Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: EFk/33YxDPzeSrd7FD8I3/ypWwRGjpWxIwBF509pbEQ=
Subject key identifier: 76:70:E6:F3:46:C7:D7:DB:35:00:6B:DE:9D:30:68:C8:DB:63:AE:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 215C267A5B6B7809233008DF6F0375F39B7E6A4A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Sat 31 May 2025 00:50:35 +0000
ROA not before: Sat 31 May 2025 00:50:35 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:5c:26:7a:5b:6b:78:09:23:30:08:df:6f:03:75:f3:9b:7e:6a:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:35 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=a5f609e3ee8922155f382aea81907da8d80b553abdf08b4877b296305986bf25, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:30:42:46:f2:c8:ce:00:ed:41:24:a7:35:cb:
7a:7d:fb:bb:46:94:83:34:6a:a4:6e:82:7d:17:2e:
95:b6:95:15:15:02:b2:e2:dc:dd:80:76:86:79:a5:
47:a9:c6:fc:e9:54:7b:fc:79:6a:3c:fe:56:2c:63:
1f:c7:7e:04:3b:32:c6:ee:c9:65:b2:8f:3e:fc:a1:
7d:5d:9b:bc:f5:87:1d:dd:e7:56:92:7f:9c:ba:50:
6f:8b:8c:52:86:f2:e0:4a:96:04:e8:63:c6:86:39:
fc:a0:77:cc:2f:c1:cf:aa:d8:95:f4:ed:50:d7:dc:
73:ea:37:42:c9:37:d3:d1:ba:b8:9b:96:e7:87:22:
20:6c:54:a5:8a:b7:af:6a:4e:75:bf:a9:c4:b9:cf:
dc:e4:84:25:86:7b:f5:5e:c8:fb:2a:f2:c3:f6:40:
90:da:24:95:ed:dd:d3:a6:46:b7:be:a9:4c:54:ac:
89:a9:e9:68:df:95:81:d7:3c:2a:37:db:34:87:b2:
06:39:5f:ee:d5:b6:98:25:18:76:03:11:10:30:07:
65:f1:cf:74:3d:77:e2:db:cd:c2:2e:3e:ba:2f:34:
d1:d0:c3:43:94:4c:f7:29:18:51:67:3a:4c:b8:e2:
05:6b:33:20:be:9f:61:ac:bf:68:ec:ca:93:f9:68:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:70:E6:F3:46:C7:D7:DB:35:00:6B:DE:9D:30:68:C8:DB:63:AE:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:f1:9f:87:bf:ef:25:f6:4b:c7:32:f1:37:57:cc:5e:b7:28:
62:9f:a0:c7:28:2c:92:f6:02:2c:0c:24:15:74:3f:09:19:bb:
79:68:58:02:c5:f1:48:83:18:bd:e1:35:c3:2b:76:6b:70:20:
5e:42:b0:39:36:89:0f:e6:25:59:ad:ec:a0:48:b6:9e:c7:8e:
e5:a9:54:80:e3:8d:58:75:48:31:24:2f:13:28:0e:13:88:11:
e7:4e:a0:58:96:14:50:a8:71:e6:1c:1b:a1:1c:12:5e:ff:96:
98:24:d6:52:1b:de:7b:54:24:e2:6a:44:88:e3:24:b4:3d:34:
88:97:01:0d:c6:ba:74:9f:ac:a3:bb:2d:18:02:2d:36:c2:7b:
3c:d0:60:d5:19:f5:ad:22:57:50:15:bf:d8:2b:81:5c:42:4e:
09:5b:2f:58:21:92:20:41:47:de:c3:4e:de:69:7c:26:5e:a9:
75:dd:53:ae:f0:43:b6:cf:42:5b:96:00:8c:28:3a:e0:ef:12:
64:db:17:ae:da:77:77:97:48:b8:15:96:ab:34:5d:2c:66:f3:
ac:8a:ee:20:31:25:8a:61:ea:64:48:aa:62:a1:00:43:78:ee:
b4:8a:76:b9:03:df:c0:7b:d8:16:0e:6d:a8:83:6b:53:91:8b:
c2:8f:99:71
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIVwmeltreAkjMAjfbwN185t+akowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMzVaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1ZjYwOWUzZWU4OTIyMTU1ZjM4MmFlYTgxOTA3ZGE4ZDgwYjU1M2FiZGYw
OGI0ODc3YjI5NjMwNTk4NmJmMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAwQkbyyM4A7UEkpzXLen37u0aUgzRqpG6CfRculbaVFRUCsuLc3YB2hnml
R6nG/OlUe/x5ajz+VixjH8d+BDsyxu7JZbKPPvyhfV2bvPWHHd3nVpJ/nLpQb4uM
Uoby4EqWBOhjxoY5/KB3zC/Bz6rYlfTtUNfcc+o3Qsk309G6uJuW54ciIGxUpYq3
r2pOdb+pxLnP3OSEJYZ79V7I+yryw/ZAkNokle3d06ZGt76pTFSsianpaN+Vgdc8
KjfbNIeyBjlf7tW2mCUYdgMREDAHZfHPdD134tvNwi4+ui800dDDQ5RM9ykYUWc6
TLjiBWszIL6fYay/aOzKk/lowTECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2cObz
RsfX2zUAa96dMGjI22OuZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQCS8Z+Hv+8l9kvHMvE3V8xetyhin6DHKCyS9gIsDCQV
dD8JGbt5aFgCxfFIgxi94TXDK3ZrcCBeQrA5NokP5iVZreygSLaex47lqVSA441Y
dUgxJC8TKA4TiBHnTqBYlhRQqHHmHBuhHBJe/5aYJNZSG957VCTiakSI4yS0PTSI
lwENxrp0n6yjuy0YAi02wns80GDVGfWtIldQFb/YK4FcQk4JWy9YIZIgQUfew07e
aXwmXql13VOu8EO2z0JblgCMKDrg7xJk2xeu2nd3l0i4FZarNF0sZvOsiu4gMSWK
YepkSKpioQBDeO60ina5A9/Ae9gWDm2og2tTkYvCj5lx
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:52:51 2025 by rpki-client