Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: nUJUx6gwpdwpw/tGQLDUyTwiwIKxbFIsGrDbcB1guL0=
Subject key identifier: B8:12:D8:30:C0:A4:4E:BF:06:A1:27:D5:60:12:19:B3:06:11:AB:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3AFA0A40EBE442C6B37A435992760CECCD31FE70
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Tue 20 May 2025 20:41:04 +0000
ROA not before: Tue 20 May 2025 20:41:04 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:fa:0a:40:eb:e4:42:c6:b3:7a:43:59:92:76:0c:ec:cd:31:fe:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:04 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=617e3d75e3b37c12334dbab41f8c35843cc1de23e58dc6c1a703efc2efc2dd8c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:8e:0d:e2:50:95:99:95:8d:78:e2:58:60:0e:
8e:3e:fb:bd:9b:11:25:6b:c0:f8:a3:43:2b:8b:5b:
47:17:8f:8f:ac:2e:3a:99:2f:c6:ed:3c:7d:67:f6:
42:16:49:02:e9:2b:b6:74:d2:11:80:6f:87:3c:8b:
5a:a3:03:4f:c2:64:e7:32:50:18:58:3b:f3:96:dd:
8e:e5:94:75:86:f1:0c:f9:24:fd:c9:97:7e:0e:e5:
98:13:fd:e0:ca:14:ee:4a:7a:d9:d6:b3:91:da:10:
22:e7:3a:94:68:05:81:ca:f9:8b:78:de:42:57:5e:
6e:0f:60:e0:66:8f:4d:aa:a3:6a:b0:3d:37:7a:8a:
68:a5:16:f6:6d:90:b9:13:f8:12:26:b0:1b:65:05:
2a:d8:d0:4f:bf:18:d8:a5:c2:75:03:ae:d7:12:b5:
2f:b9:0f:a0:dd:4f:d8:d9:bd:f8:49:74:ab:22:df:
7c:5b:bb:ec:91:3b:f8:61:57:4c:53:1b:53:6a:ed:
dc:b1:99:39:f3:5c:22:54:38:a1:4d:2e:a0:84:1d:
af:72:36:a3:8d:01:48:90:84:c0:b2:fb:e8:bd:a6:
8a:9c:0e:df:54:34:37:0b:2f:93:34:d1:3d:97:60:
69:b6:6c:e9:bf:07:26:ee:09:9b:ba:b6:80:a9:2e:
b6:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:12:D8:30:C0:A4:4E:BF:06:A1:27:D5:60:12:19:B3:06:11:AB:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:18:8b:54:df:7c:26:6e:2d:6e:27:55:ab:a4:a9:e7:e5:bc:
2e:a6:23:70:d7:c4:1a:14:2c:9b:bd:ae:04:20:39:ff:7c:4d:
69:a4:b2:cf:52:fd:e7:c9:b2:5f:75:95:2b:b3:93:fc:60:9e:
22:83:74:79:1b:35:66:e1:9c:c7:36:82:74:f5:22:a9:4b:98:
e1:e5:59:46:8c:9f:2e:fd:cf:09:cd:d6:5a:21:7b:31:7f:34:
40:43:af:71:76:28:9d:33:1b:6d:a1:7f:be:64:92:e0:ec:a5:
04:2e:55:74:e5:39:32:a6:2b:92:55:7e:dc:9a:b5:bd:49:7b:
66:81:14:2d:14:45:e0:47:50:9a:43:60:79:17:a3:bd:4d:6c:
81:f6:fc:28:dc:6b:b1:f0:1f:c5:d1:4b:7f:fc:94:7f:27:56:
cf:0a:0e:c8:bc:b0:07:a2:7d:92:c9:89:7a:e3:34:a3:d9:b3:
80:53:ed:83:0c:a9:f0:22:3f:da:53:00:59:23:6f:9b:ff:a3:
45:5e:26:48:a2:0f:7d:26:e2:5a:ab:8d:fd:95:ca:d9:e4:17:
56:24:47:cf:ce:8a:a7:73:dc:be:cb:99:04:41:bc:1e:74:52:
08:99:e3:d9:74:1e:61:1c:98:d4:c3:be:17:db:f1:7b:02:68:
97:85:64:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOvoKQOvkQsazekNZknYM7M0x/nAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMDRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxN2UzZDc1ZTNiMzdjMTIzMzRkYmFiNDFmOGMzNTg0M2NjMWRlMjNlNThk
YzZjMWE3MDNlZmMyZWZjMmRkOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIiODeJQlZmVjXjiWGAOjj77vZsRJWvA+KNDK4tbRxePj6wuOpkvxu08fWf2
QhZJAukrtnTSEYBvhzyLWqMDT8Jk5zJQGFg785bdjuWUdYbxDPkk/cmXfg7lmBP9
4MoU7kp62dazkdoQIuc6lGgFgcr5i3jeQldebg9g4GaPTaqjarA9N3qKaKUW9m2Q
uRP4EiawG2UFKtjQT78Y2KXCdQOu1xK1L7kPoN1P2Nm9+El0qyLffFu77JE7+GFX
TFMbU2rt3LGZOfNcIlQ4oU0uoIQdr3I2o40BSJCEwLL76L2mipwO31Q0NwsvkzTR
PZdgabZs6b8HJu4Jm7q2gKkutmcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4Etgw
wKROvwahJ9VgEhmzBhGrwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQAPGItU33wmbi1uJ1WrpKnn5bwupiNw18QaFCybva4E
IDn/fE1ppLLPUv3nybJfdZUrs5P8YJ4ig3R5GzVm4ZzHNoJ09SKpS5jh5VlGjJ8u
/c8JzdZaIXsxfzRAQ69xdiidMxttoX++ZJLg7KUELlV05TkypiuSVX7cmrW9SXtm
gRQtFEXgR1CaQ2B5F6O9TWyB9vwo3Gux8B/F0Ut//JR/J1bPCg7IvLAHon2SyYl6
4zSj2bOAU+2DDKnwIj/aUwBZI2+b/6NFXiZIog99JuJaq439lcrZ5BdWJEfPzoqn
c9y+y5kEQbwedFIImePZdB5hHJjUw74X2/F7AmiXhWRo
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:53:52 2025 by rpki-client