Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: YIPYWSpZIcJK8N1JdbHgPmKiocXTo8uWYf2+1m59sA0=
Subject key identifier: 0D:2C:84:8D:DE:C2:C1:29:34:A3:40:34:5E:22:32:75:85:B8:4E:9D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79DDD82284EC66FEEF60234489697CF1C49840EF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Sat 31 May 2025 00:50:22 +0000
ROA not before: Sat 31 May 2025 00:50:22 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:dd:d8:22:84:ec:66:fe:ef:60:23:44:89:69:7c:f1:c4:98:40:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:22 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=db75dd07e1c5a327a762dc76bf8fc17871b43bbebc9ebda3476e2e170edd9fe4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a4:0b:7d:6a:c8:56:c2:3b:00:fe:8a:2f:c2:
c9:d6:4e:ee:2e:d5:7a:db:25:d4:72:f0:ef:d2:c3:
9d:49:86:cf:9b:6d:54:7b:2d:e9:37:f0:82:aa:a1:
e1:66:2d:e7:51:03:30:9a:9f:6c:eb:95:1e:21:a9:
fe:16:03:4d:e0:4a:0a:03:a5:bd:64:14:7c:81:32:
68:dc:36:b8:44:10:ba:42:4c:8e:d6:c2:55:4f:be:
2a:93:53:31:b6:07:03:98:db:da:94:ab:1a:2e:dc:
fc:97:13:30:84:e9:cf:67:4a:05:d4:c5:5c:51:06:
fc:df:c6:d9:64:1b:95:a3:a9:bc:57:b1:5f:4f:84:
fc:ea:94:e0:ed:eb:4c:27:cd:6a:ee:5c:18:ff:2d:
01:41:b8:72:49:29:aa:5b:97:91:b5:6a:2f:13:f0:
05:eb:54:15:2d:68:7e:a7:5d:0c:0e:1c:69:9e:ce:
a6:a8:b8:2f:1b:00:d0:82:70:dc:db:2b:2c:f4:cd:
b2:1d:f6:e4:22:96:7a:17:c6:db:9b:c7:cd:ed:d9:
35:ca:4a:1f:7b:94:6f:1b:d6:33:6a:32:d3:f4:23:
7e:5f:cc:88:d8:e1:50:c2:5a:70:93:cc:f3:a4:f5:
d4:81:e0:45:2c:71:19:94:17:7b:22:f6:d9:89:63:
a0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:2C:84:8D:DE:C2:C1:29:34:A3:40:34:5E:22:32:75:85:B8:4E:9D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:b1:a7:01:c9:5a:ed:cd:b7:61:ef:0b:e3:0c:ce:ee:05:95:
f1:8e:2b:97:28:9e:c3:e9:df:ea:a6:57:a6:8f:2a:0d:3f:8e:
e8:de:87:77:44:d8:7b:59:e4:d2:06:f7:54:2d:84:9c:cd:0a:
ac:4d:20:81:c1:26:32:4c:e4:30:b5:6c:1d:16:21:2d:2e:d6:
db:bb:5b:ac:75:06:12:02:4d:11:4e:42:0a:03:65:bf:06:ab:
a7:de:d6:30:45:48:ee:d9:86:e0:b0:95:10:ff:69:28:6f:59:
1f:1e:93:ba:b5:34:a2:65:8a:4f:47:af:18:19:1f:5c:c0:5b:
c2:f5:4f:fd:db:14:74:e1:35:75:b6:72:b2:68:66:53:53:11:
2e:c7:70:89:dc:ba:2a:32:e8:7c:f0:8a:c9:ff:a9:a8:64:ae:
a4:65:3a:b1:47:a3:3c:0b:fa:1f:d9:bc:14:71:45:5c:bd:40:
ac:32:b5:7a:ad:75:41:bb:b7:65:8c:88:be:00:2a:90:a6:b4:
db:b1:b4:26:91:52:bd:05:58:db:c8:26:14:03:8b:f5:74:21:
28:49:6e:4f:ac:8c:be:37:c7:53:cf:1c:61:3c:ca:32:26:9d:
87:54:6c:e0:9f:22:7a:52:dd:fa:67:2e:01:94:b8:3a:5e:6b:
15:02:e2:16
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUed3YIoTsZv7vYCNEiWl88cSYQO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMjJaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiNzVkZDA3ZTFjNWEzMjdhNzYyZGM3NmJmOGZjMTc4NzFiNDNiYmViYzll
YmRhMzQ3NmUyZTE3MGVkZDlmZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOGkC31qyFbCOwD+ii/CydZO7i7Vetsl1HLw79LDnUmGz5ttVHst6Tfwgqqh
4WYt51EDMJqfbOuVHiGp/hYDTeBKCgOlvWQUfIEyaNw2uEQQukJMjtbCVU++KpNT
MbYHA5jb2pSrGi7c/JcTMITpz2dKBdTFXFEG/N/G2WQblaOpvFexX0+E/OqU4O3r
TCfNau5cGP8tAUG4ckkpqluXkbVqLxPwBetUFS1ofqddDA4caZ7Opqi4LxsA0IJw
3NsrLPTNsh325CKWehfG25vHze3ZNcpKH3uUbxvWM2oy0/Qjfl/MiNjhUMJacJPM
86T11IHgRSxxGZQXeyL22YljoPMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQNLISN
3sLBKTSjQDReIjJ1hbhOnTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAKsacByVrtzbdh7wvjDM7uBZXxjiuXKJ7D6d/qplem
jyoNP47o3od3RNh7WeTSBvdULYSczQqsTSCBwSYyTOQwtWwdFiEtLtbbu1usdQYS
Ak0RTkIKA2W/Bqun3tYwRUju2YbgsJUQ/2kob1kfHpO6tTSiZYpPR68YGR9cwFvC
9U/92xR04TV1tnKyaGZTUxEux3CJ3LoqMuh88IrJ/6moZK6kZTqxR6M8C/of2bwU
cUVcvUCsMrV6rXVBu7dljIi+ACqQprTbsbQmkVK9BVjbyCYUA4v1dCEoSW5PrIy+
N8dTzxxhPMoyJp2HVGzgnyJ6Ut36Zy4BlLg6XmsVAuIW
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:48:26 2025 by rpki-client