Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: es5nzDnTdShyKnkJbmIJkeO+s9gEqT13jfMizRYCyBY=
Subject key identifier: C8:9A:26:1B:BB:8F:3D:CE:C1:E2:1E:81:F0:D7:91:2F:CE:DE:28:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 691B506F39723046EE72D719898CB6F078C71CA3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Tue 20 May 2025 20:40:58 +0000
ROA not before: Tue 20 May 2025 20:40:58 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:1b:50:6f:39:72:30:46:ee:72:d7:19:89:8c:b6:f0:78:c7:1c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:58 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0e03ebcd1f954bb5cce5719793c9bf27654582a8e0821b3ff7241c9667915a7f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:71:33:6f:ab:ec:2a:c9:93:bb:3f:ef:dc:bb:
c1:08:8e:51:40:2d:4d:52:ae:65:c0:e2:1d:83:9c:
d1:e4:7c:db:1e:ad:58:01:2f:f8:75:f3:02:59:06:
f7:fa:1d:9d:41:8e:2c:84:66:35:0f:0b:05:75:c1:
c5:b1:86:9e:2e:5c:df:0e:30:cb:00:47:55:f7:de:
5d:75:a9:e2:dd:24:cf:50:dc:8e:8a:5b:18:67:9e:
ae:b0:9a:d3:a4:da:73:bb:39:d2:51:b7:a7:56:96:
20:5d:5c:75:ab:41:fb:d4:ab:ad:10:5e:f1:ab:6a:
72:d8:17:9d:f4:41:5c:21:47:c6:2d:f4:f4:c6:75:
2d:54:3c:cf:93:a5:21:47:d9:73:d4:09:f6:fa:2e:
35:b5:d5:ec:7a:ac:f6:97:e4:88:85:8c:20:14:1a:
74:4f:71:41:7a:84:fd:19:a3:ed:3e:20:7e:fb:d8:
3f:b5:25:8a:f1:d7:ce:6d:b4:5b:60:dd:5e:a3:a1:
40:50:f2:5a:06:02:b1:e9:7f:76:b3:1a:e6:2f:e9:
3b:cd:1a:82:b4:15:42:49:cf:98:4a:07:35:82:62:
2a:10:01:0c:5b:63:ca:0b:b4:f1:65:e2:71:d2:b2:
02:3c:c8:ef:89:e7:08:20:a8:7b:02:1d:04:48:da:
52:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:9A:26:1B:BB:8F:3D:CE:C1:E2:1E:81:F0:D7:91:2F:CE:DE:28:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
90:b6:07:af:59:f0:17:b1:76:8f:3b:08:42:04:05:ea:a2:85:
dc:3c:15:ea:f1:69:ca:e9:00:7c:2d:30:85:17:7e:ef:d3:1c:
74:6c:c7:6e:b0:07:5b:e8:a7:66:43:3b:ff:b4:e8:15:a1:fb:
54:70:f9:83:95:cb:9b:ca:b8:72:0e:d7:be:2c:6f:dd:d8:7e:
f7:a3:bd:13:16:20:65:6b:c9:1c:6f:71:1c:3e:b1:1f:99:ee:
ba:ac:3b:47:d9:51:63:8c:7c:57:a3:86:8e:c8:f2:9c:d4:66:
20:19:3e:01:78:17:0f:9a:cb:eb:c7:6f:b4:e8:7e:ef:0e:29:
b1:36:d9:ee:53:86:48:ca:46:8f:ac:fc:3a:40:d6:3c:f1:7a:
19:87:57:25:7b:22:44:a8:05:0f:6e:78:8d:1f:f6:d3:af:4a:
c2:4e:4e:fd:79:d4:e4:de:04:9b:49:72:e3:fe:6d:e2:fa:1d:
56:fc:8e:33:f0:93:8c:e3:4d:e4:bb:64:f7:67:26:a6:e8:4f:
27:28:bd:ff:3d:47:70:81:01:51:6d:76:a1:ef:d1:ec:1c:42:
57:3b:a8:76:9e:fb:f8:88:72:a4:f1:56:bc:d2:45:01:d6:47:
d3:1e:e5:ac:65:26:98:7a:5a:ad:43:db:93:28:7a:68:93:26:
fe:a1:7e:32
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaRtQbzlyMEbuctcZiYy28HjHHKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNThaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMDNlYmNkMWY5NTRiYjVjY2U1NzE5NzkzYzliZjI3NjU0NTgyYThlMDgy
MWIzZmY3MjQxYzk2Njc5MTVhN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFxM2+r7CrJk7s/79y7wQiOUUAtTVKuZcDiHYOc0eR82x6tWAEv+HXzAlkG
9/odnUGOLIRmNQ8LBXXBxbGGni5c3w4wywBHVffeXXWp4t0kz1DcjopbGGeerrCa
06Tac7s50lG3p1aWIF1cdatB+9SrrRBe8atqctgXnfRBXCFHxi309MZ1LVQ8z5Ol
IUfZc9QJ9vouNbXV7Hqs9pfkiIWMIBQadE9xQXqE/Rmj7T4gfvvYP7UlivHXzm20
W2DdXqOhQFDyWgYCsel/drMa5i/pO80agrQVQknPmEoHNYJiKhABDFtjygu08WXi
cdKyAjzI74nnCCCoewIdBEjaUnECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTImiYb
u489zsHiHoHw15Evzt4ozTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAkLYHr1nwF7F2jzsIQgQF6qKF3DwV6vFpyukAfC0w
hRd+79McdGzHbrAHW+inZkM7/7ToFaH7VHD5g5XLm8q4cg7Xvixv3dh+96O9ExYg
ZWvJHG9xHD6xH5nuuqw7R9lRY4x8V6OGjsjynNRmIBk+AXgXD5rL68dvtOh+7w4p
sTbZ7lOGSMpGj6z8OkDWPPF6GYdXJXsiRKgFD254jR/2069Kwk5O/XnU5N4Em0ly
4/5t4vodVvyOM/CTjONN5Ltk92cmpuhPJyi9/z1HcIEBUW12oe/R7BxCVzuodp77
+IhypPFWvNJFAdZH0x7lrGUmmHparUPbkyh6aJMm/qF+Mg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:06 2025 by rpki-client