Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: 16hbOMR88TiiTcL85vNi3GpyDHMILoczD9j8XY7IedE=
Subject key identifier: DA:7C:73:60:B9:4A:F9:9D:4B:13:FD:F4:59:53:9E:0C:DE:61:F4:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CC11CF5E24CEF9A9BB97358A32A48CE8F3487C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Tue 03 Jun 2025 16:30:14 +0000
ROA not before: Tue 03 Jun 2025 16:30:14 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:c1:1c:f5:e2:4c:ef:9a:9b:b9:73:58:a3:2a:48:ce:8f:34:87:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 3 16:30:14 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=d65d9016c562652b1c19d6b185a5264401e6b7542b06c9b0c426581639a2c4c1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:23:58:43:97:7e:11:91:38:4c:ed:61:55:e8:
aa:72:d8:f8:57:09:70:6a:1b:1e:3c:e6:7c:ff:d6:
98:ab:bd:d3:a7:53:1d:33:47:a5:16:34:46:36:d0:
5c:c0:ed:eb:95:9d:00:7f:db:ba:e5:5a:8e:cf:96:
b2:26:39:bd:42:3f:6f:ec:11:d7:5b:29:e8:4d:77:
a9:cd:f7:ae:88:6a:d8:44:5e:88:3d:b0:a5:7f:b0:
45:bb:10:e1:ab:df:40:96:73:0a:ca:a6:97:65:31:
31:36:29:f9:b9:c1:59:90:6e:a4:77:cd:e7:36:9d:
53:b8:18:9a:d8:63:60:31:11:d1:78:99:78:38:cb:
6a:62:77:ec:e3:87:d6:4f:26:0d:ab:f6:2e:ad:a1:
b2:d7:85:d5:24:28:09:bc:84:ab:68:ae:53:6b:09:
56:90:5f:8a:36:cc:70:eb:e5:f2:01:bb:a6:9c:94:
ea:96:70:b4:3e:da:80:38:fc:2e:35:86:32:29:1e:
fd:ec:06:dc:05:10:ac:f8:10:97:78:df:80:71:77:
75:20:b9:e2:26:29:d8:34:e4:e8:63:4a:d3:8e:52:
3f:14:d6:69:24:6a:cc:e9:9c:a0:81:46:07:8e:3f:
cb:0e:25:42:db:76:20:9c:dc:38:c3:0b:ab:b5:5d:
f3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:7C:73:60:B9:4A:F9:9D:4B:13:FD:F4:59:53:9E:0C:DE:61:F4:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
65:8a:81:43:05:3e:8c:3a:08:83:0d:2b:b0:a1:a3:13:6f:2a:
11:39:da:ad:65:93:78:57:b1:16:43:c5:ad:28:fc:2b:92:8c:
d4:b7:7a:28:a2:26:bf:6a:b4:1d:87:79:b1:3b:66:c2:ac:81:
b1:39:1c:17:4f:c4:e9:2b:32:41:2d:2f:5f:83:49:bc:98:35:
bf:be:a8:5f:00:fd:06:f4:27:35:6f:a0:ed:f1:5f:e5:88:ac:
ca:22:e2:fd:f3:2b:c9:ae:c1:3b:1b:b5:d4:bb:89:cb:5e:96:
ac:20:f0:2f:7e:98:26:b3:2e:a8:b6:3b:27:fb:3f:1f:68:cf:
e2:70:67:31:0f:ed:c2:67:f1:bb:89:a1:cd:81:fc:ae:5e:03:
77:4d:ce:8c:4d:1a:71:cb:d6:f4:ee:d3:49:c9:89:a9:90:46:
86:15:ac:a2:cc:02:f8:3e:a9:e9:b3:1c:38:b4:37:6c:7f:ca:
38:f4:af:b8:9a:5f:1c:b1:8b:24:72:06:98:6f:c9:59:bd:16:
62:fc:94:82:63:9b:9b:b0:d9:d4:ae:4a:ad:a2:cc:73:fd:2d:
44:c8:3b:71:5e:a4:2a:b0:f2:9f:f9:60:bd:a3:2f:1d:d4:f3:
73:dd:90:e9:31:a1:85:aa:97:c5:f8:3b:42:72:a9:43:8b:73:
f4:60:bb:11
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfMEc9eJM75qbuXNYoypIzo80h8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MDMxNjMwMTRaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NWQ5MDE2YzU2MjY1MmIxYzE5ZDZiMTg1YTUyNjQ0MDFlNmI3NTQyYjA2
YzliMGM0MjY1ODE2MzlhMmM0YzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYjWEOXfhGROEztYVXoqnLY+FcJcGobHjzmfP/WmKu906dTHTNHpRY0RjbQ
XMDt65WdAH/buuVajs+WsiY5vUI/b+wR11sp6E13qc33rohq2EReiD2wpX+wRbsQ
4avfQJZzCsqml2UxMTYp+bnBWZBupHfN5zadU7gYmthjYDER0XiZeDjLamJ37OOH
1k8mDav2Lq2hsteF1SQoCbyEq2iuU2sJVpBfijbMcOvl8gG7ppyU6pZwtD7agDj8
LjWGMike/ewG3AUQrPgQl3jfgHF3dSC54iYp2DTk6GNK045SPxTWaSRqzOmcoIFG
B44/yw4lQtt2IJzcOMMLq7Vd8xECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTafHNg
uUr5nUsT/fRZU54M3mH0tTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAZYqBQwU+jDoIgw0rsKGjE28qETnarWWTeFexFkPF
rSj8K5KM1Ld6KKImv2q0HYd5sTtmwqyBsTkcF0/E6SsyQS0vX4NJvJg1v76oXwD9
BvQnNW+g7fFf5YisyiLi/fMrya7BOxu11LuJy16WrCDwL36YJrMuqLY7J/s/H2jP
4nBnMQ/twmfxu4mhzYH8rl4Dd03OjE0accvW9O7TScmJqZBGhhWsoswC+D6p6bMc
OLQ3bH/KOPSvuJpfHLGLJHIGmG/JWb0WYvyUgmObm7DZ1K5KraLMc/0tRMg7cV6k
KrDyn/lgvaMvHdTzc92Q6TGhhaqXxfg7QnKpQ4tz9GC7EQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:20 2025 by rpki-client