Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: duhUHVY5fGSYff6TzA80rcjFzwlKA5hHY5fyjhrOIhg=
Subject key identifier: 6C:BE:42:03:8E:E3:38:D0:B1:42:81:3B:8C:18:B9:15:7C:16:D3:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70132669AC5ED78A3BC360B9FAA79F6E4D4A0DB1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Fri 25 Apr 2025 20:31:03 +0000
ROA not before: Fri 25 Apr 2025 20:31:03 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:13:26:69:ac:5e:d7:8a:3b:c3:60:b9:fa:a7:9f:6e:4d:4a:0d:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:03 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=4e70d22370f33263c5d04a9e350cd63ef62310e26664854b7fb047b98e37af13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:79:ce:28:80:da:44:54:9d:70:ab:21:4a:9a:
30:41:fa:a4:5a:30:95:09:23:09:76:07:01:d4:15:
c3:be:31:9f:7b:7b:89:35:97:49:b1:72:0c:45:17:
0c:59:1a:47:72:49:24:52:bd:45:9e:ae:d9:14:84:
8e:29:d3:83:05:b6:bd:f0:0e:c3:07:b1:a4:51:62:
8c:cd:15:41:36:4c:50:ec:b1:e9:dd:3c:89:e6:96:
35:e4:35:12:c4:77:1a:c6:9e:dd:1c:5a:6b:ac:8d:
38:a6:34:18:8c:22:1d:bb:d2:3e:59:f3:32:39:50:
12:1a:5d:84:33:ea:f1:15:7d:63:75:d6:b1:fd:07:
97:03:0d:40:21:f6:3b:fa:3e:17:50:1f:72:d6:8b:
da:89:e2:80:aa:9b:fa:66:51:e1:5d:5c:00:44:10:
d7:67:1d:4b:22:b5:d3:6b:46:10:38:b4:35:a4:e9:
0c:42:49:24:33:1f:1b:43:eb:84:3b:99:eb:fb:b5:
17:7a:ba:65:66:77:1e:c7:c6:09:aa:21:4b:eb:a9:
75:75:6f:2e:48:d2:df:85:5e:0a:c1:f1:0d:51:4e:
dc:10:96:0d:d1:9a:1d:f3:08:cc:97:90:91:51:ab:
e7:b3:8a:30:d2:2d:e5:11:66:f5:52:b6:f4:74:ba:
2b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:BE:42:03:8E:E3:38:D0:B1:42:81:3B:8C:18:B9:15:7C:16:D3:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:e2:7c:0a:2e:f4:29:21:e9:9e:25:bc:c7:5d:4c:12:01:71:
ed:e7:2a:5d:3b:bb:84:03:f6:1e:36:6c:8b:4c:c9:1a:9d:26:
3a:0c:a5:df:15:33:fb:40:cd:1d:9d:c2:c9:db:9c:ad:89:e7:
f3:ed:f0:cf:24:50:5a:be:ea:be:f2:49:a6:f5:0b:76:1b:f2:
51:c8:0f:96:a6:04:a5:c0:82:48:0a:8c:16:06:df:74:05:ab:
02:47:f2:52:3b:d1:25:98:9b:b6:8a:8c:e5:62:57:2a:ff:67:
aa:ad:b9:33:6a:08:39:cb:18:93:c6:d3:52:20:ef:3f:4a:f0:
a0:86:fc:20:f5:f6:5d:cc:a8:bb:ad:40:40:76:16:df:05:2d:
a7:0d:39:c2:0a:0e:3f:65:1d:e9:c8:58:64:63:ee:e7:03:88:
6c:7e:ea:de:ae:e5:7b:44:da:4c:5e:b9:b4:ed:3e:af:3c:0c:
32:bb:2b:ac:65:5c:7d:5d:7c:95:45:07:5f:49:51:06:d8:bb:
37:e7:32:c1:cb:1c:be:aa:b0:9b:b8:4c:e5:46:33:5c:23:80:
a3:3f:5d:46:69:24:be:54:ab:a7:47:c4:92:6f:6a:b3:07:35:
32:b3:18:4a:8b:2e:93:9b:28:16:65:7c:10:e4:eb:b9:d2:13:
3e:18:4c:a3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcBMmaaxe14o7w2C5+qefbk1KDbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMDNaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNzBkMjIzNzBmMzMyNjNjNWQwNGE5ZTM1MGNkNjNlZjYyMzEwZTI2NjY0
ODU0YjdmYjA0N2I5OGUzN2FmMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJ5ziiA2kRUnXCrIUqaMEH6pFowlQkjCXYHAdQVw74xn3t7iTWXSbFyDEUX
DFkaR3JJJFK9RZ6u2RSEjinTgwW2vfAOwwexpFFijM0VQTZMUOyx6d08ieaWNeQ1
EsR3Gsae3Rxaa6yNOKY0GIwiHbvSPlnzMjlQEhpdhDPq8RV9Y3XWsf0HlwMNQCH2
O/o+F1AfctaL2onigKqb+mZR4V1cAEQQ12cdSyK102tGEDi0NaTpDEJJJDMfG0Pr
hDuZ6/u1F3q6ZWZ3HsfGCaohS+updXVvLkjS34VeCsHxDVFO3BCWDdGaHfMIzJeQ
kVGr57OKMNIt5RFm9VK29HS6K8kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRsvkID
juM40LFCgTuMGLkVfBbTVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAHeJ8Ci70KSHpniW8x11MEgFx7ecqXTu7hAP2HjZs
i0zJGp0mOgyl3xUz+0DNHZ3CyducrYnn8+3wzyRQWr7qvvJJpvULdhvyUcgPlqYE
pcCCSAqMFgbfdAWrAkfyUjvRJZibtoqM5WJXKv9nqq25M2oIOcsYk8bTUiDvP0rw
oIb8IPX2Xcyou61AQHYW3wUtpw05wgoOP2Ud6chYZGPu5wOIbH7q3q7le0TaTF65
tO0+rzwMMrsrrGVcfV18lUUHX0lRBti7N+cywcscvqqwm7hM5UYzXCOAoz9dRmkk
vlSrp0fEkm9qswc1MrMYSosuk5soFmV8EOTrudITPhhMow==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:52:49 2025 by rpki-client