Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: g6vdvhmKaOKthWBTtFk9QKYg94I6qVdSRrs2+NSubgw=
Subject key identifier: C8:58:BD:11:49:66:C8:A2:A6:EE:2F:C8:E2:E6:CB:31:7A:F3:62:91
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71F50EF25FE4F564251248FE2CCECDAAF3426AC9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Fri 25 Apr 2025 20:30:59 +0000
ROA not before: Fri 25 Apr 2025 20:30:59 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:f5:0e:f2:5f:e4:f5:64:25:12:48:fe:2c:ce:cd:aa:f3:42:6a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:59 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8f00c302723d3b8247169e73ae92a3957a0f17f782f2b833c20f161afbba763d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:36:09:8d:3e:83:75:d0:35:2f:ce:57:72:5d:
9b:66:fc:ca:92:d6:0f:90:79:78:4e:ab:34:d1:b0:
49:ae:2c:44:e9:d1:58:b3:8b:d0:21:eb:cd:a7:a8:
b2:24:bc:ca:d9:bc:b2:0b:cf:59:df:90:93:d1:f3:
f2:a6:63:de:8d:ef:2a:04:06:9f:73:0c:fc:bf:0e:
48:e9:8a:da:1a:1b:97:45:ee:d4:b8:c9:af:9e:f8:
18:b4:5f:2c:4b:8d:22:d9:3f:fc:80:3e:63:73:a1:
56:30:4f:fc:87:aa:ef:05:b3:37:81:c7:18:ff:d0:
82:44:e5:c7:3d:a6:9f:a1:49:fa:6a:3c:b3:07:1d:
04:c7:bb:02:e3:41:c3:04:4a:0b:67:b3:15:70:3b:
00:0d:65:5c:51:13:a2:75:4e:88:93:34:22:5d:b9:
94:7e:87:f4:80:89:d3:10:a1:12:c1:13:b0:d5:9b:
c9:b0:87:30:dd:dd:22:36:7f:d6:2b:1b:fb:0e:9e:
9d:6d:81:ba:d5:4f:1a:18:3b:22:3d:00:0e:e4:7b:
0a:8b:eb:a9:85:2e:d2:0c:92:06:ad:f2:b6:f2:87:
02:0f:3c:22:22:6f:64:7f:e4:35:f7:28:14:38:fd:
4c:0f:33:b0:80:f5:ef:87:c7:bd:ba:62:b7:bc:bd:
3a:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:58:BD:11:49:66:C8:A2:A6:EE:2F:C8:E2:E6:CB:31:7A:F3:62:91
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
7b:52:b3:d1:27:18:1f:fd:83:64:51:44:1b:07:68:49:32:23:
aa:de:ec:5a:66:27:c9:6a:eb:b7:c4:77:70:c0:0c:1f:bb:af:
7e:51:c9:6e:de:0f:f2:69:bb:6c:b9:b6:aa:c1:50:ac:28:11:
e4:17:e1:9a:34:23:ba:79:7f:30:c0:ff:1d:0d:63:3c:93:cc:
f2:6a:03:d9:d4:e3:41:ad:80:64:38:89:29:cc:2d:38:66:f6:
d4:66:96:69:cd:51:51:40:00:9b:64:fb:d5:3e:82:21:f7:4f:
a3:c9:e6:ee:fb:6d:db:90:15:fd:65:29:e6:b3:b0:dc:34:41:
20:53:68:49:b4:89:92:29:be:b3:4a:c4:5b:b8:d7:ee:cd:40:
c5:fa:ac:76:60:88:ed:a4:53:5f:50:e6:f8:62:97:2f:fd:cd:
9a:eb:33:8c:af:23:59:04:be:09:1c:02:36:1b:ba:90:28:c0:
2b:a7:20:d1:0a:57:3e:b8:2a:d0:d0:59:ad:dd:36:a7:60:46:
68:38:8d:b6:83:79:87:47:35:71:df:b8:5e:7d:6e:49:df:cc:
2b:da:bd:3d:5b:d3:e9:ba:15:df:96:87:f0:b9:63:bd:85:cb:
9b:01:38:d7:00:7b:e5:83:ac:c9:ff:73:e1:39:8a:82:9f:32:
c2:49:41:d5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcfUO8l/k9WQlEkj+LM7NqvNCaskwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhmMDBjMzAyNzIzZDNiODI0NzE2OWU3M2FlOTJhMzk1N2EwZjE3Zjc4MmYy
YjgzM2MyMGYxNjFhZmJiYTc2M2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJI2CY0+g3XQNS/OV3Jdm2b8ypLWD5B5eE6rNNGwSa4sROnRWLOL0CHrzaeo
siS8ytm8sgvPWd+Qk9Hz8qZj3o3vKgQGn3MM/L8OSOmK2hobl0Xu1LjJr574GLRf
LEuNItk//IA+Y3OhVjBP/Ieq7wWzN4HHGP/QgkTlxz2mn6FJ+mo8swcdBMe7AuNB
wwRKC2ezFXA7AA1lXFETonVOiJM0Il25lH6H9ICJ0xChEsETsNWbybCHMN3dIjZ/
1isb+w6enW2ButVPGhg7Ij0ADuR7CovrqYUu0gySBq3ytvKHAg88IiJvZH/kNfco
FDj9TA8zsID174fHvbpit7y9OpcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTIWL0R
SWbIoqbuL8ji5ssxevNikTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAe1Kz0ScYH/2DZFFEGwdoSTIjqt7sWmYnyWrrt8R3
cMAMH7uvflHJbt4P8mm7bLm2qsFQrCgR5BfhmjQjunl/MMD/HQ1jPJPM8moD2dTj
Qa2AZDiJKcwtOGb21GaWac1RUUAAm2T71T6CIfdPo8nm7vtt25AV/WUp5rOw3DRB
IFNoSbSJkim+s0rEW7jX7s1AxfqsdmCI7aRTX1Dm+GKXL/3NmuszjK8jWQS+CRwC
Nhu6kCjAK6cg0QpXPrgq0NBZrd02p2BGaDiNtoN5h0c1cd+4Xn1uSd/MK9q9PVvT
6boV35aH8LljvYXLmwE41wB75YOsyf9z4TmKgp8ywklB1Q==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:36:17 2025 by rpki-client