Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: UNfSCy6BUei1QBck+YhIt2sAD2taqcWNRQpEAjyJh3U=
Subject key identifier: B9:0B:FF:EB:6A:78:52:C5:9E:C7:BF:E8:23:71:6B:57:DC:77:62:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F5DE74590113E50706AA16B9C2D4F3243D438B4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Fri 25 Apr 2025 20:31:06 +0000
ROA not before: Fri 25 Apr 2025 20:31:06 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:5d:e7:45:90:11:3e:50:70:6a:a1:6b:9c:2d:4f:32:43:d4:38:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:06 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=acaf8280fe09bd05916bfcaa3299953edc50f05442d2ca35e4cb88fd0ec4fba1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:79:4c:d7:16:0a:27:96:02:c8:6a:cc:ec:61:
aa:4f:2b:95:72:6a:e2:7a:91:4b:60:77:4a:98:b5:
98:c2:bf:c7:da:58:d0:de:46:9a:51:96:16:5c:11:
ed:83:fd:4b:b3:7e:66:26:3f:eb:69:66:64:ad:f2:
4b:5b:bf:33:89:10:84:6f:67:0a:7c:80:3f:64:65:
6b:34:dd:af:61:fd:a3:1a:49:04:07:39:21:7f:dc:
07:66:1f:b7:b9:41:ff:96:c4:81:2d:05:f8:85:9c:
03:45:38:3a:b6:13:6c:10:8a:7d:af:4b:0c:72:cc:
23:66:08:d6:0b:01:f4:68:02:c6:13:4e:6c:b9:91:
39:39:97:7a:a2:3d:c5:de:d4:c9:5e:f3:ed:5b:87:
84:03:da:82:0c:0e:3f:e0:4e:41:f2:41:74:ec:8f:
67:64:60:e5:64:8d:65:d3:50:d0:a7:a2:b3:ea:5e:
a2:6e:7b:f1:a6:fe:02:72:a1:7e:83:f9:2c:1b:c3:
e1:20:57:92:5b:70:54:72:fc:d3:a7:5f:b6:d3:0e:
0e:3b:f8:79:44:97:dc:55:c7:5e:8b:62:ca:ac:9d:
23:1a:46:cb:4a:19:47:00:89:71:5d:88:c9:0b:f7:
90:dc:b2:b1:19:e8:ac:b6:d6:51:69:d8:3f:3a:d6:
7d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:0B:FF:EB:6A:78:52:C5:9E:C7:BF:E8:23:71:6B:57:DC:77:62:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
64:05:b4:67:02:b7:1c:18:15:24:e4:06:45:14:66:50:20:c2:
57:02:e7:24:b7:47:8b:b6:fc:ed:3b:a2:f7:47:f1:0a:68:1a:
4f:5f:06:76:cb:a3:fb:d6:53:c0:10:fb:c4:49:e4:9e:a5:e2:
a6:a2:91:ba:dd:b5:71:a8:5f:c2:83:14:f5:7d:f8:07:ef:57:
ab:a5:78:62:d7:e7:34:75:3c:03:98:86:e9:db:ad:ac:dd:77:
a4:6a:7f:41:21:6e:af:54:82:b1:50:88:3b:59:44:67:91:f2:
97:c4:56:34:a6:e3:41:35:87:b2:23:f3:a2:30:55:02:83:57:
a5:6d:81:42:81:3e:91:fa:5b:0b:f5:c2:d2:59:ed:b4:6b:5c:
6e:b4:68:a4:d3:d3:3c:5f:f5:27:4d:27:3e:68:d8:11:36:9c:
cf:f0:8a:f4:05:f4:33:06:56:ba:cd:b0:cf:65:02:90:e3:cf:
03:1b:33:6b:cc:d0:fa:3e:c1:21:51:73:6f:74:b9:41:74:50:
56:94:86:c9:54:e4:57:d5:ab:01:6a:e8:56:86:03:65:ac:5c:
38:cd:73:e3:df:94:e9:16:a2:88:f2:01:cc:be:2b:9a:f8:be:
ad:91:a3:14:f0:18:41:cf:7f:f1:22:8a:3a:fa:01:6b:df:43:
07:31:04:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb13nRZARPlBwaqFrnC1PMkPUOLQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMDZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjYWY4MjgwZmUwOWJkMDU5MTZiZmNhYTMyOTk5NTNlZGM1MGYwNTQ0MmQy
Y2EzNWU0Y2I4OGZkMGVjNGZiYTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMV5TNcWCieWAshqzOxhqk8rlXJq4nqRS2B3Spi1mMK/x9pY0N5GmlGWFlwR
7YP9S7N+ZiY/62lmZK3yS1u/M4kQhG9nCnyAP2RlazTdr2H9oxpJBAc5IX/cB2Yf
t7lB/5bEgS0F+IWcA0U4OrYTbBCKfa9LDHLMI2YI1gsB9GgCxhNObLmROTmXeqI9
xd7UyV7z7VuHhAPaggwOP+BOQfJBdOyPZ2Rg5WSNZdNQ0Keis+peom578ab+AnKh
foP5LBvD4SBXkltwVHL806dfttMODjv4eUSX3FXHXotiyqydIxpGy0oZRwCJcV2I
yQv3kNyysRnorLbWUWnYPzrWfR0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS5C//r
anhSxZ7Hv+gjcWtX3HdiqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAZAW0ZwK3HBgVJOQGRRRmUCDCVwLnJLdHi7b87Tui
90fxCmgaT18Gdsuj+9ZTwBD7xEnknqXipqKRut21cahfwoMU9X34B+9Xq6V4Ytfn
NHU8A5iG6dutrN13pGp/QSFur1SCsVCIO1lEZ5Hyl8RWNKbjQTWHsiPzojBVAoNX
pW2BQoE+kfpbC/XC0lnttGtcbrRopNPTPF/1J00nPmjYETacz/CK9AX0MwZWus2w
z2UCkOPPAxsza8zQ+j7BIVFzb3S5QXRQVpSGyVTkV9WrAWroVoYDZaxcOM1z49+U
6RaiiPIBzL4rmvi+rZGjFPAYQc9/8SKKOvoBa99DBzEEVQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:52:47 2025 by rpki-client