Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: UN1K8SnnACGwzF2LOUQsvmPAGDFVtyfK6t10SGlG2m4=
Subject key identifier: 3A:C4:B1:B5:96:89:2B:DE:F2:79:4C:ED:38:39:2A:F1:DE:E5:D0:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12E522B6284C1C238FDBF6DA38804E5C1BFB27F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Fri 23 May 2025 00:50:43 +0000
ROA not before: Fri 23 May 2025 00:50:43 +0000
ROA not after: Fri 27 Jun 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:e5:22:b6:28:4c:1c:23:8f:db:f6:da:38:80:4e:5c:1b:fb:27:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 23 00:50:43 2025 GMT
Not After : Jun 27 23:59:59 2025 GMT
Subject: serialNumber=8625cbccdc3c2b3e73c5cf091f869f09eb0466e94605efe5c044de1930b1abbc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e8:ba:8b:a2:9d:b6:0d:38:5b:08:7d:0a:0f:
b6:a0:92:2f:12:91:26:67:ac:1f:ba:69:f6:f4:dc:
02:50:03:0d:8e:01:ee:5b:b9:59:ea:48:11:51:5d:
e7:c8:5a:e6:f0:f4:c7:8b:78:60:a5:c6:7d:d2:05:
df:16:86:0a:a1:57:2b:3a:70:2d:79:64:d9:ee:2c:
c5:4a:cb:e3:e1:71:89:f4:72:cb:39:e9:37:c9:94:
28:6a:a6:1e:ce:e1:f4:e2:01:89:c0:7a:9c:ae:65:
b1:27:6c:0b:d6:5b:38:b1:58:ef:5e:ba:ce:bb:0d:
4b:82:09:4f:fa:29:58:f6:02:f9:8d:cb:db:c8:9c:
a8:8a:fd:56:b5:60:f2:a2:fd:6f:1d:77:33:ce:9c:
5d:8f:0e:7c:bd:95:bc:2f:06:75:3c:b8:bd:93:a9:
08:9a:e8:b6:f7:ea:70:dd:38:29:a2:c1:c8:12:d3:
ac:5c:4e:9b:26:ed:0b:91:01:98:ef:11:03:70:c6:
f5:06:08:59:ea:4c:4b:88:3c:66:eb:fa:f8:63:52:
87:90:34:2c:d2:90:b5:92:0c:98:75:1b:c2:03:65:
8b:a0:28:11:74:7f:68:18:f9:99:59:b4:c2:de:33:
0a:0c:b1:0d:30:6f:a3:8b:36:ca:20:9e:7f:f5:6d:
e7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C4:B1:B5:96:89:2B:DE:F2:79:4C:ED:38:39:2A:F1:DE:E5:D0:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:05:c4:c2:b5:d8:81:a5:ae:59:c5:2d:a1:22:da:af:4b:66:
25:f1:c8:9b:53:ba:43:42:3a:dd:d6:05:a7:bf:7f:f0:a6:ae:
30:01:32:0f:fb:7e:75:13:27:f9:95:d4:16:08:82:0b:f6:77:
3e:70:57:9d:64:3a:11:80:5b:b0:86:fb:ef:70:96:1f:74:f9:
dd:c5:cb:0b:ff:ac:ee:27:28:a4:38:09:ed:e4:f7:89:78:5f:
76:b6:e8:79:33:f2:26:d7:18:5f:64:a1:c5:63:ff:3e:8f:5f:
4b:15:cd:f1:80:8e:cb:97:0e:d1:1f:4e:03:03:03:9a:09:ff:
15:52:d6:a9:bb:54:fe:d6:2b:fa:d5:4e:cc:a7:dd:67:95:e1:
dd:8c:2a:ff:31:f3:92:95:40:83:81:76:09:32:f0:aa:f3:7e:
fa:1a:93:d6:52:4e:d3:41:97:26:28:a1:38:9a:ae:15:7e:9b:
1a:b8:bb:5f:a4:07:c2:dd:82:98:85:b2:b9:c6:d1:3b:c7:aa:
7b:71:d4:d5:e2:65:10:90:ca:d2:6e:f8:5b:f9:19:f4:d9:0c:
fa:61:61:89:89:2c:da:40:bc:3e:ce:70:05:37:ca:42:2e:17:
d4:f2:a5:75:a9:51:9b:6d:5c:4e:04:87:3b:29:e8:e7:d7:e9:
c1:07:03:2a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEuUitihMHCOP2/baOIBOXBv7J/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjMwMDUwNDNaFw0yNTA2MjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2MjVjYmNjZGMzYzJiM2U3M2M1Y2YwOTFmODY5ZjA5ZWIwNDY2ZTk0NjA1
ZWZlNWMwNDRkZTE5MzBiMWFiYmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHououinbYNOFsIfQoPtqCSLxKRJmesH7pp9vTcAlADDY4B7lu5WepIEVFd
58ha5vD0x4t4YKXGfdIF3xaGCqFXKzpwLXlk2e4sxUrL4+FxifRyyznpN8mUKGqm
Hs7h9OIBicB6nK5lsSdsC9ZbOLFY7166zrsNS4IJT/opWPYC+Y3L28icqIr9VrVg
8qL9bx13M86cXY8OfL2VvC8GdTy4vZOpCJrotvfqcN04KaLByBLTrFxOmybtC5EB
mO8RA3DG9QYIWepMS4g8Zuv6+GNSh5A0LNKQtZIMmHUbwgNli6AoEXR/aBj5mVm0
wt4zCgyxDTBvo4s2yiCef/Vt570CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ6xLG1
lokr3vJ5TO04OSrx3uXQzjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAbwXEwrXYgaWuWcUtoSLar0tmJfHIm1O6Q0I63dYF
p79/8KauMAEyD/t+dRMn+ZXUFgiCC/Z3PnBXnWQ6EYBbsIb773CWH3T53cXLC/+s
7icopDgJ7eT3iXhfdrboeTPyJtcYX2ShxWP/Po9fSxXN8YCOy5cO0R9OAwMDmgn/
FVLWqbtU/tYr+tVOzKfdZ5Xh3Ywq/zHzkpVAg4F2CTLwqvN++hqT1lJO00GXJiih
OJquFX6bGri7X6QHwt2CmIWyucbRO8eqe3HU1eJlEJDK0m74W/kZ9NkM+mFhiYks
2kC8Ps5wBTfKQi4X1PKldalRm21cTgSHOyno59fpwQcDKg==
-----END CERTIFICATE-----
Generated at Sun Jun 15 14:12:10 2025 by rpki-client