Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json)
Hash identifier: KvHVRjzwipGsX7tEURIyJXDDuJDTv7FhyL1UFpj3xGQ=
Subject key identifier: F4:35:93:63:C6:DD:01:36:EA:EA:0C:D9:04:1F:7F:54:51:89:F0:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C1B28637804719B3147A39897FA8759D410710C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
Signing time: Tue 20 May 2025 20:50:15 +0000
ROA not before: Tue 20 May 2025 20:50:15 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:1b:28:63:78:04:71:9b:31:47:a3:98:97:fa:87:59:d4:10:71:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:15 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=03942687952e3382008a5619f1d011dba7262a6d069adcd5bf7b97c53e15d932, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ab:41:96:1d:aa:37:18:25:3d:5c:7d:1b:d9:
30:55:ca:02:64:4e:68:8b:21:1d:6e:6a:bc:3c:0a:
76:ce:17:aa:f8:da:08:88:17:4d:92:1a:b0:bd:92:
68:aa:b7:e7:9d:3d:72:b3:97:3d:b1:bf:f5:f8:d9:
78:58:72:5a:3a:8d:c1:37:ae:97:e0:b0:23:4b:82:
60:47:41:ab:05:e0:cb:8a:56:1e:46:97:cb:15:3b:
0d:a1:39:08:63:51:11:af:89:8f:fb:24:a4:3b:3d:
6b:8d:76:d3:3d:ca:f3:e1:5b:92:66:94:b6:64:e5:
99:b0:ae:c5:93:ef:58:72:b8:3f:6c:e3:d3:11:28:
4d:e6:f1:d5:4d:3f:a4:4b:73:c2:c1:23:9c:d9:79:
5d:ed:c8:f0:2d:01:7a:6a:92:5b:dc:38:75:15:c5:
4c:aa:49:6f:33:08:53:c7:5d:0f:64:63:2b:36:5d:
d1:f6:bd:cf:b1:2b:d1:15:31:4d:21:f5:f5:53:fa:
23:12:7e:ef:c2:54:8d:fd:e3:5a:39:05:fe:c1:f0:
66:42:41:23:c1:46:20:c6:73:4b:65:db:10:97:4b:
82:13:bc:bf:27:9c:2e:18:6a:88:57:db:cf:a5:9f:
2e:88:d9:8a:35:d2:9c:48:df:79:56:cc:c0:e2:8d:
cc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:35:93:63:C6:DD:01:36:EA:EA:0C:D9:04:1F:7F:54:51:89:F0:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
39:02:d6:95:65:75:d8:cb:41:d8:ca:68:27:37:b0:4c:70:9c:
e3:8b:fe:d9:6e:82:79:97:a8:b2:b8:ba:95:51:e5:70:f0:b2:
bc:2e:d6:e0:99:ad:7a:a8:30:68:7e:cf:0b:c7:48:66:b6:b1:
7f:d9:79:d7:31:6d:f9:1c:83:52:55:20:5c:b2:ca:09:f6:f5:
0e:bb:35:ca:37:a1:2a:bc:ad:32:b5:42:a6:23:08:e3:53:24:
df:c3:a5:07:13:b7:61:16:0a:c3:01:fd:e3:01:16:ba:98:63:
78:6b:b1:be:08:72:bb:10:6f:44:1f:a4:fa:45:64:63:06:5e:
31:27:e7:03:39:4a:28:b2:21:e4:92:16:b2:94:a8:aa:13:70:
48:5c:fe:1a:b5:eb:fa:72:3b:48:d9:ff:67:29:ff:66:c1:d6:
1c:1e:36:9a:79:2a:17:8c:2d:a6:fb:50:14:97:99:0b:e0:70:
1c:c8:5c:40:38:17:41:32:3b:f1:b1:5e:33:87:ae:0c:b1:55:
59:1e:06:cd:41:fd:7f:db:2f:8e:16:75:1e:f3:40:d6:c5:de:
ac:7e:ed:0c:69:f1:5b:47:c1:3d:5c:74:83:1f:93:af:cd:da:
44:b1:db:23:77:bd:05:45:19:cc:4b:fa:46:14:0f:09:f6:5e:
76:5d:69:8c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbBsoY3gEcZsxR6OYl/qHWdQQcQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzOTQyNjg3OTUyZTMzODIwMDhhNTYxOWYxZDAxMWRiYTcyNjJhNmQwNjlh
ZGNkNWJmN2I5N2M1M2UxNWQ5MzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANmrQZYdqjcYJT1cfRvZMFXKAmROaIshHW5qvDwKds4XqvjaCIgXTZIasL2S
aKq35509crOXPbG/9fjZeFhyWjqNwTeul+CwI0uCYEdBqwXgy4pWHkaXyxU7DaE5
CGNREa+Jj/skpDs9a4120z3K8+FbkmaUtmTlmbCuxZPvWHK4P2zj0xEoTebx1U0/
pEtzwsEjnNl5Xe3I8C0BemqSW9w4dRXFTKpJbzMIU8ddD2RjKzZd0fa9z7Er0RUx
TSH19VP6IxJ+78JUjf3jWjkF/sHwZkJBI8FGIMZzS2XbEJdLghO8vyecLhhqiFfb
z6WfLojZijXSnEjfeVbMwOKNzPUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0NZNj
xt0BNurqDNkEH39UUYnwizAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQA5AtaVZXXYy0HYymgnN7BMcJzji/7ZboJ5l6iyuLqV
UeVw8LK8Ltbgma16qDBofs8Lx0hmtrF/2XnXMW35HINSVSBcssoJ9vUOuzXKN6Eq
vK0ytUKmIwjjUyTfw6UHE7dhFgrDAf3jARa6mGN4a7G+CHK7EG9EH6T6RWRjBl4x
J+cDOUoosiHkkhaylKiqE3BIXP4atev6cjtI2f9nKf9mwdYcHjaaeSoXjC2m+1AU
l5kL4HAcyFxAOBdBMjvxsV4zh64MsVVZHgbNQf1/2y+OFnUe80DWxd6sfu0MafFb
R8E9XHSDH5OvzdpEsdsjd70FRRnMS/pGFA8J9l52XWmM
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:31 2025 by rpki-client