Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: CgO6QVOAex1LUY7+ZKGZ0DU9Ouqk/kt2Qq2KctM0OKA=
Subject key identifier: 03:0F:E8:AB:BE:FA:4C:17:C9:14:60:65:1A:2B:0D:1F:DB:E8:A1:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 137C0802205A476AD0D298CD690353A2FF17967F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Tue 20 May 2025 20:40:53 +0000
ROA not before: Tue 20 May 2025 20:40:53 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:7c:08:02:20:5a:47:6a:d0:d2:98:cd:69:03:53:a2:ff:17:96:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:53 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=e924fb25682a87a5b25c4786e8193dfb975f0180360974bddd0e4bbf3e9aa392, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c9:37:dd:f8:f6:87:0e:7b:a1:50:1b:a0:5e:
95:40:0b:50:dc:01:31:27:af:fe:09:86:f6:3d:ea:
42:58:26:dc:54:99:ea:54:bf:72:e7:d6:55:34:92:
0f:f1:41:7b:c5:95:ea:81:8d:31:ad:de:b5:49:cb:
a8:f9:a6:1f:8e:6d:e6:63:fc:3a:ce:39:3b:17:a8:
e6:0a:3d:06:a4:81:d2:5c:da:99:31:a4:44:7d:7f:
cb:b8:8e:5e:e7:14:55:4d:d4:87:90:4c:3a:6e:4c:
7d:74:d7:16:30:09:0f:dc:5f:8e:85:d5:7e:18:20:
5a:21:97:01:59:b8:c1:c5:97:3a:37:10:23:1e:5e:
ec:5e:0e:80:76:bb:45:15:50:21:82:ec:83:80:12:
34:d2:d8:d5:aa:1f:b0:6a:2d:cf:31:8b:9e:b9:9b:
d5:d5:a6:09:67:8a:27:d8:ca:4a:91:68:75:c0:4e:
c0:92:47:8e:61:a8:77:55:ac:06:1a:59:0e:55:26:
ac:d3:a9:07:88:68:ed:e8:5a:4d:3c:cd:98:1a:f5:
b7:5f:a2:ed:20:64:fe:1d:f0:73:73:e5:8a:33:49:
e9:1f:76:d7:b0:ad:a0:ad:07:97:3d:10:71:ec:70:
31:50:17:d6:8d:98:d1:c8:7f:75:25:e2:e5:8d:98:
dd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0F:E8:AB:BE:FA:4C:17:C9:14:60:65:1A:2B:0D:1F:DB:E8:A1:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:55:a6:20:8c:9b:b9:dc:c8:c5:cb:42:00:d5:ee:4f:85:3c:
e5:c8:38:1c:51:17:e9:97:b7:9c:1d:d6:2f:45:a9:45:31:36:
55:5f:f5:14:69:f9:18:11:ef:49:f0:eb:7b:8b:fe:8a:e0:b0:
e9:35:52:29:c8:62:7b:bf:95:84:57:d4:0a:68:c8:b1:c5:fa:
b2:cc:8d:ba:39:06:2d:31:9e:62:67:c2:bf:56:be:1f:08:85:
10:44:29:43:bb:f0:9b:6b:a1:eb:99:32:a5:67:7a:2b:6f:c6:
e9:37:ab:a7:f3:09:22:13:01:bc:18:a3:41:a6:b9:7c:a3:de:
74:52:db:64:c1:e1:71:7a:1b:cf:4d:f8:27:1a:eb:16:1b:a8:
31:e8:ce:18:78:1c:bb:ed:fa:e6:5d:25:9b:30:07:d7:e6:0a:
c7:b6:42:51:47:28:94:55:9b:f5:ca:e9:f9:d7:bd:c0:4c:19:
7c:d6:e2:f0:4d:2f:92:55:e7:b9:a8:88:5e:7e:07:d4:ce:2a:
5f:5b:fe:79:53:f6:ee:eb:a8:1d:53:15:df:69:3c:eb:f0:3e:
41:f7:da:f4:3f:7b:76:68:32:7c:c9:5c:cf:56:84:62:78:06:
52:d0:ff:f3:58:86:56:4d:1c:02:fd:d2:b1:da:f9:85:5f:33:
2f:52:5f:95
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE3wIAiBaR2rQ0pjNaQNTov8Xln8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTNaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5MjRmYjI1NjgyYTg3YTViMjVjNDc4NmU4MTkzZGZiOTc1ZjAxODAzNjA5
NzRiZGRkMGU0YmJmM2U5YWEzOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTJN9349ocOe6FQG6BelUALUNwBMSev/gmG9j3qQlgm3FSZ6lS/cufWVTSS
D/FBe8WV6oGNMa3etUnLqPmmH45t5mP8Os45Oxeo5go9BqSB0lzamTGkRH1/y7iO
XucUVU3Uh5BMOm5MfXTXFjAJD9xfjoXVfhggWiGXAVm4wcWXOjcQIx5e7F4OgHa7
RRVQIYLsg4ASNNLY1aofsGotzzGLnrmb1dWmCWeKJ9jKSpFodcBOwJJHjmGod1Ws
BhpZDlUmrNOpB4ho7ehaTTzNmBr1t1+i7SBk/h3wc3PlijNJ6R9217CtoK0Hlz0Q
cexwMVAX1o2Y0ch/dSXi5Y2Y3bMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQDD+ir
vvpMF8kUYGUaKw0f2+ihRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQACVaYgjJu53MjFy0IA1e5PhTzlyDgcURfpl7ecHdYv
RalFMTZVX/UUafkYEe9J8Ot7i/6K4LDpNVIpyGJ7v5WEV9QKaMixxfqyzI26OQYt
MZ5iZ8K/Vr4fCIUQRClDu/Cba6HrmTKlZ3orb8bpN6un8wkiEwG8GKNBprl8o950
UttkweFxehvPTfgnGusWG6gx6M4YeBy77frmXSWbMAfX5grHtkJRRyiUVZv1yun5
173ATBl81uLwTS+SVee5qIhefgfUzipfW/55U/bu66gdUxXfaTzr8D5B99r0P3t2
aDJ8yVzPVoRieAZS0P/zWIZWTRwC/dKx2vmFXzMvUl+V
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:09 2025 by rpki-client