Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json)
Hash identifier: 5tZVaADWiDlR98Rh/PlqmvwTPxiCn0/0ddbfRN76vx0=
Subject key identifier: AC:B4:A3:42:9D:50:CF:ED:9F:4E:C3:12:57:97:C4:3D:98:02:06:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D557415D31D388529C5DE6A258A5BD35F2C7015
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
Signing time: Fri 25 Apr 2025 20:40:45 +0000
ROA not before: Fri 25 Apr 2025 20:40:45 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:55:74:15:d3:1d:38:85:29:c5:de:6a:25:8a:5b:d3:5f:2c:70:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:40:45 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=5b684a97e71776b6b77f3ad58d52ad018ef6f2f983e3544b4046f5419ad87bf1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0a:38:85:7a:f2:3f:a0:ba:63:a6:67:77:46:
0e:59:60:2f:e7:1b:a1:fb:3c:41:4f:34:24:ac:4b:
03:aa:81:94:34:3b:9c:24:de:94:4a:91:99:6e:dd:
85:ca:68:03:ea:57:5b:4e:9e:e1:a3:26:f0:6a:98:
fa:32:0a:e8:8a:0e:70:07:fd:3a:94:a1:7f:8c:78:
95:07:9a:97:48:70:8a:88:76:04:2a:fc:60:12:eb:
43:81:c6:90:90:b8:d0:16:9f:2e:85:c0:d8:65:a5:
ee:77:ef:7f:d9:dd:9b:da:7f:cd:3d:38:be:c8:48:
b6:22:c9:00:43:7f:58:33:60:f5:c9:24:05:df:28:
5f:a0:cc:ea:41:49:cc:85:23:b8:5e:3a:10:fb:b1:
ad:85:c3:02:39:b1:d3:04:5d:c0:06:7f:8e:29:b1:
3e:05:56:55:35:87:32:4f:69:47:22:36:45:47:05:
fe:7b:37:f3:a2:a3:c3:d7:32:e8:b7:d6:db:4b:86:
b4:f1:64:f7:28:6d:14:f7:c7:1c:3f:96:11:4a:11:
78:aa:f1:e5:77:de:06:f8:20:88:c4:1f:95:09:16:
80:a3:8a:78:b9:01:f5:ef:f1:e6:3a:b4:04:3f:c4:
6d:53:0a:fb:29:fb:6c:27:89:4d:39:71:68:52:39:
ff:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B4:A3:42:9D:50:CF:ED:9F:4E:C3:12:57:97:C4:3D:98:02:06:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ae:f9:c2:1c:67:89:13:a0:b9:f4:c5:86:e3:8b:1f:6d:54:b4:
bf:d4:45:96:84:cf:9b:4c:94:cb:da:a3:c9:91:5c:26:92:8d:
95:04:a7:bf:9f:7c:7f:7e:d2:17:05:f8:9c:ca:15:47:5a:6b:
f0:68:7e:c1:e5:34:6e:53:5f:40:f5:2c:7d:e9:76:17:bb:ab:
4c:aa:07:4c:8d:55:94:6b:91:a2:dd:9f:58:04:53:d6:ef:7c:
78:7d:72:e0:33:4e:72:fe:49:9f:af:e3:57:b6:64:27:55:ea:
30:c4:4b:be:0f:02:38:28:f3:cb:f7:05:ff:c0:4b:25:3f:c0:
e6:9f:ba:9b:ef:c3:27:f7:0d:ac:67:5e:67:11:63:de:cb:d0:
d6:58:d2:67:49:79:49:a4:73:06:c6:3d:c1:b0:a1:94:59:4e:
34:b6:16:43:61:4d:16:0e:87:91:e2:68:bd:5f:53:cc:ac:70:
55:a8:ca:cc:db:ab:a7:a9:d9:27:05:6a:18:e2:5d:dc:0f:f3:
ae:79:26:18:32:11:b5:c5:90:11:cb:5e:45:51:a7:95:6d:51:
ad:9e:80:c5:7c:ee:4b:6f:99:80:0a:e2:b9:56:26:4d:2d:2f:
89:f7:fd:e0:c3:7c:60:d3:de:1e:5e:ec:bd:17:87:c6:18:22:
a1:4c:ea:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfVV0FdMdOIUpxd5qJYpb018scBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDQwNDVaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDViNjg0YTk3ZTcxNzc2YjZiNzdmM2FkNThkNTJhZDAxOGVmNmYyZjk4M2Uz
NTQ0YjQwNDZmNTQxOWFkODdiZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIKOIV68j+gumOmZ3dGDllgL+cbofs8QU80JKxLA6qBlDQ7nCTelEqRmW7d
hcpoA+pXW06e4aMm8GqY+jIK6IoOcAf9OpShf4x4lQeal0hwioh2BCr8YBLrQ4HG
kJC40BafLoXA2GWl7nfvf9ndm9p/zT04vshItiLJAEN/WDNg9ckkBd8oX6DM6kFJ
zIUjuF46EPuxrYXDAjmx0wRdwAZ/jimxPgVWVTWHMk9pRyI2RUcF/ns386Kjw9cy
6LfW20uGtPFk9yhtFPfHHD+WEUoReKrx5XfeBvggiMQflQkWgKOKeLkB9e/x5jq0
BD/EbVMK+yn7bCeJTTlxaFI5/3kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSstKNC
nVDP7Z9OwxJXl8Q9mAIGyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQCu+cIcZ4kToLn0xYbjix9tVLS/1EWWhM+bTJTL2qPJ
kVwmko2VBKe/n3x/ftIXBficyhVHWmvwaH7B5TRuU19A9Sx96XYXu6tMqgdMjVWU
a5Gi3Z9YBFPW73x4fXLgM05y/kmfr+NXtmQnVeowxEu+DwI4KPPL9wX/wEslP8Dm
n7qb78Mn9w2sZ15nEWPey9DWWNJnSXlJpHMGxj3BsKGUWU40thZDYU0WDoeR4mi9
X1PMrHBVqMrM26unqdknBWoY4l3cD/OueSYYMhG1xZARy15FUaeVbVGtnoDFfO5L
b5mACuK5ViZNLS+J9/3gw3xg094eXuy9F4fGGCKhTOrT
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:52:00 2025 by rpki-client