Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: 1dFMLBUfEM2vnUlWPRug3e4Ycydb9II22FpMtQMJiUw=
Subject key identifier: 99:16:99:9B:8F:CE:CA:FA:12:B4:98:AC:87:3F:8A:3A:4C:CF:84:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79A1877AD00BC13548DF74966112DCF9E8C0E862
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Fri 25 Apr 2025 20:31:01 +0000
ROA not before: Fri 25 Apr 2025 20:31:01 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:a1:87:7a:d0:0b:c1:35:48:df:74:96:61:12:dc:f9:e8:c0:e8:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:01 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=f3b9785d93f97f7690b625a58e2774fb74a048c735f15f49a975d13ebdbe8292, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:36:d4:60:d1:6e:83:72:19:34:01:41:80:65:
0e:7f:b4:8a:7b:54:f0:b9:d2:b7:28:1e:5b:a5:37:
fd:31:57:93:82:d1:20:a3:ab:dc:77:c7:55:53:0f:
36:3e:52:93:ad:dc:68:80:64:30:c9:b2:0a:b1:2e:
fe:60:31:53:29:0a:65:b1:8b:15:48:b7:84:80:e7:
76:32:0e:76:49:b8:2a:59:7c:a5:50:9b:a9:5a:46:
bf:0e:35:23:4a:4e:2f:7d:0b:e4:00:15:68:aa:70:
cc:ae:51:e0:88:fe:40:03:55:cb:a6:ef:9a:59:69:
f4:e0:fa:57:ff:f9:cf:ff:30:2a:16:17:24:e7:f0:
6a:13:ec:e8:7d:c0:94:c9:b3:17:cd:66:d9:46:aa:
c4:3b:9b:ac:fd:3b:b3:eb:04:97:4b:64:dd:0d:f5:
d8:66:f5:34:54:8d:e9:e4:a8:2c:88:82:39:cf:c8:
35:f2:80:6f:ae:30:75:61:0e:6c:35:d7:ff:d2:83:
34:5c:bb:5b:fe:bf:b6:4a:23:d4:14:65:bf:64:73:
6b:33:a5:77:c2:63:33:b3:83:1c:9e:7e:db:40:64:
8d:ef:ac:fb:bf:ea:01:af:65:ca:bb:d9:eb:06:70:
a7:9b:fd:b1:c3:69:b3:c6:55:2f:37:3a:64:44:78:
8b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:16:99:9B:8F:CE:CA:FA:12:B4:98:AC:87:3F:8A:3A:4C:CF:84:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5b:b4:94:ee:49:23:07:e1:d2:b2:1c:1f:50:50:70:49:92:de:
e0:41:15:8c:ef:98:af:fa:d4:1a:6d:50:5c:c9:1f:8a:8f:e2:
7f:05:d2:5f:ad:d8:56:a2:d5:5d:36:47:b4:1e:e0:57:15:12:
31:e0:34:0e:27:a0:14:30:f9:ff:90:f7:86:f6:74:39:c4:36:
a9:3b:51:17:50:da:5d:ee:92:69:75:3a:46:ba:fb:48:b6:a3:
bc:b3:e5:8c:33:72:50:48:eb:2b:36:e3:6e:44:20:86:5d:0f:
2a:8c:14:d5:45:af:bd:40:ca:b1:4c:4e:fc:ca:af:8a:4b:25:
e8:10:44:28:37:8c:8b:d0:65:13:8f:90:ea:ca:12:60:c6:cf:
ef:77:22:70:5b:5b:89:aa:20:b7:97:9f:c3:c4:6f:03:8c:bf:
47:92:d3:37:52:cc:4f:f7:d9:ff:c9:79:63:71:93:98:19:51:
33:60:22:47:5a:2f:4c:e4:98:94:8f:8d:1c:57:a5:37:33:d5:
ce:3e:11:88:cc:b2:17:be:b0:99:16:d9:43:b9:5d:d8:36:c5:
b9:3b:a1:c5:04:bf:79:e7:fa:49:f5:81:a3:09:6f:bf:54:f1:
4b:9c:08:a0:67:53:21:e3:31:16:d0:9d:48:59:00:ef:ab:ac:
e4:5c:1e:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeaGHetALwTVI33SWYRLc+ejA6GIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMDFaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYjk3ODVkOTNmOTdmNzY5MGI2MjVhNThlMjc3NGZiNzRhMDQ4YzczNWYx
NWY0OWE5NzVkMTNlYmRiZTgyOTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMg21GDRboNyGTQBQYBlDn+0intU8LnStygeW6U3/TFXk4LRIKOr3HfHVVMP
Nj5Sk63caIBkMMmyCrEu/mAxUykKZbGLFUi3hIDndjIOdkm4Kll8pVCbqVpGvw41
I0pOL30L5AAVaKpwzK5R4Ij+QANVy6bvmllp9OD6V//5z/8wKhYXJOfwahPs6H3A
lMmzF81m2UaqxDubrP07s+sEl0tk3Q312Gb1NFSN6eSoLIiCOc/INfKAb64wdWEO
bDXX/9KDNFy7W/6/tkoj1BRlv2RzazOld8JjM7ODHJ5+20Bkje+s+7/qAa9lyrvZ
6wZwp5v9scNps8ZVLzc6ZER4iw0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZFpmb
j87K+hK0mKyHP4o6TM+ETjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAW7SU7kkjB+HSshwfUFBwSZLe4EEVjO+Yr/rUGm1Q
XMkfio/ifwXSX63YVqLVXTZHtB7gVxUSMeA0DiegFDD5/5D3hvZ0OcQ2qTtRF1Da
Xe6SaXU6Rrr7SLajvLPljDNyUEjrKzbjbkQghl0PKowU1UWvvUDKsUxO/Mqviksl
6BBEKDeMi9BlE4+Q6soSYMbP73cicFtbiaogt5efw8RvA4y/R5LTN1LMT/fZ/8l5
Y3GTmBlRM2AiR1ovTOSYlI+NHFelNzPVzj4RiMyyF76wmRbZQ7ld2DbFuTuhxQS/
eef6SfWBowlvv1TxS5wIoGdTIeMxFtCdSFkA76us5Fweaw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:38:43 2025 by rpki-client