Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: 548OnGmmoi8DQL1IGJW+xylOqsAP4mUqgWzMF/474FU=
Subject key identifier: B5:D5:27:26:A3:CD:4E:A8:65:99:97:00:BC:B0:29:8C:1B:E0:B7:05
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B1EB0EA39BD12199CBECD45E3E8591B4F3EE8F1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Fri 25 Apr 2025 20:31:24 +0000
ROA not before: Fri 25 Apr 2025 20:31:24 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:1e:b0:ea:39:bd:12:19:9c:be:cd:45:e3:e8:59:1b:4f:3e:e8:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:24 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=9ac31c8a54cc86ca6eeba410845907e3fc05fa3dbb5d134777b2da35f226b842, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a9:ec:44:e6:e5:c2:dd:63:58:1d:7e:dd:a3:
a0:d6:3b:23:ca:21:74:86:86:34:ad:1e:96:c8:8d:
51:0b:38:ef:5f:94:70:66:bc:a4:ca:90:a6:8f:17:
ca:7c:d4:dd:db:1a:ff:e3:33:2e:91:0f:50:5a:b3:
90:7d:46:d7:94:0c:63:2c:b4:05:b6:64:49:be:54:
7b:e3:d7:e2:dd:45:34:31:1d:7b:8c:59:37:ef:ff:
a2:6b:ea:a8:f8:d2:13:1c:e5:b5:71:74:94:53:00:
b5:70:40:dd:e4:28:c8:7c:dc:33:3d:7b:d6:6e:1a:
0a:da:0f:f1:41:3a:6c:b9:7d:89:f6:b8:86:0b:9f:
7d:c8:ba:24:58:05:33:bc:a1:e2:65:d0:0a:bc:e6:
90:46:c9:c2:ea:71:20:0b:e2:a2:02:a2:70:f9:00:
c4:89:ef:a5:f4:03:a3:5f:67:49:63:f5:43:0d:e4:
95:86:b8:53:27:34:d7:24:02:34:7e:a5:8c:fb:78:
f5:67:18:33:10:54:53:62:a0:27:6d:28:2d:f7:f1:
0c:d2:54:23:5e:fe:ba:8d:09:f3:36:2d:6e:33:2e:
f9:01:80:5f:45:ab:eb:c0:25:75:0d:a3:8f:5a:ab:
f6:02:82:04:f7:59:b2:17:d3:fc:03:23:bf:ad:5e:
75:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:D5:27:26:A3:CD:4E:A8:65:99:97:00:BC:B0:29:8C:1B:E0:B7:05
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:01:d5:a7:ef:d9:21:14:6b:a4:cc:65:68:57:8f:fb:cb:9c:
fd:43:62:c2:20:08:9d:e1:03:86:c6:2b:3c:8d:ac:bc:a1:c5:
64:6f:bd:23:26:42:ee:a9:fc:d5:b0:e3:5c:0f:1b:c3:0a:fd:
bb:65:98:91:b7:24:ee:ac:82:78:de:04:cf:6b:3f:11:e8:3b:
53:fa:d3:09:98:e9:ec:86:39:af:01:87:15:60:ba:07:18:cf:
2e:c4:dd:75:2a:85:79:65:d1:d0:0b:24:78:53:a3:1e:50:aa:
a1:68:a9:3a:8b:6e:ec:5b:93:8d:89:05:bb:92:fc:35:45:46:
1f:5a:b3:e1:23:6d:af:cd:75:3e:73:1b:bb:83:30:c5:4c:18:
87:f2:ea:fd:0b:83:a4:05:a8:0e:9b:82:77:db:f0:4f:24:23:
9d:57:6f:5e:10:a3:e4:a1:c4:b0:a7:32:77:ae:76:c6:7d:5f:
67:8e:05:1f:73:9c:b4:fa:18:4f:36:c2:49:97:6b:de:9c:3f:
c2:55:ce:8d:5d:68:d4:24:6b:dc:2b:42:7f:e1:2d:bc:f3:53:
7e:ac:ef:4e:a5:c8:d1:d6:ea:4e:fa:da:1b:c1:bd:61:78:8c:
71:95:ce:fc:fc:da:bd:14:10:05:4c:10:e0:f0:9c:9e:d7:36:
52:fd:58:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUax6w6jm9Ehmcvs1F4+hZG08+6PEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhYzMxYzhhNTRjYzg2Y2E2ZWViYTQxMDg0NTkwN2UzZmMwNWZhM2RiYjVk
MTM0Nzc3YjJkYTM1ZjIyNmI4NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI2p7ETm5cLdY1gdft2joNY7I8ohdIaGNK0elsiNUQs471+UcGa8pMqQpo8X
ynzU3dsa/+MzLpEPUFqzkH1G15QMYyy0BbZkSb5Ue+PX4t1FNDEde4xZN+//omvq
qPjSExzltXF0lFMAtXBA3eQoyHzcMz171m4aCtoP8UE6bLl9ifa4hguffci6JFgF
M7yh4mXQCrzmkEbJwupxIAviogKicPkAxInvpfQDo19nSWP1Qw3klYa4Uyc01yQC
NH6ljPt49WcYMxBUU2KgJ20oLffxDNJUI17+uo0J8zYtbjMu+QGAX0Wr68AldQ2j
j1qr9gKCBPdZshfT/AMjv61edX0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS11Scm
o81OqGWZlwC8sCmMG+C3BTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQBbAdWn79khFGukzGVoV4/7y5z9Q2LCIAid4QOGxis8
jay8ocVkb70jJkLuqfzVsONcDxvDCv27ZZiRtyTurIJ43gTPaz8R6DtT+tMJmOns
hjmvAYcVYLoHGM8uxN11KoV5ZdHQCyR4U6MeUKqhaKk6i27sW5ONiQW7kvw1RUYf
WrPhI22vzXU+cxu7gzDFTBiH8ur9C4OkBagOm4J32/BPJCOdV29eEKPkocSwpzJ3
rnbGfV9njgUfc5y0+hhPNsJJl2venD/CVc6NXWjUJGvcK0J/4S2881N+rO9OpcjR
1upO+tobwb1heIxxlc78/Nq9FBAFTBDg8Jye1zZS/VgD
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:46:05 2025 by rpki-client