Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: xhJAEt2Jf0/qpQU7f47/OIzLruhxqnfD/JNlpVixTgA=
Subject key identifier: 39:FA:F9:C1:55:C5:0F:97:31:8D:B1:4D:D0:08:F4:22:69:58:DC:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 283508F48549FE9C683D49233981B1D5BC923354
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Fri 25 Apr 2025 20:30:57 +0000
ROA not before: Fri 25 Apr 2025 20:30:57 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:35:08:f4:85:49:fe:9c:68:3d:49:23:39:81:b1:d5:bc:92:33:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:57 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0934b0c4ecd7350da5b75e4f0efe920e5f15ad62e1190d6d53b5f0542cf24eb9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:25:43:0f:aa:c7:66:5f:46:80:b4:32:35:c7:
db:87:c4:0d:49:9b:44:26:f4:78:5f:f6:96:c6:85:
45:af:e7:cf:aa:b3:02:b5:c7:48:b3:17:1b:a0:4a:
a1:99:3f:de:ce:92:34:2f:79:ea:5c:f6:32:b6:dd:
9c:f5:57:af:c5:7a:60:ad:4f:ee:6a:b6:c1:f8:92:
99:15:e2:2f:c6:fe:16:41:f0:ef:5c:bb:bd:66:bf:
8b:c0:21:fe:8e:46:e0:99:62:66:d0:d5:29:ff:05:
3a:62:5b:9a:3d:95:42:ff:8f:4b:bd:4e:34:4a:cd:
82:9a:9f:2a:89:e1:0d:4e:bf:de:3c:01:f2:06:f3:
9c:b8:9a:f1:d5:75:46:99:ca:23:90:ea:4a:4a:93:
d8:89:73:6f:b9:cc:6c:65:19:bc:ce:c7:ba:a6:ca:
17:19:ae:51:12:07:9a:9d:67:3e:ca:c4:d3:3e:e8:
70:a9:b3:6e:97:9b:3f:a3:60:4e:4d:2c:2a:ad:78:
69:aa:0c:af:8f:c6:42:f5:24:b2:1e:b4:db:3d:89:
38:a9:ec:64:80:66:af:d9:f5:8d:9f:96:40:82:00:
cd:8a:04:ec:a9:56:0a:39:83:54:ab:dc:7f:8c:c6:
23:c7:3c:fc:6e:43:b0:80:a6:40:cc:b3:3a:94:1b:
60:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FA:F9:C1:55:C5:0F:97:31:8D:B1:4D:D0:08:F4:22:69:58:DC:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a0:bb:5c:f3:44:3d:e4:63:e2:6c:c3:61:dc:d7:91:61:bb:eb:
94:e4:b8:31:34:2e:7a:5f:7c:a5:38:25:df:e4:8a:b6:9e:87:
fc:c5:b0:dc:89:46:03:10:1f:d3:1d:fb:01:67:5c:9e:73:06:
30:4f:1b:5c:96:4b:e9:53:fc:dd:f4:ac:1c:c4:ff:38:1f:5c:
2e:5c:85:5b:e9:90:c2:4e:bb:8c:df:07:d5:6d:94:14:56:48:
17:68:d5:31:bc:24:c3:66:af:6c:28:34:71:af:dc:45:77:8b:
b4:d7:5a:9e:62:95:93:56:17:68:5c:16:ab:94:be:5f:58:39:
f7:32:ec:25:ee:bd:98:c6:f8:b0:89:4b:b5:1d:74:70:c6:11:
46:80:b1:53:ce:31:df:77:a5:94:d6:4e:67:a0:8b:0e:3a:88:
fe:c6:1d:30:bf:52:91:ce:45:c0:22:95:1c:77:2b:94:ee:84:
d9:d0:21:7b:f7:f2:16:a0:40:21:f8:8a:f4:1b:c2:74:f0:de:
af:6c:56:3e:3d:47:d6:e3:24:7c:06:bb:38:ce:7f:8f:30:e7:
91:75:9b:53:09:cc:a0:81:6e:f8:14:75:da:96:f2:83:95:85:
2a:89:b8:38:ee:c5:ea:3a:be:b1:04:aa:80:cf:dc:ad:6b:9f:
56:3c:76:c3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKDUI9IVJ/pxoPUkjOYGx1bySM1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MzRiMGM0ZWNkNzM1MGRhNWI3NWU0ZjBlZmU5MjBlNWYxNWFkNjJlMTE5
MGQ2ZDUzYjVmMDU0MmNmMjRlYjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8lQw+qx2ZfRoC0MjXH24fEDUmbRCb0eF/2lsaFRa/nz6qzArXHSLMXG6BK
oZk/3s6SNC956lz2MrbdnPVXr8V6YK1P7mq2wfiSmRXiL8b+FkHw71y7vWa/i8Ah
/o5G4JliZtDVKf8FOmJbmj2VQv+PS71ONErNgpqfKonhDU6/3jwB8gbznLia8dV1
RpnKI5DqSkqT2Ilzb7nMbGUZvM7HuqbKFxmuURIHmp1nPsrE0z7ocKmzbpebP6Ng
Tk0sKq14aaoMr4/GQvUksh602z2JOKnsZIBmr9n1jZ+WQIIAzYoE7KlWCjmDVKvc
f4zGI8c8/G5DsICmQMyzOpQbYF0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5+vnB
VcUPlzGNsU3QCPQiaVjcJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQCgu1zzRD3kY+Jsw2Hc15Fhu+uU5LgxNC56X3ylOCXf
5Iq2nof8xbDciUYDEB/THfsBZ1yecwYwTxtclkvpU/zd9KwcxP84H1wuXIVb6ZDC
TruM3wfVbZQUVkgXaNUxvCTDZq9sKDRxr9xFd4u011qeYpWTVhdoXBarlL5fWDn3
Muwl7r2YxviwiUu1HXRwxhFGgLFTzjHfd6WU1k5noIsOOoj+xh0wv1KRzkXAIpUc
dyuU7oTZ0CF79/IWoEAh+Ir0G8J08N6vbFY+PUfW4yR8Brs4zn+PMOeRdZtTCcyg
gW74FHXalvKDlYUqibg47sXqOr6xBKqAz9yta59WPHbD
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:50:14 2025 by rpki-client