Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
File: d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa (raw, json)
Hash identifier: 6LFqAqz8snV0SiZYfJG4E51BBsCZnrULa92KKzFye2E=
Subject key identifier: 85:12:23:3B:7D:F5:BB:B1:3E:2C:B6:B1:F3:30:81:39:BB:C7:D7:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2ABB5762B14D01B869164A2E802257CAA35A1E2F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
Signing time: Mon 26 May 2025 15:20:05 +0000
ROA not before: Mon 26 May 2025 15:20:05 +0000
ROA not after: Mon 30 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:bb:57:62:b1:4d:01:b8:69:16:4a:2e:80:22:57:ca:a3:5a:1e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 26 15:20:05 2025 GMT
Not After : Jun 30 23:59:59 2025 GMT
Subject: serialNumber=f51e10a2c56374f1b0270579839949cd69df8eba52f66d82552eeffd4e6172fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:70:7d:82:4b:8a:a1:86:ed:0d:14:32:76:0c:
61:47:0a:00:68:73:22:74:1c:51:4c:21:3f:e9:bf:
4f:14:28:29:c8:dc:f2:89:70:8e:31:c7:c4:f7:b6:
d1:8d:18:0d:06:a6:a0:45:79:bf:6c:b4:74:8f:02:
86:1b:81:72:1c:d4:42:47:66:58:78:7b:87:14:18:
d7:f2:1d:8b:cc:36:b7:8f:69:ae:15:b7:07:9c:16:
c5:28:95:37:8a:1c:d3:b9:23:6c:c7:16:ee:5f:d4:
c4:b9:a7:3a:c6:0a:40:5c:02:3b:13:5c:ac:7f:69:
48:12:b2:86:3a:8a:1a:ca:e0:3d:84:44:d0:39:f2:
33:da:06:24:50:9a:13:a1:ec:07:09:1e:fd:0b:9c:
07:2a:e9:fe:47:84:9f:75:4c:d0:1f:bb:8b:88:ae:
18:d5:af:cd:d6:a7:fd:3b:98:91:12:97:2b:4b:2e:
06:47:4c:a3:be:8e:5a:28:f8:b9:2a:42:26:02:e4:
53:67:91:04:a6:4c:dd:73:bc:7b:6b:fb:9e:a2:3b:
a4:64:dc:91:9c:c2:8d:f8:59:78:b7:7d:1e:0c:87:
76:14:71:41:27:61:79:c9:16:08:07:d9:f7:f7:22:
ed:35:53:d9:c8:b1:79:89:65:51:ea:db:73:90:6b:
0b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:12:23:3B:7D:F5:BB:B1:3E:2C:B6:B1:F3:30:81:39:BB:C7:D7:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
65:d2:01:b8:1a:d9:21:ff:88:94:28:e7:fa:69:39:c7:6c:4d:
e5:a2:f0:30:0d:c9:8e:2f:ae:e4:ae:fb:7b:ae:6b:bd:58:34:
88:1c:c3:de:3d:1b:31:a6:db:0d:d3:89:f3:96:b7:69:27:ea:
84:4b:0b:61:78:b0:85:ae:d4:39:de:1d:8a:4a:2c:a8:be:40:
3a:c3:92:21:61:91:41:ff:44:90:c0:c4:65:6a:7c:ae:0c:7f:
c0:9e:9c:ad:bd:34:02:22:9b:0b:08:d3:f8:09:3c:b0:63:3a:
17:e8:ca:e6:39:f7:d8:78:b3:b3:ac:c3:84:fd:74:dc:41:52:
16:43:a1:df:a3:67:8a:9f:ba:93:97:27:b1:9b:51:01:5a:4e:
ac:c2:e0:33:78:90:4c:a1:70:50:8e:09:cc:b8:03:24:60:82:
2f:30:50:36:bf:c5:94:f7:88:38:c4:17:6f:5c:64:ab:8e:81:
a1:e7:3c:c3:25:2f:e7:2b:57:c3:85:e0:46:0c:db:f3:68:15:
ed:4c:a2:fb:a3:96:47:c0:d1:a2:4b:99:c7:38:b2:bc:c6:af:
14:f5:4d:bc:11:ac:1d:7e:d6:be:69:c7:e8:04:38:b7:67:41:
03:c6:af:9f:64:21:ad:8f:34:2e:13:a3:55:bf:be:f2:da:de:
8e:dd:91:ed
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKrtXYrFNAbhpFkougCJXyqNaHi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjYxNTIwMDVaFw0yNTA2MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MWUxMGEyYzU2Mzc0ZjFiMDI3MDU3OTgzOTk0OWNkNjlkZjhlYmE1MmY2
NmQ4MjU1MmVlZmZkNGU2MTcyZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNwfYJLiqGG7Q0UMnYMYUcKAGhzInQcUUwhP+m/TxQoKcjc8olwjjHHxPe2
0Y0YDQamoEV5v2y0dI8ChhuBchzUQkdmWHh7hxQY1/Idi8w2t49prhW3B5wWxSiV
N4oc07kjbMcW7l/UxLmnOsYKQFwCOxNcrH9pSBKyhjqKGsrgPYRE0DnyM9oGJFCa
E6HsBwke/QucByrp/keEn3VM0B+7i4iuGNWvzdan/TuYkRKXK0suBkdMo76OWij4
uSpCJgLkU2eRBKZM3XO8e2v7nqI7pGTckZzCjfhZeLd9HgyHdhRxQSdheckWCAfZ
9/ci7TVT2cixeYllUerbc5BrC7kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSFEiM7
ffW7sT4strHzMIE5u8fXCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQxMWVjYTctOTVhZi00MWRkLWEyZmMtZmRhYTE2MmFkMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAZdIBuBrZIf+IlCjn+mk5x2xN5aLwMA3Jji+u5K77
e65rvVg0iBzD3j0bMabbDdOJ85a3aSfqhEsLYXiwha7UOd4dikosqL5AOsOSIWGR
Qf9EkMDEZWp8rgx/wJ6crb00AiKbCwjT+Ak8sGM6F+jK5jn32Hizs6zDhP103EFS
FkOh36Nnip+6k5cnsZtRAVpOrMLgM3iQTKFwUI4JzLgDJGCCLzBQNr/FlPeIOMQX
b1xkq46Boec8wyUv5ytXw4XgRgzb82gV7Uyi+6OWR8DRokuZxziyvMavFPVNvBGs
HX7WvmnH6AQ4t2dBA8avn2QhrY80LhOjVb++8trejt2R7Q==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:49:35 2025 by rpki-client