Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: k6n1Lb95AxEHmcD4f+a9zzoFPUAk33ve0xp+jA5SSTE=
Subject key identifier: DF:F2:B0:DA:36:F0:AB:BD:25:C7:69:D1:93:2E:C1:BC:54:55:CD:07
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2076A98CA12C8809F011D2948C0780453D2592AE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Tue 20 May 2025 20:40:47 +0000
ROA not before: Tue 20 May 2025 20:40:47 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:76:a9:8c:a1:2c:88:09:f0:11:d2:94:8c:07:80:45:3d:25:92:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:47 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=2bb75dc1e7c0e04d0ad1e96076ae1d0f735539327575d16b536bb2cc50a2ee4b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:58:ce:b0:8b:9e:80:fa:9d:9b:c1:42:68:
2d:e4:43:95:07:bf:e6:f4:e4:ad:1e:07:46:eb:a8:
68:7e:26:7b:28:8a:09:a9:e8:4a:79:e6:f3:f1:90:
e7:72:48:b0:2a:ae:3e:d9:76:00:a7:76:f2:23:26:
28:93:23:00:fa:b2:4c:e1:e2:71:2d:e7:40:09:25:
06:e1:16:08:25:be:8b:4b:9d:6e:a9:64:66:f4:29:
26:ea:42:8e:51:74:ae:02:df:85:b5:2c:cb:55:82:
6d:8d:9b:63:2f:c7:7e:f3:e1:dc:c5:f0:d4:f6:59:
8e:ca:16:80:11:ec:ca:e9:95:99:9d:e8:2e:bd:d6:
e4:ea:30:78:11:3d:54:23:cd:52:22:4c:ad:c1:98:
f7:18:74:ed:ff:7a:9a:e5:f7:dd:b8:61:53:dc:e0:
f9:74:5a:f6:d6:cb:86:36:94:ff:ca:19:6b:dd:a2:
99:87:4e:66:a7:7b:1b:c1:ff:7c:28:7f:c7:8c:ec:
c9:96:87:67:d3:72:f3:38:80:23:22:11:76:2a:f1:
8e:4a:e3:d2:c3:79:37:5c:4d:b6:cc:89:0f:15:c6:
14:31:0b:5d:39:e8:40:02:ec:f1:60:55:40:c8:cc:
29:b0:18:97:cb:a4:a5:a3:9b:ff:d4:9b:7d:59:55:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F2:B0:DA:36:F0:AB:BD:25:C7:69:D1:93:2E:C1:BC:54:55:CD:07
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:05:1a:71:2f:e4:a6:97:89:33:96:91:a0:19:71:96:18:77:
1a:46:5d:33:f8:a7:f7:e9:4c:1e:0e:f0:47:3d:28:a5:97:96:
6e:8a:40:23:22:01:29:f8:de:51:38:74:65:b5:0f:c6:d0:b8:
5d:a1:11:3e:10:87:37:ba:5a:81:3c:17:1b:4f:99:25:ff:b1:
3d:78:af:df:25:e9:ef:ad:d6:47:a5:53:88:24:1a:a6:c8:46:
f3:af:55:fd:7a:47:35:b5:87:14:7c:d8:d5:e4:82:39:1d:45:
3e:56:d2:14:d7:ad:8e:d2:1b:a3:e2:40:26:15:53:65:6f:95:
8b:8c:e9:12:ee:32:af:ae:ce:78:1e:d1:15:14:f9:dd:20:56:
54:7c:6c:50:a1:29:c2:fb:ac:74:b4:87:42:54:73:b9:ac:1c:
5a:26:08:34:7c:da:3f:87:a4:50:d6:e7:18:c2:e9:70:37:a1:
00:a0:38:63:03:1e:cc:95:db:5b:33:07:1b:a2:d7:ff:98:23:
8b:d8:0d:d0:5b:73:d3:dd:12:aa:e9:16:82:c5:4e:6b:2e:d3:
a5:5d:cf:cc:a9:4f:e9:f5:4f:fd:95:a4:ce:98:15:0f:65:0e:
6c:dd:93:f2:5e:aa:13:c2:f8:38:43:43:eb:6c:7c:fc:14:68:
43:24:db:1c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIHapjKEsiAnwEdKUjAeART0lkq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNDdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiYjc1ZGMxZTdjMGUwNGQwYWQxZTk2MDc2YWUxZDBmNzM1NTM5MzI3NTc1
ZDE2YjUzNmJiMmNjNTBhMmVlNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWdWM6wi56A+p2bwUJoLeRDlQe/5vTkrR4HRuuoaH4meyiKCanoSnnm8/GQ
53JIsCquPtl2AKd28iMmKJMjAPqyTOHicS3nQAklBuEWCCW+i0udbqlkZvQpJupC
jlF0rgLfhbUsy1WCbY2bYy/HfvPh3MXw1PZZjsoWgBHsyumVmZ3oLr3W5OoweBE9
VCPNUiJMrcGY9xh07f96muX33bhhU9zg+XRa9tbLhjaU/8oZa92imYdOZqd7G8H/
fCh/x4zsyZaHZ9Ny8ziAIyIRdirxjkrj0sN5N1xNtsyJDxXGFDELXTnoQALs8WBV
QMjMKbAYl8ukpaOb/9SbfVlVLesCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTf8rDa
NvCrvSXHadGTLsG8VFXNBzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAjAUacS/kppeJM5aRoBlxlhh3GkZdM/in9+lMHg7w
Rz0opZeWbopAIyIBKfjeUTh0ZbUPxtC4XaERPhCHN7pagTwXG0+ZJf+xPXiv3yXp
763WR6VTiCQapshG869V/XpHNbWHFHzY1eSCOR1FPlbSFNetjtIbo+JAJhVTZW+V
i4zpEu4yr67OeB7RFRT53SBWVHxsUKEpwvusdLSHQlRzuawcWiYINHzaP4ekUNbn
GMLpcDehAKA4YwMezJXbWzMHG6LX/5gji9gN0Ftz090SqukWgsVOay7TpV3PzKlP
6fVP/ZWkzpgVD2UObN2T8l6qE8L4OEND62x8/BRoQyTbHA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:57 2025 by rpki-client