Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: HyG0f8xtF2VmS4KpFja5Uj0TNnq8ZuJ7ayMSSznGK7E=
Subject key identifier: 6B:74:B0:65:F7:B7:B1:7F:DB:6A:86:B4:E6:BC:E5:AC:76:04:7A:B7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C6AD74704498078DBDC3CAAA329DACD24095699
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Tue 20 May 2025 20:41:00 +0000
ROA not before: Tue 20 May 2025 20:41:00 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:6a:d7:47:04:49:80:78:db:dc:3c:aa:a3:29:da:cd:24:09:56:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:00 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=c1325feab87a1be7881173d64b976e0f40381fdb6f9019dc70e90cae2006a70f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2d:6a:4b:11:7b:5a:be:48:d5:bf:da:38:66:
1c:7a:46:b1:41:60:bc:29:18:a4:76:3e:4c:75:53:
89:0b:29:4f:d4:91:ba:33:49:6f:3f:76:78:cc:17:
b9:f4:09:c9:9a:85:58:1a:cb:92:02:94:50:30:5f:
3d:c4:a5:3e:4c:4a:71:91:9c:06:cb:d4:3a:54:5f:
0c:93:b1:b0:21:b4:18:79:ab:08:27:51:8c:02:bf:
68:8d:b4:b6:8e:67:e2:a1:d1:a9:fc:ca:df:24:85:
37:ab:6d:67:13:69:cf:40:20:b6:2c:12:ce:d0:b0:
6a:9f:28:3d:9e:08:a8:0e:fd:60:61:99:1d:53:92:
1a:38:82:9b:91:13:d0:50:41:6b:52:bc:ad:bd:14:
59:0e:a7:7a:f8:ef:13:a4:c1:11:6d:75:98:19:9e:
97:a4:1b:87:76:36:44:01:f9:51:ec:08:00:fe:ef:
ee:74:4e:63:a6:2a:dc:60:a8:b2:30:ae:34:5c:17:
6e:4e:fe:99:f6:ef:bc:24:2d:ed:02:dc:e6:42:47:
2a:bf:48:5e:41:51:c3:fc:68:06:06:d1:27:8e:ba:
46:b2:e7:55:04:88:70:aa:68:27:ed:c0:93:c5:30:
bb:c3:42:1b:e7:c3:a8:a0:bf:f1:e6:42:4a:a0:9a:
6b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:74:B0:65:F7:B7:B1:7F:DB:6A:86:B4:E6:BC:E5:AC:76:04:7A:B7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
04:44:e4:92:3d:64:e7:d2:89:5c:d7:81:3a:64:91:19:2e:0e:
73:cd:1d:cf:07:38:98:82:72:1f:f5:93:8a:b1:87:1c:fa:80:
f2:87:9a:c3:e0:9a:35:f7:0a:1a:31:c0:ba:40:98:98:e2:04:
48:fc:3f:1d:f3:bd:d7:b6:12:27:8f:8e:16:b3:8a:91:d0:35:
63:67:35:50:87:6f:ae:f4:39:48:9f:b5:c0:e1:37:d0:f6:9b:
04:25:81:24:3a:5f:de:d7:65:67:d5:88:2c:67:96:0b:32:fc:
38:12:47:a3:fb:9a:3d:15:b0:45:55:30:04:49:d6:9f:87:7e:
cb:eb:95:f2:f9:1a:44:c8:bc:7c:00:63:1b:6a:c6:55:46:68:
9b:4e:c5:c1:b7:3f:9d:e8:b2:27:9d:38:d9:fd:2a:1e:06:af:
6b:33:fd:99:65:0b:88:b5:be:69:0c:58:c4:0f:b2:9c:a3:8f:
5a:98:7f:6c:00:96:f1:0c:9d:40:b9:97:17:40:db:46:13:63:
a6:2f:3e:67:ce:3e:71:7f:cd:08:d4:0d:fc:10:e0:3a:a3:94:
de:19:f1:80:9f:23:04:95:aa:0f:60:48:24:72:16:ed:4c:5e:
a8:36:f5:f4:3b:d9:70:f2:46:67:21:7c:c9:fc:38:dd:a9:94:
20:ca:d3:2a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULGrXRwRJgHjb3DyqoynazSQJVpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMDBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMzI1ZmVhYjg3YTFiZTc4ODExNzNkNjRiOTc2ZTBmNDAzODFmZGI2Zjkw
MTlkYzcwZTkwY2FlMjAwNmE3MGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8taksRe1q+SNW/2jhmHHpGsUFgvCkYpHY+THVTiQspT9SRujNJbz92eMwX
ufQJyZqFWBrLkgKUUDBfPcSlPkxKcZGcBsvUOlRfDJOxsCG0GHmrCCdRjAK/aI20
to5n4qHRqfzK3ySFN6ttZxNpz0AgtiwSztCwap8oPZ4IqA79YGGZHVOSGjiCm5ET
0FBBa1K8rb0UWQ6nevjvE6TBEW11mBmel6Qbh3Y2RAH5UewIAP7v7nROY6Yq3GCo
sjCuNFwXbk7+mfbvvCQt7QLc5kJHKr9IXkFRw/xoBgbRJ466RrLnVQSIcKpoJ+3A
k8Uwu8NCG+fDqKC/8eZCSqCaa4sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRrdLBl
97exf9tqhrTmvOWsdgR6tzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEABETkkj1k59KJXNeBOmSRGS4Oc80dzwc4mIJyH/WT
irGHHPqA8oeaw+CaNfcKGjHAukCYmOIESPw/HfO917YSJ4+OFrOKkdA1Y2c1UIdv
rvQ5SJ+1wOE30PabBCWBJDpf3tdlZ9WILGeWCzL8OBJHo/uaPRWwRVUwBEnWn4d+
y+uV8vkaRMi8fABjG2rGVUZom07Fwbc/neiyJ5042f0qHgavazP9mWULiLW+aQxY
xA+ynKOPWph/bACW8QydQLmXF0DbRhNjpi8+Z84+cX/NCNQN/BDgOqOU3hnxgJ8j
BJWqD2BIJHIW7UxeqDb19DvZcPJGZyF8yfw43amUIMrTKg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:04 2025 by rpki-client