Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: fUyoLMnrn/vacWnVHykWWSbc/XP8g6RT/v0mnoDbqHE=
Subject key identifier: EB:AE:45:A0:3C:8E:0A:7D:80:93:69:E7:1B:AE:BD:11:27:77:17:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3977E1306E61E1E97378362BC41421C2942CF9D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Tue 20 May 2025 20:40:59 +0000
ROA not before: Tue 20 May 2025 20:40:59 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:77:e1:30:6e:61:e1:e9:73:78:36:2b:c4:14:21:c2:94:2c:f9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:59 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=856ddbe7d4cee12c87f205344d2fc818f32ff1c2112af74a4d4aad592d825de6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c3:50:fc:9f:8c:db:b4:0b:d2:58:c5:bf:13:
e3:fb:77:d6:05:c7:55:bd:89:86:4d:ba:bd:2d:6b:
28:79:b0:a1:6a:2a:bf:12:89:de:cd:79:ef:cc:2c:
d8:40:3d:5c:27:ea:84:41:90:c8:f6:42:aa:ea:54:
5b:16:75:09:a6:c2:29:eb:6a:e0:3b:06:d7:b2:23:
c8:96:84:24:9f:cd:ae:fc:8e:05:2e:bc:72:00:44:
46:b5:66:b3:e2:14:c6:a4:15:6d:0d:9c:87:60:ad:
c8:bd:f3:f0:7c:7a:cc:ff:e5:2b:e8:1f:12:6d:80:
0d:35:27:50:74:13:31:80:a4:a9:46:01:5a:ad:7e:
45:1b:8a:58:2d:67:d3:54:f9:3a:f1:2c:31:fa:02:
39:48:e7:0b:c8:31:1e:ae:6c:22:65:4e:a5:c1:aa:
cc:cf:40:c1:e7:41:ab:87:5b:de:10:c0:7b:1e:f4:
79:66:14:34:09:d5:fb:8f:47:8b:3e:b0:de:dc:31:
91:ac:e2:5e:d3:3d:12:49:9b:20:32:f0:11:a8:be:
c7:03:f2:cc:e2:3d:36:78:65:9e:8b:73:dc:3a:2b:
87:ca:38:36:a9:48:3f:7b:b7:12:ed:21:2a:df:54:
cf:99:03:8a:08:cf:45:87:69:aa:3d:9e:36:a8:e8:
46:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:AE:45:A0:3C:8E:0A:7D:80:93:69:E7:1B:AE:BD:11:27:77:17:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:c7:f5:57:e2:ad:0c:ba:02:c6:1c:be:87:b6:a8:88:9f:a4:
ba:c9:71:2d:f9:77:75:8c:e5:5b:d7:61:e3:75:03:b3:f5:84:
78:fb:1c:f4:ac:26:2e:dd:81:9d:89:65:f0:9c:14:90:a9:4a:
8a:8f:c4:5c:22:77:25:b5:fe:e5:7b:b4:c4:91:19:2c:46:ee:
93:ea:58:75:57:e0:4f:89:cb:0e:e3:2e:18:e3:d3:a8:e5:ca:
f4:58:2a:2b:77:5c:19:e5:2c:61:52:f5:1d:bc:b2:f9:e1:48:
a9:d0:fe:8a:ff:26:3e:ab:28:70:08:c1:ed:6b:8e:45:fc:db:
7e:60:e1:4b:e0:73:5f:4e:f2:62:4b:44:32:70:a4:82:c0:f6:
45:77:c3:33:d1:88:10:43:a5:c6:03:7c:ee:ec:1b:64:8b:ce:
30:e5:aa:fd:7d:d2:3d:0f:19:70:92:2c:fe:a7:4b:70:71:dc:
ac:41:77:cd:b1:0f:6d:3e:a1:e0:da:51:f3:ba:08:9e:54:51:
b5:cd:e4:be:e4:c4:37:90:00:00:a7:d1:45:c1:dc:1a:59:66:
c1:54:5f:79:e7:62:3f:83:dc:67:c1:0a:94:29:bc:f0:4d:89:
0f:57:3f:f6:28:32:2c:ad:51:a4:84:73:6e:c9:c2:75:c4:8e:
80:c1:11:cc
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOXfhMG5h4elzeDYrxBQhwpQs+dMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTlaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NmRkYmU3ZDRjZWUxMmM4N2YyMDUzNDRkMmZjODE4ZjMyZmYxYzIxMTJh
Zjc0YTRkNGFhZDU5MmQ4MjVkZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjDUPyfjNu0C9JYxb8T4/t31gXHVb2Jhk26vS1rKHmwoWoqvxKJ3s1578ws
2EA9XCfqhEGQyPZCqupUWxZ1CabCKetq4DsG17IjyJaEJJ/NrvyOBS68cgBERrVm
s+IUxqQVbQ2ch2CtyL3z8Hx6zP/lK+gfEm2ADTUnUHQTMYCkqUYBWq1+RRuKWC1n
01T5OvEsMfoCOUjnC8gxHq5sImVOpcGqzM9AwedBq4db3hDAex70eWYUNAnV+49H
iz6w3twxkaziXtM9EkmbIDLwEai+xwPyzOI9Nnhlnotz3Dorh8o4NqlIP3u3Eu0h
Kt9Uz5kDigjPRYdpqj2eNqjoRo8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTrrkWg
PI4KfYCTaecbrr0RJ3cXAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEATsf1V+KtDLoCxhy+h7aoiJ+kuslxLfl3dYzlW9dh
43UDs/WEePsc9KwmLt2BnYll8JwUkKlKio/EXCJ3JbX+5Xu0xJEZLEbuk+pYdVfg
T4nLDuMuGOPTqOXK9FgqK3dcGeUsYVL1Hbyy+eFIqdD+iv8mPqsocAjB7WuORfzb
fmDhS+BzX07yYktEMnCkgsD2RXfDM9GIEEOlxgN87uwbZIvOMOWq/X3SPQ8ZcJIs
/qdLcHHcrEF3zbEPbT6h4NpR87oInlRRtc3kvuTEN5AAAKfRRcHcGllmwVRfeedi
P4PcZ8EKlCm88E2JD1c/9igyLK1RpIRzbsnCdcSOgMERzA==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:40:17 2025 by rpki-client