Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: L9jIs7wAdzvJhJbcexmWDXdAEcmkplf5hJ7AZdwBayk=
Subject key identifier: 0B:DB:50:B4:AD:38:A4:80:25:BB:EE:75:DF:24:C5:D1:3B:2E:5A:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B5C87EBD455FB925CF8E15B4845146158EEEF42
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Tue 20 May 2025 20:50:16 +0000
ROA not before: Tue 20 May 2025 20:50:16 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:5c:87:eb:d4:55:fb:92:5c:f8:e1:5b:48:45:14:61:58:ee:ef:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:50:16 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=8df1c7b03bf44309fee2922a1a550685a692d39c16786a99c8eceb1efdb45c66, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a4:07:80:eb:ad:47:09:e1:cf:b0:13:84:9f:
60:34:2d:c8:9e:16:f7:8b:10:52:25:60:97:15:53:
c0:e9:7f:be:c4:a4:a8:d4:d7:69:da:8b:99:96:75:
fb:43:4f:6e:ab:5a:3f:e1:6f:1d:4c:53:b5:1f:3d:
90:7d:b0:2b:c8:88:49:4f:a6:63:5f:2d:48:e4:af:
5a:fa:17:03:24:da:05:34:a6:1a:27:f8:fa:75:09:
b2:1b:3c:bc:48:a0:d3:ff:a1:08:54:3c:9f:7e:be:
14:41:5c:25:ef:66:ad:1e:85:e4:5b:e0:61:a9:fb:
39:31:fb:74:98:54:22:43:fd:1d:c4:58:4d:56:87:
14:3b:07:7b:21:e2:c8:39:65:dc:24:73:69:05:6f:
b3:86:b8:6d:00:25:e4:bb:7b:d1:1b:a2:ed:2c:19:
4f:72:f2:ab:01:48:32:ff:f9:5b:c3:e0:d7:d4:2a:
31:34:02:6f:bc:41:45:fb:b6:a7:be:a1:b5:0a:51:
e7:e7:f1:62:36:b3:91:47:02:74:0d:05:36:fb:d3:
fd:ef:e6:52:64:c4:90:5b:11:51:d3:b6:3c:52:cf:
fc:c3:01:be:0a:cf:19:d1:16:07:6e:8f:b3:2b:1b:
bd:c8:93:ae:c6:4d:0c:1f:ea:c4:b7:1f:86:da:8d:
34:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DB:50:B4:AD:38:A4:80:25:BB:EE:75:DF:24:C5:D1:3B:2E:5A:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8d:50:71:1d:0f:2c:7f:37:81:1e:4a:0f:76:d9:2d:bc:29:81:
75:d5:01:52:78:56:ce:b0:e3:9a:a1:e4:b6:10:d6:d1:a6:82:
b1:46:52:2b:76:9b:82:51:60:c4:21:d2:d9:c6:01:a7:50:00:
21:53:15:6e:06:7f:4e:fc:93:0d:a7:63:64:7f:9a:0c:ac:95:
78:99:e3:b6:b8:a8:8d:34:17:48:bb:34:f2:d3:0b:b1:58:d1:
c0:5f:ba:9a:83:b4:d6:33:55:90:a8:a1:0d:90:ee:4f:53:20:
06:ca:22:fe:98:88:05:03:5d:78:2f:5e:11:52:e1:b8:c3:05:
b7:c5:62:24:16:70:13:e7:ae:eb:8d:b7:7f:f5:66:fa:36:17:
fb:d1:94:60:23:cd:cb:fd:23:5e:a8:e6:fb:6c:9a:d1:36:b0:
34:d2:6c:9f:56:88:f7:4f:bc:14:fd:e1:3e:c7:08:cb:26:92:
fc:85:cc:dc:cc:65:cb:83:b6:89:5f:3a:74:48:64:3c:6c:89:
ae:c2:2f:57:68:0b:77:2e:e8:0c:0a:41:e2:af:16:b8:95:45:
b2:05:26:ca:cc:c8:28:34:70:84:40:cb:2c:02:37:6a:06:14:
ec:11:6b:ee:77:d6:5d:d4:49:1b:2f:51:f4:9b:6e:b4:8f:89:
d5:74:e0:1f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUO1yH69RV+5Jc+OFbSEUUYVju70IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDUwMTZaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkZjFjN2IwM2JmNDQzMDlmZWUyOTIyYTFhNTUwNjg1YTY5MmQzOWMxNjc4
NmE5OWM4ZWNlYjFlZmRiNDVjNjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALSkB4DrrUcJ4c+wE4SfYDQtyJ4W94sQUiVglxVTwOl/vsSkqNTXadqLmZZ1
+0NPbqtaP+FvHUxTtR89kH2wK8iISU+mY18tSOSvWvoXAyTaBTSmGif4+nUJshs8
vEig0/+hCFQ8n36+FEFcJe9mrR6F5FvgYan7OTH7dJhUIkP9HcRYTVaHFDsHeyHi
yDll3CRzaQVvs4a4bQAl5Lt70Rui7SwZT3LyqwFIMv/5W8Pg19QqMTQCb7xBRfu2
p76htQpR5+fxYjazkUcCdA0FNvvT/e/mUmTEkFsRUdO2PFLP/MMBvgrPGdEWB26P
sysbvciTrsZNDB/qxLcfhtqNNKcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQL21C0
rTikgCW77nXfJMXROy5a+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQCNUHEdDyx/N4EeSg922S28KYF11QFSeFbOsOOaoeS2
ENbRpoKxRlIrdpuCUWDEIdLZxgGnUAAhUxVuBn9O/JMNp2Nkf5oMrJV4meO2uKiN
NBdIuzTy0wuxWNHAX7qag7TWM1WQqKENkO5PUyAGyiL+mIgFA114L14RUuG4wwW3
xWIkFnAT567rjbd/9Wb6Nhf70ZRgI83L/SNeqOb7bJrRNrA00myfVoj3T7wU/eE+
xwjLJpL8hczczGXLg7aJXzp0SGQ8bImuwi9XaAt3LugMCkHirxa4lUWyBSbKzMgo
NHCEQMssAjdqBhTsEWvud9Zd1EkbL1H0m260j4nVdOAf
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:02:16 2025 by rpki-client