIBUd2J3WChFd36SkBa6tgjoEf7oSenIbUC31Z/PtcK0zukNkrch9edU
yKyRP5b2KT2TnWk9zlFtFQcQMgJe7x1Ned7BjU+5mWHmnhrEHFMIYGBtZALMlsg/
gutd2aZOgNpGVaU8Vdph7tFCtfny0Ba9uBLIAtMp4BYpxiFtoPbUijneFcB1sGw8
k5Bow3SfplOKAOLIOXwCOlFpiHtsMphhB3pRI3N1WzEvC8CvdAhY1Ouhzf8vn2+F
DLjeVgcTrOwr2EaOfXdRYGZuYFcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRRXtY8
K8xOV3PE3OMct34SP82cHDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAyXJUArKXQd9dC8WL6npDbz1rx9XwY/9RpIebOMD7
sXIxj6uMNVj2CH2V5BdHOicihUXERKzmwzYv3v+ZrqPKMsZRPJeRx1xlHjXmYViu
ZCZp6QGVTx5dp6i0Po3nE99YsOE1gQY4enzkzLdNtVGCm+MX7Ip3+wLizFBnCTec
YxsNJYQph7eiPeKJ9vu442j9WYl3jlBwhgTh48QOQlqJG2uAa7JK8AMOaMBDEHbk
2Oxfp4pW6J52vKw9IWTnPI53R/0ZVQXTak9yLh5vx5sqEuChNSm4wJxIBXT8ctGb
xKCRa3AIKCnVQULLR7ALJc1n0fMzjot9uOy/lUEEAMrNmA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:50:28 2025 by rpki-client