Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: Odkaej/OGa84DKjFY5VhB/KYOr9toyDkFJ04onf1tuE=
Subject key identifier: DD:99:59:2D:BA:1F:A1:9A:5F:07:99:EE:83:D9:81:4C:7F:47:0A:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22FE7CC77A19D8352BC178955D39BCF84D7A5676
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Tue 20 May 2025 20:41:20 +0000
ROA not before: Tue 20 May 2025 20:41:20 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:fe:7c:c7:7a:19:d8:35:2b:c1:78:95:5d:39:bc:f8:4d:7a:56:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:20 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=d812597375533b351ad034b6ec01a15013da6b607d73cd66af53179aec8580b0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:5a:ce:b6:a6:3b:71:c4:3c:e4:a7:a1:4b:48:
00:67:bb:36:f4:29:3a:a3:5f:c3:a6:d3:a8:56:93:
d2:80:b6:37:47:ff:a1:1e:71:e6:9d:1f:d6:85:dc:
ef:83:4a:53:07:09:79:5d:51:d2:56:92:45:cb:2b:
7c:b5:17:6c:07:28:53:fd:d4:be:a6:72:e9:12:30:
0e:0c:14:06:e5:2b:9c:3d:f9:39:37:ce:f7:8d:3d:
5f:b9:ac:9b:70:d4:15:c9:bb:9b:5a:86:42:8a:fb:
5a:37:50:93:fc:57:ed:31:44:3c:a3:73:ec:ae:64:
e7:82:a7:47:d4:d8:c0:42:b7:7c:d7:80:31:12:60:
6d:45:1e:58:d6:53:53:dc:37:70:50:8b:a9:be:87:
d7:f7:8c:45:7f:d0:c2:75:d2:bc:c1:64:e7:b0:ed:
2b:9e:0c:a1:17:37:a3:cd:9e:a4:c2:47:48:81:fa:
21:f9:de:5f:1c:bd:f7:ba:8e:7f:9f:87:e2:d7:d9:
f3:e6:c2:0c:86:17:31:10:2b:51:d0:0a:81:55:21:
91:53:c3:42:54:98:32:43:97:a4:c9:13:43:3f:40:
e7:d7:40:a8:f9:b8:6b:63:9e:85:10:da:5f:70:78:
c1:9f:4f:b8:eb:ec:0c:d1:e6:50:6d:4f:93:87:43:
99:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:99:59:2D:BA:1F:A1:9A:5F:07:99:EE:83:D9:81:4C:7F:47:0A:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:5e:e4:ac:d5:0b:db:cf:2a:f8:3b:c3:56:60:ea:5b:25:5a:
15:5e:08:2d:25:29:6a:71:51:e1:d0:8f:3e:2d:2b:7b:24:96:
ab:32:61:46:b1:f1:63:c5:1b:ba:59:0c:6e:0b:f9:6b:f7:73:
c7:f6:14:ef:99:f8:bd:47:cd:8c:58:0e:ae:d2:82:2d:53:20:
8b:90:38:41:ee:88:1e:bb:32:be:d5:0b:21:63:67:f1:80:cc:
cc:e1:d1:c4:5c:f8:d1:da:a7:78:a7:76:45:80:da:12:72:28:
59:86:77:82:1b:db:40:76:3a:5e:fb:c6:9f:93:e4:00:e9:58:
1b:7d:36:7a:cb:1d:32:bf:08:a5:14:d6:ff:ef:0f:12:1c:b5:
7a:57:87:f3:3d:60:bd:0f:ff:68:f4:e7:be:19:88:40:21:f7:
93:c6:63:f7:c4:f1:41:29:55:5b:ca:e1:45:6c:9d:d9:69:1f:
f3:d1:f3:70:6b:7f:f9:b4:45:75:13:03:67:08:7f:eb:ce:48:
2f:f6:1a:8c:f7:8d:69:41:24:c6:e5:5d:61:50:32:e4:39:66:
c8:81:24:76:c1:15:50:41:d9:a4:1d:e4:59:88:c0:fc:15:52:
95:b2:55:75:2f:cd:fd:94:30:9a:49:29:d0:aa:c1:a9:68:35:
cb:16:f7:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIv58x3oZ2DUrwXiVXTm8+E16VnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjBaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4MTI1OTczNzU1MzNiMzUxYWQwMzRiNmVjMDFhMTUwMTNkYTZiNjA3ZDcz
Y2Q2NmFmNTMxNzlhZWM4NTgwYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFazramO3HEPOSnoUtIAGe7NvQpOqNfw6bTqFaT0oC2N0f/oR5x5p0f1oXc
74NKUwcJeV1R0laSRcsrfLUXbAcoU/3UvqZy6RIwDgwUBuUrnD35OTfO9409X7ms
m3DUFcm7m1qGQor7WjdQk/xX7TFEPKNz7K5k54KnR9TYwEK3fNeAMRJgbUUeWNZT
U9w3cFCLqb6H1/eMRX/QwnXSvMFk57DtK54MoRc3o82epMJHSIH6IfneXxy997qO
f5+H4tfZ8+bCDIYXMRArUdAKgVUhkVPDQlSYMkOXpMkTQz9A59dAqPm4a2OehRDa
X3B4wZ9PuOvsDNHmUG1Pk4dDmUcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTdmVkt
uh+hml8Hme6D2YFMf0cKMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQCyXuSs1Qvbzyr4O8NWYOpbJVoVXggtJSlqcVHh0I8+
LSt7JJarMmFGsfFjxRu6WQxuC/lr93PH9hTvmfi9R82MWA6u0oItUyCLkDhB7oge
uzK+1QshY2fxgMzM4dHEXPjR2qd4p3ZFgNoScihZhneCG9tAdjpe+8afk+QA6Vgb
fTZ6yx0yvwilFNb/7w8SHLV6V4fzPWC9D/9o9Oe+GYhAIfeTxmP3xPFBKVVbyuFF
bJ3ZaR/z0fNwa3/5tEV1EwNnCH/rzkgv9hqM941pQSTG5V1hUDLkOWbIgSR2wRVQ
QdmkHeRZiMD8FVKVslV1L839lDCaSSnQqsGpaDXLFvep
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:08:43 2025 by rpki-client