Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: UbopPGI5p4asaTMTg+rUeGdlNw4mRYOjgFwcVUZ6FbI=
Subject key identifier: BC:83:BA:C4:62:75:15:52:1C:DD:2B:FA:E8:93:B4:C9:50:9F:D1:45
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 27BB78AE3336D4FBAC32AD9608CACD9454E780B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Fri 25 Apr 2025 20:30:52 +0000
ROA not before: Fri 25 Apr 2025 20:30:52 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:bb:78:ae:33:36:d4:fb:ac:32:ad:96:08:ca:cd:94:54:e7:80:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:30:52 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a9a9cc969369c80940d69e113715ae6da11ae41dfcaa1ae512114240fad72711, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9b:c1:0d:2f:03:b1:54:54:cc:69:d7:a1:e2:
60:72:fe:43:92:af:f2:a8:c1:07:53:59:61:0b:25:
79:d4:85:0d:9d:bf:19:10:13:36:dc:48:a4:b9:b9:
c7:7f:5e:30:5a:9e:f9:39:ea:79:f5:24:04:0c:57:
d4:e5:aa:cf:ba:03:c7:af:27:58:fa:d9:e9:13:96:
3c:72:ea:ac:4e:ce:74:d2:fe:5d:9c:a5:62:3f:55:
1c:71:68:b3:0f:6f:47:6d:98:73:c0:ed:03:d5:21:
df:62:9f:84:08:be:7d:fc:db:3b:89:1c:14:f1:fd:
7d:65:67:34:51:42:2c:08:4d:32:94:5b:c5:12:83:
b2:df:44:48:d8:6a:43:62:fb:ee:6a:00:5b:d9:02:
62:2b:2d:77:3a:29:ac:60:99:9f:a2:fb:e7:90:7d:
c7:a3:be:8c:3a:4f:2a:9e:b6:aa:da:19:c6:cf:9f:
22:4a:bf:57:97:36:41:b1:56:d8:92:97:42:bf:52:
0a:0a:c2:b8:94:59:fc:75:9f:75:f1:21:05:07:f9:
17:26:db:05:39:b5:ce:86:19:5d:04:b2:84:6f:5b:
1d:c1:e8:70:3b:62:38:2d:32:29:3c:c1:0f:b0:a3:
5b:10:8d:11:55:1f:77:7d:fb:69:73:fc:80:f2:72:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:83:BA:C4:62:75:15:52:1C:DD:2B:FA:E8:93:B4:C9:50:9F:D1:45
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
29:7f:21:3a:de:1d:20:62:8e:cd:25:05:d1:09:af:ae:8f:ba:
e3:47:c8:9d:d3:45:97:0c:f9:be:68:56:27:94:70:f0:a8:52:
3c:df:b8:20:d4:4c:53:5d:a5:30:00:da:53:2d:1e:da:93:63:
e6:35:ea:3d:77:cc:71:2c:a6:df:0d:e1:9b:1b:22:0d:3c:d3:
6b:7b:43:25:55:50:09:75:ec:e2:b4:47:65:83:4c:0e:5e:9e:
ef:ac:c1:b1:62:cc:cb:8b:e3:44:38:e6:3e:d4:ff:67:0f:8b:
88:15:dc:1a:a2:84:5f:13:ed:dc:b7:ff:ea:c0:48:a7:0e:12:
74:fc:6f:53:d9:3d:51:4f:de:09:11:ad:70:b2:6b:1b:d7:bb:
14:a6:c3:b7:78:7d:26:8b:19:61:05:ab:4a:bf:76:95:17:bc:
6b:b1:87:cb:2e:19:22:60:5a:11:d4:38:ec:d2:4d:71:59:09:
b6:5d:75:b8:2a:49:1d:f9:fe:5b:2e:71:df:2f:3e:1f:a4:99:
59:a6:26:a9:ee:e7:87:a2:f4:5c:e3:57:5a:72:16:6d:2c:32:
88:81:a5:6d:6e:00:d2:c9:2c:2c:40:cf:b8:e9:43:05:b4:1e:
d1:78:e1:c1:ba:de:48:46:2d:7e:a4:2b:6a:a1:33:d6:3d:dc:
3e:a7:57:94
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJ7t4rjM21PusMq2WCMrNlFTngLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMwNTJaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5YTljYzk2OTM2OWM4MDk0MGQ2OWUxMTM3MTVhZTZkYTExYWU0MWRmY2Fh
MWFlNTEyMTE0MjQwZmFkNzI3MTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIebwQ0vA7FUVMxp16HiYHL+Q5Kv8qjBB1NZYQsledSFDZ2/GRATNtxIpLm5
x39eMFqe+TnqefUkBAxX1OWqz7oDx68nWPrZ6ROWPHLqrE7OdNL+XZylYj9VHHFo
sw9vR22Yc8DtA9Uh32KfhAi+ffzbO4kcFPH9fWVnNFFCLAhNMpRbxRKDst9ESNhq
Q2L77moAW9kCYistdzoprGCZn6L755B9x6O+jDpPKp62qtoZxs+fIkq/V5c2QbFW
2JKXQr9SCgrCuJRZ/HWfdfEhBQf5FybbBTm1zoYZXQSyhG9bHcHocDtiOC0yKTzB
D7CjWxCNEVUfd337aXP8gPJyXskCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8g7rE
YnUVUhzdK/rok7TJUJ/RRTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAKX8hOt4dIGKOzSUF0Qmvro+640fIndNFlwz5vmhW
J5Rw8KhSPN+4INRMU12lMADaUy0e2pNj5jXqPXfMcSym3w3hmxsiDTzTa3tDJVVQ
CXXs4rRHZYNMDl6e76zBsWLMy4vjRDjmPtT/Zw+LiBXcGqKEXxPt3Lf/6sBIpw4S
dPxvU9k9UU/eCRGtcLJrG9e7FKbDt3h9JosZYQWrSr92lRe8a7GHyy4ZImBaEdQ4
7NJNcVkJtl11uCpJHfn+Wy5x3y8+H6SZWaYmqe7nh6L0XONXWnIWbSwyiIGlbW4A
0sksLEDPuOlDBbQe0XjhwbreSEYtfqQraqEz1j3cPqdXlA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:30:31 2025 by rpki-client