Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: 6+Q1zk8FIpDtvTk2djzvMicrPWYRJr+ubjT6pvY0g4I=
Subject key identifier: 16:3F:87:87:63:8F:12:B5:D0:BC:E5:55:F5:FC:0F:1D:C8:64:CF:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 643AC9DCDFA38F988304E12FC0A52DC5AB4E008D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Tue 20 May 2025 20:40:57 +0000
ROA not before: Tue 20 May 2025 20:40:57 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:3a:c9:dc:df:a3:8f:98:83:04:e1:2f:c0:a5:2d:c5:ab:4e:00:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:57 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=5be383f2dc3fda64ed64a50747139a44e96b3d36ce19265dcf66e15f43638994, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7e:f4:1c:a6:6a:40:8b:5a:b5:7d:77:61:be:
0c:91:60:d5:9b:df:04:e2:80:40:be:0a:15:5b:b3:
9d:e2:76:99:3d:61:27:53:29:8b:be:68:d5:17:6e:
86:08:c1:12:70:b2:64:14:49:09:15:b1:17:54:ae:
a3:35:f7:ce:01:c4:4d:a6:b9:7d:b8:6f:fb:01:68:
d2:9e:3c:b3:83:84:25:23:e7:20:21:5f:cb:62:57:
61:bd:3f:09:97:32:3f:99:4a:32:6c:63:85:7d:9b:
d4:be:e8:57:c1:08:b9:2a:bf:5b:a1:66:00:89:01:
42:26:46:1d:99:7b:f7:60:63:0c:5b:f8:b6:d4:c5:
74:de:9f:bd:de:0d:ae:67:2f:a7:2f:42:b3:11:84:
74:28:3d:11:b5:98:4c:46:79:e3:c6:c8:a7:61:53:
e4:f1:59:57:67:da:50:c8:0c:79:12:99:e6:40:6c:
7a:34:1f:97:39:b4:a1:61:ea:06:cc:d1:a0:cf:e3:
3a:07:96:9c:9f:58:e8:26:f1:4b:4d:a6:2f:e1:b1:
41:8a:27:dd:1a:00:34:c8:9e:aa:72:e7:1f:58:63:
ae:32:2a:93:22:b8:ba:6e:11:ac:9d:29:35:4c:4a:
7b:eb:a4:06:fc:68:ae:64:a9:95:8d:ea:cc:de:34:
e9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:3F:87:87:63:8F:12:B5:D0:BC:E5:55:F5:FC:0F:1D:C8:64:CF:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c6:36:05:3c:cf:dd:07:66:0c:32:d8:15:2c:a9:c8:d0:e0:cf:
ba:32:83:99:80:55:ef:8f:19:df:2e:e1:d9:80:e0:9e:1e:03:
b5:15:79:bd:0a:23:16:48:60:3d:14:1f:80:74:4b:7d:20:95:
24:23:8b:3b:dc:eb:90:a2:ee:5f:11:b2:23:20:f7:03:bd:bb:
cc:4a:16:ab:5d:81:ec:69:4c:39:cd:03:f5:fd:1a:34:10:96:
17:f4:f5:ac:8c:8d:0c:4a:a7:12:39:63:5d:4e:9c:6a:30:50:
78:c8:93:44:f7:a9:f6:0c:91:cb:f0:cd:6d:fa:87:0e:24:48:
d3:6c:4c:43:cc:b0:72:38:5c:da:c8:25:df:a2:1e:65:79:02:
7f:d2:9c:30:3d:a5:a9:ba:ec:f2:f1:7d:af:fe:aa:b1:17:ce:
2c:10:05:29:85:ab:4d:da:fb:5e:d0:3d:51:90:90:73:e1:2a:
3b:ec:d3:ca:46:56:26:dd:06:18:95:d5:a2:fb:de:0a:08:a7:
15:44:68:fb:e7:1f:15:4e:65:24:5f:2e:b4:30:21:6b:5b:6c:
58:9a:92:34:b1:12:17:a5:28:46:1a:6f:8e:a5:11:9f:ea:6c:
26:81:e4:30:d5:fe:19:0a:1e:9a:14:d7:42:a5:a9:69:53:33:
91:f9:a0:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZDrJ3N+jj5iDBOEvwKUtxatOAI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTdaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDViZTM4M2YyZGMzZmRhNjRlZDY0YTUwNzQ3MTM5YTQ0ZTk2YjNkMzZjZTE5
MjY1ZGNmNjZlMTVmNDM2Mzg5OTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp+9BymakCLWrV9d2G+DJFg1ZvfBOKAQL4KFVuzneJ2mT1hJ1Mpi75o1Rdu
hgjBEnCyZBRJCRWxF1SuozX3zgHETaa5fbhv+wFo0p48s4OEJSPnICFfy2JXYb0/
CZcyP5lKMmxjhX2b1L7oV8EIuSq/W6FmAIkBQiZGHZl792BjDFv4ttTFdN6fvd4N
rmcvpy9CsxGEdCg9EbWYTEZ548bIp2FT5PFZV2faUMgMeRKZ5kBsejQflzm0oWHq
BszRoM/jOgeWnJ9Y6CbxS02mL+GxQYon3RoANMieqnLnH1hjrjIqkyK4um4RrJ0p
NUxKe+ukBvxormSplY3qzN406V8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQWP4eH
Y48StdC85VX1/A8dyGTPRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAxjYFPM/dB2YMMtgVLKnI0ODPujKDmYBV748Z3y7h
2YDgnh4DtRV5vQojFkhgPRQfgHRLfSCVJCOLO9zrkKLuXxGyIyD3A727zEoWq12B
7GlMOc0D9f0aNBCWF/T1rIyNDEqnEjljXU6cajBQeMiTRPep9gyRy/DNbfqHDiRI
02xMQ8ywcjhc2sgl36IeZXkCf9KcMD2lqbrs8vF9r/6qsRfOLBAFKYWrTdr7XtA9
UZCQc+EqO+zTykZWJt0GGJXVovveCginFURo++cfFU5lJF8utDAha1tsWJqSNLES
F6UoRhpvjqURn+psJoHkMNX+GQoemhTXQqWpaVMzkfmgLg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:59:03 2025 by rpki-client