Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: u/3at8zpoLcY07ehecPJ9PpGiZHuhM42gLVmTruUMOo=
Subject key identifier: 0E:40:CE:49:11:67:7A:F6:E4:9A:A3:EB:25:E9:E2:C0:66:3D:5A:9C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0797F2CBCC59320624491BB14633A9ABA03770C0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Tue 20 May 2025 20:40:56 +0000
ROA not before: Tue 20 May 2025 20:40:56 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:97:f2:cb:cc:59:32:06:24:49:1b:b1:46:33:a9:ab:a0:37:70:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:56 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=047b41fdb9a972d02b81bbdcb22742ccab9bdd598800e8d8b4a06a6d2cd2ebf7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:65:23:c7:f1:9b:4f:ab:81:25:03:f6:6f:85:
5b:4a:31:8b:9a:23:e8:34:48:77:35:1f:a0:36:a4:
1f:b6:b7:da:2b:79:3b:2a:43:16:e4:68:20:d5:b1:
02:e9:ec:f7:dc:14:45:cc:71:12:12:17:22:3d:00:
f9:47:58:0a:5c:3e:c1:a4:5a:32:bd:0e:88:9c:3b:
d7:9c:fc:c4:6d:63:d0:50:c1:27:2d:5c:c8:83:9a:
09:37:39:4b:ee:44:13:0b:e8:f0:ba:e8:27:35:52:
a6:04:bc:ab:43:0a:7c:29:01:1d:92:a3:17:35:d1:
6f:cd:b5:dc:86:d0:c3:c0:66:98:eb:d7:52:f3:89:
ae:ac:6a:22:0c:cb:12:df:39:95:29:77:7b:6b:b4:
02:a2:12:f1:56:dc:cb:fe:eb:0b:4c:26:90:93:c8:
42:c9:b2:bb:69:50:75:1f:34:8b:08:58:c7:a6:7e:
60:54:c5:63:3b:0e:f7:c0:4a:54:37:69:c2:98:53:
69:dc:08:db:72:9f:97:32:15:0f:66:b2:91:b9:51:
32:51:83:9e:fe:e4:5d:fd:41:28:4d:46:eb:86:f6:
e8:2b:36:09:91:73:fa:8c:44:f0:1d:64:52:2e:4e:
52:eb:fd:83:1c:c6:3d:7f:96:47:ae:03:d3:e4:74:
ab:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:40:CE:49:11:67:7A:F6:E4:9A:A3:EB:25:E9:E2:C0:66:3D:5A:9C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d6:72:04:96:09:4f:37:24:cc:26:7f:2f:33:5b:f5:2a:26:
e0:73:52:a3:eb:a4:04:15:a5:6d:0d:f4:7b:21:c7:de:d5:84:
67:d1:49:4f:0f:d8:94:95:a2:0a:b8:31:15:55:bf:43:96:bc:
8b:ed:89:58:ca:f2:a1:80:0e:3a:64:c8:eb:cf:8a:20:27:2c:
54:50:eb:8a:e0:fb:3a:ab:47:22:24:15:90:21:9d:3f:9d:4f:
1f:b1:9c:b2:4c:41:ce:db:12:8a:32:bc:83:73:c6:22:c8:de:
2f:30:4b:e3:76:fe:5a:4e:97:c6:79:28:14:7d:b2:7c:27:68:
f7:02:01:ec:94:c4:50:59:a0:e3:39:b6:f6:3b:55:56:9c:a6:
c9:4c:93:71:8d:ce:d4:b3:cf:05:d2:15:45:cb:4f:b5:f5:fc:
0a:ff:8d:17:5e:75:7b:68:17:02:65:8e:83:3d:29:54:ad:37:
07:21:70:dc:9a:80:a9:fa:7d:8f:20:13:42:36:33:c4:53:96:
07:5a:5a:1b:a9:86:9c:b5:f5:c5:e8:9d:69:9d:39:17:0b:ce:
b4:80:26:83:f1:a8:e0:64:c7:d0:1f:40:ef:d5:12:da:ca:c2:
18:7b:48:72:52:cf:be:17:ba:d6:bd:95:62:6c:e7:ed:c9:0f:
87:66:58:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUB5fyy8xZMgYkSRuxRjOpq6A3cMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0N2I0MWZkYjlhOTcyZDAyYjgxYmJkY2IyMjc0MmNjYWI5YmRkNTk4ODAw
ZThkOGI0YTA2YTZkMmNkMmViZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhlI8fxm0+rgSUD9m+FW0oxi5oj6DRIdzUfoDakH7a32it5OypDFuRoINWx
Auns99wURcxxEhIXIj0A+UdYClw+waRaMr0OiJw715z8xG1j0FDBJy1cyIOaCTc5
S+5EEwvo8LroJzVSpgS8q0MKfCkBHZKjFzXRb8213IbQw8BmmOvXUvOJrqxqIgzL
Et85lSl3e2u0AqIS8Vbcy/7rC0wmkJPIQsmyu2lQdR80iwhYx6Z+YFTFYzsO98BK
VDdpwphTadwI23KflzIVD2aykblRMlGDnv7kXf1BKE1G64b26Cs2CZFz+oxE8B1k
Ui5OUuv9gxzGPX+WR64D0+R0qzUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQOQM5J
EWd69uSao+sl6eLAZj1anDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAK9ZyBJYJTzckzCZ/LzNb9Som4HNSo+ukBBWlbQ30
eyHH3tWEZ9FJTw/YlJWiCrgxFVW/Q5a8i+2JWMryoYAOOmTI68+KICcsVFDriuD7
OqtHIiQVkCGdP51PH7GcskxBztsSijK8g3PGIsjeLzBL43b+Wk6XxnkoFH2yfCdo
9wIB7JTEUFmg4zm29jtVVpymyUyTcY3O1LPPBdIVRctPtfX8Cv+NF151e2gXAmWO
gz0pVK03ByFw3JqAqfp9jyATQjYzxFOWB1paG6mGnLX1xeidaZ05FwvOtIAmg/Go
4GTH0B9A79US2srCGHtIclLPvhe61r2VYmzn7ckPh2ZYFg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:45:37 2025 by rpki-client