Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: dLuLLHADzYoXzYJkuB76AEzKrNYyK3B+r8i9ZShzd28=
Subject key identifier: E4:AE:60:1B:B7:DF:79:BF:24:61:72:94:45:C0:74:8A:57:37:36:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77528F30B7662FB1B7E9B580EACF020D9A38AF70
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Fri 23 May 2025 00:50:05 +0000
ROA not before: Fri 23 May 2025 00:50:05 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:52:8f:30:b7:66:2f:b1:b7:e9:b5:80:ea:cf:02:0d:9a:38:af:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:05 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=d5d4e2e0caeb4b8578db8900caa1b823a57d51da0a786cc0272157d73fd076b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4b:2b:e2:5e:0b:3f:1f:c4:53:6c:04:fa:d3:
7b:36:fb:68:93:fe:9b:5a:87:dc:a0:58:0e:f8:f7:
35:75:d5:4f:79:cf:fe:68:6c:4d:fe:0e:8f:23:71:
c9:95:9d:ff:3e:cc:c2:a5:20:43:bd:f6:61:4c:fb:
e7:5e:90:72:14:76:cd:42:5d:b2:e9:86:1e:0e:15:
31:04:4d:c7:74:a3:b6:d2:7f:16:10:e8:ac:5d:c0:
df:3f:d8:63:3f:46:66:64:db:9b:e1:0b:3e:23:e8:
bf:b3:23:36:3b:c1:6e:f8:61:18:96:80:3c:1f:f3:
dd:4c:2e:a7:d8:2c:9e:50:ee:3c:98:4e:79:8e:1d:
cc:cf:28:df:9e:c1:f9:9b:4b:35:5b:cc:fc:9d:5d:
05:11:da:6a:cb:1e:e1:c3:8d:b7:e0:67:3e:bd:46:
1e:aa:3e:42:49:35:b1:3a:0e:cf:c3:df:a0:39:f1:
c2:d7:3a:f0:e4:9e:48:7f:22:d5:7c:f8:c0:7d:56:
bd:32:49:88:bf:32:f9:6e:57:d6:48:0a:ec:8a:7f:
f1:8f:43:80:66:f3:a6:11:05:c9:b6:f2:9b:a2:55:
5b:81:39:26:42:ca:46:24:55:ed:22:26:ac:3b:09:
58:1a:ce:71:20:5b:db:3f:f0:74:75:75:cb:ba:03:
4a:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:AE:60:1B:B7:DF:79:BF:24:61:72:94:45:C0:74:8A:57:37:36:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5f:af:a7:7f:45:3b:b1:d7:81:be:54:39:ce:40:96:ae:68:aa:
e4:fa:cb:46:3d:9f:64:fc:b9:ed:3c:9a:2d:5a:2e:b1:d7:ba:
40:8f:14:7d:a6:be:3c:96:8e:f6:5d:28:a3:66:f9:30:84:24:
5e:d2:9c:26:ca:73:37:2f:1d:b1:22:a1:1a:56:f4:40:f3:5d:
82:6d:1a:fa:62:06:15:8d:32:90:8d:d2:b3:fa:34:d2:d8:14:
73:44:52:a9:6b:50:ff:3a:ea:f1:e2:f7:8b:31:05:c4:97:52:
ea:69:76:45:92:bf:2e:6a:f1:67:de:18:27:19:ac:c0:6d:63:
c8:70:34:40:88:c7:c8:44:94:1a:ed:3f:be:8f:d4:5e:23:08:
ec:2b:fe:a7:82:4f:76:0d:89:33:22:6f:42:1e:32:10:f6:74:
79:23:c6:83:8d:2b:94:b9:a9:b1:81:bf:6e:07:df:8c:46:1d:
c7:32:f8:9b:49:6b:c8:b0:4a:cd:61:f6:96:4d:75:95:67:23:
61:d2:26:42:72:03:67:f3:43:c7:42:4c:9b:d4:94:7f:f2:bc:
ad:5b:01:f9:30:b4:11:59:85:f4:d7:cb:de:e0:38:aa:f5:c7:
99:6e:10:3e:50:72:31:02:b2:56:9f:f0:79:7d:12:ba:14:5e:
0d:25:8b:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUd1KPMLdmL7G36bWA6s8CDZo4r3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwMDVaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1ZDRlMmUwY2FlYjRiODU3OGRiODkwMGNhYTFiODIzYTU3ZDUxZGEwYTc4
NmNjMDI3MjE1N2Q3M2ZkMDc2YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdLK+JeCz8fxFNsBPrTezb7aJP+m1qH3KBYDvj3NXXVT3nP/mhsTf4OjyNx
yZWd/z7MwqUgQ732YUz7516QchR2zUJdsumGHg4VMQRNx3SjttJ/FhDorF3A3z/Y
Yz9GZmTbm+ELPiPov7MjNjvBbvhhGJaAPB/z3Uwup9gsnlDuPJhOeY4dzM8o357B
+ZtLNVvM/J1dBRHaasse4cONt+BnPr1GHqo+Qkk1sToOz8PfoDnxwtc68OSeSH8i
1Xz4wH1WvTJJiL8y+W5X1kgK7Ip/8Y9DgGbzphEFybbym6JVW4E5JkLKRiRV7SIm
rDsJWBrOcSBb2z/wdHV1y7oDSvcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTkrmAb
t995vyRhcpRFwHSKVzc2+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAX6+nf0U7sdeBvlQ5zkCWrmiq5PrLRj2fZPy57Tya
LVousde6QI8Ufaa+PJaO9l0oo2b5MIQkXtKcJspzNy8dsSKhGlb0QPNdgm0a+mIG
FY0ykI3Ss/o00tgUc0RSqWtQ/zrq8eL3izEFxJdS6ml2RZK/LmrxZ94YJxmswG1j
yHA0QIjHyESUGu0/vo/UXiMI7Cv+p4JPdg2JMyJvQh4yEPZ0eSPGg40rlLmpsYG/
bgffjEYdxzL4m0lryLBKzWH2lk11lWcjYdImQnIDZ/NDx0JMm9SUf/K8rVsB+TC0
EVmF9NfL3uA4qvXHmW4QPlByMQKyVp/weX0SuhReDSWLzQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:00:57 2025 by rpki-client