Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: xW2fNcrANbw0Y0x0/wwGxgkLxK9KtaZ6tn0XTBps94k=
Subject key identifier: CC:74:37:FF:01:37:51:70:64:85:E5:A9:91:70:F2:88:5E:AD:1D:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1E59D0DDD3B4386FEC3707FDF5D75102129422E8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Sat 31 May 2025 00:50:10 +0000
ROA not before: Sat 31 May 2025 00:50:10 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:59:d0:dd:d3:b4:38:6f:ec:37:07:fd:f5:d7:51:02:12:94:22:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:10 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=9b273f5f33a8fff9304503d94d24fb38c0c254c2804eaf0a9b9efe85648b137b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fd:54:47:c5:fd:9d:3c:66:43:fb:09:bc:a1:
45:d0:84:15:c8:12:24:d4:d2:13:3d:d3:d9:ca:fb:
6e:00:96:54:d7:7b:2e:f0:d9:b3:c5:e4:d6:79:63:
95:e5:cb:79:e0:82:73:e1:4d:b4:72:6c:e8:b6:74:
6a:ec:ed:a5:29:fb:8a:7c:48:62:0e:62:2a:48:a8:
21:2f:53:c8:41:b2:ba:ec:ba:ab:0e:8f:f6:18:1e:
e3:18:98:d9:2a:5c:aa:fe:97:17:67:7e:b3:30:06:
4f:09:c8:37:1b:8d:72:dc:55:1a:63:24:d3:99:85:
e0:f8:43:b7:a7:cd:f4:b9:95:9e:ca:07:65:21:b3:
3f:39:02:88:14:31:77:20:4e:b4:90:59:48:78:64:
9f:eb:20:6f:49:a1:11:17:69:37:84:0d:9e:cf:af:
17:26:8b:66:17:57:73:26:8b:e8:aa:05:7e:90:96:
94:1a:77:8a:f7:ae:e4:a0:0d:7e:f7:10:dc:ac:72:
b1:e8:09:94:f9:a8:74:b0:75:13:9f:4d:bb:27:e7:
d1:87:aa:d1:4f:af:1d:71:6c:d3:cd:a6:a8:05:58:
46:8b:4c:55:50:c4:e8:60:81:c0:ec:b8:47:7b:9b:
cc:1c:6a:cb:f3:b9:f6:e2:cd:08:9b:20:fb:c0:29:
64:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:74:37:FF:01:37:51:70:64:85:E5:A9:91:70:F2:88:5E:AD:1D:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
69:be:c1:33:61:98:a9:5e:98:45:7b:8c:8c:be:c6:ed:f1:65:
2f:bc:f7:c2:4e:bd:61:ce:f2:54:ed:19:5a:c3:84:82:2e:30:
b8:33:04:ef:25:a0:2b:b6:2f:1e:4d:89:c0:46:25:17:a3:f5:
98:b4:e7:42:3f:07:a8:57:ec:70:72:e3:d0:14:90:42:23:36:
53:70:db:17:76:cd:b4:13:c0:b0:af:00:19:0d:37:e4:81:fc:
fe:a3:ba:4d:a6:43:6d:b1:d2:1d:2c:21:48:bb:e8:5e:bc:c5:
93:20:e2:31:b6:7c:c4:a9:01:86:d5:73:74:0c:29:20:91:09:
f3:f0:9a:7f:cf:7b:7e:99:38:7e:82:ba:4b:22:0c:19:3d:b1:
5c:13:4f:be:b3:17:8f:37:c2:3a:1a:2f:61:9d:22:20:34:c1:
42:4b:38:66:e1:be:ec:5e:7f:ce:de:1f:34:46:e4:42:ac:9f:
fd:93:eb:0e:52:0c:f9:e3:b7:a1:87:58:09:e3:2a:7e:f9:bf:
6f:6c:5c:b4:6a:98:c8:85:0d:28:d8:70:e2:27:15:30:5d:a2:
b3:be:b4:46:6b:b7:8a:48:d7:41:10:db:39:3b:88:a2:ce:0f:
43:51:92:28:f0:e5:64:71:62:60:68:f6:ba:85:a4:6c:1c:a5:
19:8b:42:11
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHlnQ3dO0OG/sNwf99ddRAhKUIugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMTBaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMjczZjVmMzNhOGZmZjkzMDQ1MDNkOTRkMjRmYjM4YzBjMjU0YzI4MDRl
YWYwYTliOWVmZTg1NjQ4YjEzN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALX9VEfF/Z08ZkP7CbyhRdCEFcgSJNTSEz3T2cr7bgCWVNd7LvDZs8Xk1nlj
leXLeeCCc+FNtHJs6LZ0auztpSn7inxIYg5iKkioIS9TyEGyuuy6qw6P9hge4xiY
2Spcqv6XF2d+szAGTwnINxuNctxVGmMk05mF4PhDt6fN9LmVnsoHZSGzPzkCiBQx
dyBOtJBZSHhkn+sgb0mhERdpN4QNns+vFyaLZhdXcyaL6KoFfpCWlBp3iveu5KAN
fvcQ3KxysegJlPmodLB1E59Nuyfn0Yeq0U+vHXFs082mqAVYRotMVVDE6GCBwOy4
R3ubzBxqy/O59uLNCJsg+8ApZCkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTMdDf/
ATdRcGSF5amRcPKIXq0dDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQBpvsEzYZipXphFe4yMvsbt8WUvvPfCTr1hzvJU7Rla
w4SCLjC4MwTvJaArti8eTYnARiUXo/WYtOdCPweoV+xwcuPQFJBCIzZTcNsXds20
E8CwrwAZDTfkgfz+o7pNpkNtsdIdLCFIu+hevMWTIOIxtnzEqQGG1XN0DCkgkQnz
8Jp/z3t+mTh+grpLIgwZPbFcE0++sxePN8I6Gi9hnSIgNMFCSzhm4b7sXn/O3h80
RuRCrJ/9k+sOUgz547ehh1gJ4yp++b9vbFy0apjIhQ0o2HDiJxUwXaKzvrRGa7eK
SNdBENs5O4iizg9DUZIo8OVkcWJgaPa6haRsHKUZi0IR
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:18:21 2025 by rpki-client