Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: vhf521fTKuX0XQi9XkR7ZNzlsgT+OSrEUVgWoRJp0WI=
Subject key identifier: 72:6C:EC:85:49:00:73:7D:BB:29:4A:13:D2:69:3C:7E:2D:B8:86:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 678905390A8C119880F9E1A294E256EF45BF786C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Sat 31 May 2025 00:50:06 +0000
ROA not before: Sat 31 May 2025 00:50:06 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:89:05:39:0a:8c:11:98:80:f9:e1:a2:94:e2:56:ef:45:bf:78:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:06 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=26fc9c3b9658ab7c8eaefa05d0aaa85cdb3b2633ad675111379feb4c3eda44ca, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:26:10:47:35:f2:fa:9c:18:bd:6e:ef:8e:50:
ed:51:0c:93:c0:9c:f2:c8:ed:8d:cb:e7:4b:aa:cc:
97:01:4a:06:29:6c:bd:bf:b3:8a:86:28:ff:ed:ee:
c1:35:51:fd:83:0b:0a:66:a8:69:66:a1:af:1b:71:
00:3a:5c:11:5d:4f:7e:57:1e:81:08:8f:b3:ed:ae:
ba:77:53:79:a4:01:59:6e:53:7d:a6:32:08:00:10:
e3:f1:0b:8f:7d:cf:b3:36:5b:78:74:c3:62:34:5b:
b1:e7:af:11:9a:35:7f:3e:8b:ea:55:f4:19:53:6a:
a7:79:81:d9:75:5b:ea:39:1e:ea:47:99:4b:fe:08:
f1:38:1d:60:7b:13:96:07:80:e5:08:d1:59:4d:15:
bd:ab:b6:45:7c:df:a8:61:98:ae:40:13:ef:23:fe:
bc:39:2b:4f:b1:df:0a:be:e8:c7:8d:b3:e9:3d:5b:
68:33:89:ed:19:dd:3f:72:f2:ad:a4:35:51:06:e4:
8b:14:09:95:f5:80:5b:32:94:c9:75:22:d9:d2:65:
37:5a:c1:56:55:bd:bf:6f:0a:dd:7e:d2:08:77:d5:
1d:3d:0a:16:b6:01:1f:6b:fb:26:e2:22:81:40:51:
14:e1:1f:66:b8:79:33:ef:9f:70:5c:6c:5f:74:48:
f0:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6C:EC:85:49:00:73:7D:BB:29:4A:13:D2:69:3C:7E:2D:B8:86:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
25:94:82:69:15:5d:84:34:72:5a:90:29:cc:fd:39:40:6d:fd:
8a:57:51:5c:da:f0:35:26:bb:1e:3d:bd:b3:17:7f:18:72:9d:
c5:a6:d5:e1:1b:46:68:af:1a:84:2b:e7:9e:dc:ff:b6:ef:7a:
ea:59:bf:4d:26:ba:6b:61:20:08:36:42:e5:4c:1b:49:40:da:
05:62:c4:f8:94:0b:94:90:0c:bf:6c:6d:91:de:4f:df:09:c6:
3d:3c:de:ff:40:6c:04:f2:33:18:ab:58:d2:f9:76:af:c9:cf:
fa:3f:35:2d:59:d0:dd:42:93:cf:aa:be:35:9c:6e:13:89:ba:
61:ad:f9:af:29:f6:e4:2b:85:c6:9e:30:55:1d:3f:5e:21:47:
74:4d:a3:af:91:bb:9f:37:c2:0d:ba:3e:16:24:98:25:8a:98:
71:86:a3:32:de:c1:c8:ac:ff:fa:3a:c1:3c:34:e4:c9:b7:44:
98:31:b7:6a:a2:27:35:15:e5:82:64:ff:bd:99:b7:48:f6:a3:
dc:4a:10:2f:48:75:95:36:ea:01:58:e5:f3:13:ef:64:50:b8:
0e:bd:72:c2:3d:fd:e9:8b:81:f2:6c:a9:ea:6e:19:ca:32:6e:
ef:86:a8:3e:d6:7f:64:6e:c1:c8:4c:a8:ef:c4:4a:d3:ee:df:
e6:ca:ec:58
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ4kFOQqMEZiA+eGilOJW70W/eGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMDZaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2ZmM5YzNiOTY1OGFiN2M4ZWFlZmEwNWQwYWFhODVjZGIzYjI2MzNhZDY3
NTExMTM3OWZlYjRjM2VkYTQ0Y2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4mEEc18vqcGL1u745Q7VEMk8Cc8sjtjcvnS6rMlwFKBilsvb+zioYo/+3u
wTVR/YMLCmaoaWahrxtxADpcEV1PflcegQiPs+2uundTeaQBWW5TfaYyCAAQ4/EL
j33PszZbeHTDYjRbseevEZo1fz6L6lX0GVNqp3mB2XVb6jke6keZS/4I8TgdYHsT
lgeA5QjRWU0Vvau2RXzfqGGYrkAT7yP+vDkrT7HfCr7ox42z6T1baDOJ7RndP3Ly
raQ1UQbkixQJlfWAWzKUyXUi2dJlN1rBVlW9v28K3X7SCHfVHT0KFrYBH2v7JuIi
gUBRFOEfZrh5M++fcFxsX3RI8H0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRybOyF
SQBzfbspShPSaTx+LbiGODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAJZSCaRVdhDRyWpApzP05QG39ildRXNrwNSa7Hj29
sxd/GHKdxabV4RtGaK8ahCvnntz/tu966lm/TSa6a2EgCDZC5UwbSUDaBWLE+JQL
lJAMv2xtkd5P3wnGPTze/0BsBPIzGKtY0vl2r8nP+j81LVnQ3UKTz6q+NZxuE4m6
Ya35ryn25CuFxp4wVR0/XiFHdE2jr5G7nzfCDbo+FiSYJYqYcYajMt7ByKz/+jrB
PDTkybdEmDG3aqInNRXlgmT/vZm3SPaj3EoQL0h1lTbqAVjl8xPvZFC4Dr1ywj39
6YuB8myp6m4ZyjJu74aoPtZ/ZG7ByEyo78RK0+7f5srsWA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 04:01:53 2025 by rpki-client