Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: 2dYw66MGUplcFoecX3hkmHgvF62jOOiOHn8TIqJh1FY=
Subject key identifier: 61:3C:C4:6D:3A:05:BB:25:AA:F7:3A:EE:05:39:64:C3:27:91:D1:89
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 634B302A7107B3DCB7BE6A385377FB171FF31918
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Fri 25 Apr 2025 20:30:58 +0000
ROA not before: Fri 25 Apr 2025 20:30:58 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:4b:30:2a:71:07:b3:dc:b7:be:6a:38:53:77:fb:17:1f:f3:19:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:58 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=7362bf631437e31a1c7abe4ac5dd98b075f1942e8fe148fb6add86cedbed3180, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:3c:db:91:af:c9:24:b0:99:6f:55:4f:f8:81:
44:77:af:bf:d0:c3:8c:12:01:eb:c1:af:38:33:e9:
f7:84:a2:43:9f:fb:58:55:01:1c:f4:ca:74:ed:c0:
86:16:35:9a:96:fe:83:3e:dc:a8:87:58:c4:e6:60:
57:43:27:06:b2:54:0f:fc:65:29:20:8b:70:d0:2b:
b4:4c:f8:11:58:ba:f7:95:01:c6:c5:af:ea:b9:0a:
93:d0:13:aa:d9:4e:a3:41:fe:6f:f9:7d:b7:14:e5:
f0:74:12:e1:7d:8f:c6:5c:9b:97:61:e6:4b:67:6d:
ef:30:1b:02:ff:b2:48:6d:1f:9c:1b:b8:4e:06:2a:
b6:84:c7:93:d3:b5:98:f8:a7:fa:3f:f9:ac:71:0c:
cb:d2:cf:d9:ee:56:4c:72:28:b8:b4:92:89:05:e5:
04:89:fa:81:fd:fc:c7:77:2f:e4:1f:35:88:46:1e:
b9:b8:35:f6:99:35:b8:d3:7d:2d:34:a7:03:c8:36:
26:4d:92:72:01:c4:18:26:e5:fa:3f:9a:a2:a4:58:
71:ad:e1:43:1d:73:bd:18:45:18:35:3b:08:7e:cf:
ac:8e:f8:89:50:d5:c7:bc:5a:bc:e3:9f:9c:4f:0f:
bf:3e:58:5c:1e:b6:7e:26:83:fc:ba:0a:ba:53:fe:
69:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:3C:C4:6D:3A:05:BB:25:AA:F7:3A:EE:05:39:64:C3:27:91:D1:89
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:70:14:10:f8:33:7f:53:d7:98:6e:02:fe:b2:7d:48:ea:dd:
38:25:f8:1c:f3:3e:f6:b3:68:fe:a5:3b:44:f6:8c:8d:ed:ee:
b4:c3:62:b2:04:4d:78:0f:37:e6:86:8a:a5:ef:65:5f:ba:08:
78:00:3b:b5:70:94:b5:68:ff:ed:3e:b1:10:f6:a4:1b:e4:f1:
fe:d0:f5:49:4b:4c:25:3b:4b:d4:9e:34:c0:ca:b0:52:3f:77:
8c:7b:d4:9e:c0:3d:9d:2a:25:5a:7d:25:1d:66:3a:9f:cc:04:
23:4a:95:38:2e:dd:9b:41:61:3b:53:c9:86:d2:7c:40:c1:48:
25:c2:99:35:1d:bf:be:9d:5e:21:24:c2:b8:7c:8b:64:04:6d:
7d:7f:a7:95:d3:b7:fb:41:f7:9a:32:30:c2:2a:85:1f:84:5c:
6d:a5:13:0a:8d:96:eb:48:5e:10:dd:2b:a8:69:ad:d2:21:23:
e2:b7:3f:4e:52:f3:63:42:73:55:4b:15:3f:b8:aa:22:ac:9b:
53:54:62:40:74:86:f7:63:c0:a1:3e:fb:c0:be:a2:ea:7d:08:
41:14:a8:e2:a1:ec:db:fa:c2:12:29:93:be:eb:be:97:31:d6:
52:25:86:37:c1:0a:cc:a9:e8:40:21:aa:a2:e1:51:76:23:8a:
5d:0b:4c:93
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY0swKnEHs9y3vmo4U3f7Fx/zGRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNThaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNjJiZjYzMTQzN2UzMWExYzdhYmU0YWM1ZGQ5OGIwNzVmMTk0MmU4ZmUx
NDhmYjZhZGQ4NmNlZGJlZDMxODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOw825GvySSwmW9VT/iBRHevv9DDjBIB68GvODPp94SiQ5/7WFUBHPTKdO3A
hhY1mpb+gz7cqIdYxOZgV0MnBrJUD/xlKSCLcNArtEz4EVi695UBxsWv6rkKk9AT
qtlOo0H+b/l9txTl8HQS4X2Pxlybl2HmS2dt7zAbAv+ySG0fnBu4TgYqtoTHk9O1
mPin+j/5rHEMy9LP2e5WTHIouLSSiQXlBIn6gf38x3cv5B81iEYeubg19pk1uNN9
LTSnA8g2Jk2ScgHEGCbl+j+aoqRYca3hQx1zvRhFGDU7CH7PrI74iVDVx7xavOOf
nE8Pvz5YXB62fiaD/LoKulP+aUkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhPMRt
OgW7Jar3Ou4FOWTDJ5HRiTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAuHAUEPgzf1PXmG4C/rJ9SOrdOCX4HPM+9rNo/qU7
RPaMje3utMNisgRNeA835oaKpe9lX7oIeAA7tXCUtWj/7T6xEPakG+Tx/tD1SUtM
JTtL1J40wMqwUj93jHvUnsA9nSolWn0lHWY6n8wEI0qVOC7dm0FhO1PJhtJ8QMFI
JcKZNR2/vp1eISTCuHyLZARtfX+nldO3+0H3mjIwwiqFH4RcbaUTCo2W60heEN0r
qGmt0iEj4rc/TlLzY0JzVUsVP7iqIqybU1RiQHSG92PAoT77wL6i6n0IQRSo4qHs
2/rCEimTvuu+lzHWUiWGN8EKzKnoQCGqouFRdiOKXQtMkw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:51:55 2025 by rpki-client