Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: N45A4es/+jwXxdmIPE7s7pjyeuAZNC2H8xv8miw/bho=
Subject key identifier: 9B:A4:B2:95:D8:2B:55:7C:63:FF:A7:31:4A:93:01:A3:EC:FB:D7:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 226244CD7656835CD20D512801C5ADBF735DBE15
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Tue 20 May 2025 20:40:56 +0000
ROA not before: Tue 20 May 2025 20:40:56 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:62:44:cd:76:56:83:5c:d2:0d:51:28:01:c5:ad:bf:73:5d:be:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:56 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8ab4a5cff4946cb3a53c2c0549566a7f657ca31148c922cec8d868551d596f67, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:65:44:8a:2b:96:64:eb:09:cd:08:70:24:
cd:20:b5:7c:be:73:63:19:61:59:e7:bc:19:5a:12:
b0:98:db:f0:aa:9c:16:4d:0a:d1:80:2c:48:da:0d:
74:d5:82:b9:a3:b8:db:dc:a4:cf:ed:da:09:5c:b4:
6b:8d:2b:ac:45:7b:8f:83:9c:09:dc:d4:46:53:22:
6c:52:c5:d7:12:99:d0:b0:04:ee:f6:4e:4a:96:2a:
49:0a:62:8e:a5:cf:14:52:92:13:bb:ea:cb:3a:a3:
4c:1f:7c:f6:d6:45:97:bd:25:e8:07:46:ad:91:d4:
f8:a7:dd:4f:26:dc:13:2f:18:b8:da:06:eb:c3:b6:
26:74:f0:7e:48:fc:fa:65:1c:8a:76:6f:3f:a6:07:
d9:08:b9:6b:f9:07:90:fa:80:06:44:c8:4c:2f:06:
4b:9d:fc:9b:61:46:09:fc:cf:3e:82:52:b9:eb:c2:
4d:4f:dc:53:24:15:9f:80:dd:99:40:b5:14:31:c3:
64:f2:df:a7:3b:51:47:ad:0a:eb:0e:df:1a:2c:45:
59:63:b8:d7:4a:4e:2f:0e:c8:33:93:2e:39:87:4a:
3d:66:a1:c3:d7:ac:c7:e9:09:db:4d:2e:12:51:0a:
4a:5e:52:bf:e1:98:b5:c4:b3:ad:bf:86:87:96:07:
53:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A4:B2:95:D8:2B:55:7C:63:FF:A7:31:4A:93:01:A3:EC:FB:D7:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
6a:64:f1:19:ae:98:a3:36:de:c4:e3:93:0d:eb:bf:20:8f:92:
75:6f:6a:bb:04:ef:08:41:b2:ab:d5:b6:17:00:aa:ba:8b:67:
78:cd:5e:58:91:59:8a:b0:87:25:0a:88:b5:08:ba:d2:42:2f:
e0:6e:c8:3c:51:69:94:12:41:e9:61:cd:6a:29:9d:19:30:65:
b7:9e:75:12:fe:ea:b5:ec:54:72:b9:f8:e4:72:67:96:48:1e:
72:45:44:0b:67:e4:f9:73:15:f7:81:3d:08:bd:09:e3:f1:aa:
8d:5d:a8:c6:d7:16:51:a6:de:bd:36:83:3c:9a:22:8a:44:c0:
72:6c:fc:15:82:74:e2:8c:14:f3:94:c8:a5:d4:3f:1b:17:61:
22:63:4d:95:f6:7e:a3:11:f4:fa:04:c9:19:91:fa:09:18:fa:
35:be:66:af:29:07:ac:6e:64:8f:cc:73:91:e6:8f:9a:a4:e2:
05:43:d1:34:74:84:91:f7:6e:11:8c:d7:89:8b:1e:79:05:e3:
64:61:77:f8:3f:02:79:78:d2:f3:19:4d:f5:43:63:b4:a2:dc:
f0:f4:cd:b8:7a:48:58:6f:d0:69:2b:7c:a4:57:8d:c7:60:79:
8f:ad:49:a9:b2:75:11:b2:e8:d9:1e:34:50:4a:fc:ec:26:ad:
fc:ec:f0:99
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUImJEzXZWg1zSDVEoAcWtv3NdvhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhYjRhNWNmZjQ5NDZjYjNhNTNjMmMwNTQ5NTY2YTdmNjU3Y2EzMTE0OGM5
MjJjZWM4ZDg2ODU1MWQ1OTZmNjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjvZUSKK5Zk6wnNCHAkzSC1fL5zYxlhWee8GVoSsJjb8KqcFk0K0YAsSNoN
dNWCuaO429ykz+3aCVy0a40rrEV7j4OcCdzURlMibFLF1xKZ0LAE7vZOSpYqSQpi
jqXPFFKSE7vqyzqjTB989tZFl70l6AdGrZHU+KfdTybcEy8YuNoG68O2JnTwfkj8
+mUcinZvP6YH2Qi5a/kHkPqABkTITC8GS538m2FGCfzPPoJSuevCTU/cUyQVn4Dd
mUC1FDHDZPLfpztRR60K6w7fGixFWWO410pOLw7IM5MuOYdKPWahw9esx+kJ200u
ElEKSl5Sv+GYtcSzrb+Gh5YHUy8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSbpLKV
2CtVfGP/pzFKkwGj7PvXJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAamTxGa6YozbexOOTDeu/II+SdW9quwTvCEGyq9W2
FwCquotneM1eWJFZirCHJQqItQi60kIv4G7IPFFplBJB6WHNaimdGTBlt551Ev7q
texUcrn45HJnlkgeckVEC2fk+XMV94E9CL0J4/GqjV2oxtcWUabevTaDPJoiikTA
cmz8FYJ04owU85TIpdQ/GxdhImNNlfZ+oxH0+gTJGZH6CRj6Nb5mrykHrG5kj8xz
keaPmqTiBUPRNHSEkfduEYzXiYseeQXjZGF3+D8CeXjS8xlN9UNjtKLc8PTNuHpI
WG/QaSt8pFeNx2B5j61JqbJ1EbLo2R40UEr87Cat/OzwmQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:46:36 2025 by rpki-client