Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: 9qr3jJTuIkV3LG953SPuwzPWevMZU/0Kw7fGKVEdl8w=
Subject key identifier: B2:50:B3:36:4D:13:35:EB:A6:B6:97:78:B0:34:B0:13:6A:9F:7D:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 606D120EF2BF43B959A6E4EA521305553EB88A94
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Fri 25 Apr 2025 20:31:10 +0000
ROA not before: Fri 25 Apr 2025 20:31:10 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:6d:12:0e:f2:bf:43:b9:59:a6:e4:ea:52:13:05:55:3e:b8:8a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:10 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=ffcde39ed4278e13b7273d8bfeac1f0fb8a6f1f0e2ff4d59cb26fbc3b8e86acd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:54:0c:a2:c7:f3:8c:d5:bf:11:e0:6d:27:db:
9d:d9:06:58:ca:68:e5:c1:e3:7d:8a:d2:91:ec:ef:
1b:e5:62:31:ad:e1:6f:da:fa:4a:17:c5:99:89:b6:
fb:06:c7:3f:55:29:75:50:50:34:9f:d2:43:0e:4a:
63:2d:f2:5f:b6:07:1e:e5:c6:13:01:64:aa:7f:71:
02:dd:d8:f2:2a:ac:86:ec:6b:ad:7d:56:cc:96:64:
be:8f:2c:2e:7a:f9:6b:1f:37:bd:34:ca:53:ba:7f:
e3:32:55:01:1d:53:10:1c:61:3f:b5:80:68:73:10:
15:8b:86:c7:ca:da:10:fd:67:9a:34:93:e8:b4:b1:
ab:bf:79:85:9b:f8:71:7d:82:dc:a8:de:b5:72:17:
43:e8:1e:cf:20:59:a1:11:ad:68:6c:b8:bf:c0:16:
fa:63:9c:e8:50:32:b8:15:d7:73:7a:37:78:7a:5a:
7f:93:d9:9b:b5:31:1b:81:a0:5d:6f:4a:c4:b4:63:
2c:2d:a3:9b:94:1f:6f:02:e8:10:c5:7c:79:13:dd:
6a:e3:41:ae:ae:84:7f:e1:bc:02:67:5e:a5:95:60:
c5:08:d5:f6:1d:40:88:6a:4b:ba:e6:e5:51:a3:2b:
08:e9:2d:fa:73:1b:87:2a:b2:f8:b7:73:89:09:8b:
b9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:50:B3:36:4D:13:35:EB:A6:B6:97:78:B0:34:B0:13:6A:9F:7D:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ce:f2:4f:ed:4e:f5:69:9e:98:fe:4e:d2:00:3c:73:9a:31:25:
e9:1c:49:53:04:5a:c0:bc:8c:82:d7:e0:08:0c:55:d6:52:24:
b5:e7:fb:d1:e8:ea:31:78:1b:55:23:9d:99:42:72:3b:43:de:
51:29:c9:0e:7d:3d:f2:b0:bc:55:45:54:60:5c:87:34:11:e6:
58:1b:7a:b9:68:0f:17:c1:68:a4:2f:a4:8f:b1:c5:7b:cb:27:
bb:5d:16:73:cb:19:4b:ae:99:43:5f:a6:ad:9c:0e:4c:80:22:
37:60:be:0f:b3:38:86:ca:f1:02:44:ac:0b:d6:6b:d5:86:67:
e1:57:db:06:52:cd:f6:64:f2:17:ce:1b:7c:86:6c:eb:5a:e2:
3c:6b:12:3f:28:de:1a:23:0c:80:74:3b:3b:3d:ed:4f:28:52:
84:75:38:f0:b3:ae:8f:7f:25:d5:95:cf:0a:79:01:7a:7e:f8:
28:b2:9a:83:bb:5d:c6:50:39:41:79:71:cc:1b:9c:21:a6:3f:
2a:6d:b1:0c:eb:80:aa:d4:4b:4d:64:0d:46:5c:b7:00:a2:25:
e3:3b:23:7f:77:0a:01:28:3d:6f:84:95:4a:31:92:4c:cc:bc:
cb:0d:4d:19:41:c5:c6:76:71:f4:bc:f0:08:54:58:87:f3:17:
7f:b1:b7:3e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYG0SDvK/Q7lZpuTqUhMFVT64ipQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMTBaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmY2RlMzllZDQyNzhlMTNiNzI3M2Q4YmZlYWMxZjBmYjhhNmYxZjBlMmZm
NGQ1OWNiMjZmYmMzYjhlODZhY2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZUDKLH84zVvxHgbSfbndkGWMpo5cHjfYrSkezvG+ViMa3hb9r6ShfFmYm2
+wbHP1UpdVBQNJ/SQw5KYy3yX7YHHuXGEwFkqn9xAt3Y8iqshuxrrX1WzJZkvo8s
Lnr5ax83vTTKU7p/4zJVAR1TEBxhP7WAaHMQFYuGx8raEP1nmjST6LSxq795hZv4
cX2C3KjetXIXQ+gezyBZoRGtaGy4v8AW+mOc6FAyuBXXc3o3eHpaf5PZm7UxG4Gg
XW9KxLRjLC2jm5QfbwLoEMV8eRPdauNBrq6Ef+G8AmdepZVgxQjV9h1AiGpLuubl
UaMrCOkt+nMbhyqy+LdziQmLufMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSyULM2
TRM166a2l3iwNLATap99UDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQDO8k/tTvVpnpj+TtIAPHOaMSXpHElTBFrAvIyC1+AI
DFXWUiS15/vR6OoxeBtVI52ZQnI7Q95RKckOfT3ysLxVRVRgXIc0EeZYG3q5aA8X
wWikL6SPscV7yye7XRZzyxlLrplDX6atnA5MgCI3YL4PsziGyvECRKwL1mvVhmfh
V9sGUs32ZPIXzht8hmzrWuI8axI/KN4aIwyAdDs7Pe1PKFKEdTjws66PfyXVlc8K
eQF6fvgospqDu13GUDlBeXHMG5whpj8qbbEM64Cq1EtNZA1GXLcAoiXjOyN/dwoB
KD1vhJVKMZJMzLzLDU0ZQcXGdnH0vPAIVFiH8xd/sbc+
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:16 2025 by rpki-client