Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: PArvIbwyCH958l3WJItKMrsTE5pqbPcMxc6AfkjYMLc=
Subject key identifier: DA:51:97:75:5A:0A:59:AB:FC:9E:F8:58:C5:01:51:E7:D6:00:AE:79
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30ACE850D2BF0C27BA22CF7256CFF6A4431C748B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Fri 09 May 2025 16:30:04 +0000
ROA not before: Fri 09 May 2025 16:30:04 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ac:e8:50:d2:bf:0c:27:ba:22:cf:72:56:cf:f6:a4:43:1c:74:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 9 16:30:04 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=d0eb0642afc84ab0dc6454ea100f64cf3200ccd324e47244472e39702ea2bd75, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:e5:f6:18:39:ba:72:80:b7:dc:72:1d:37:
58:60:bf:f1:2e:51:a3:7c:5d:31:df:09:8e:75:0c:
e9:6c:0f:9f:9c:7e:70:de:2f:d5:e8:d5:4a:0e:c5:
9f:d2:b9:a0:0a:48:8f:80:8a:88:87:d5:92:18:e3:
3f:8f:27:cd:23:18:14:50:6b:2c:5e:f5:f3:f1:bc:
85:4c:da:1f:cd:6c:f4:2f:48:71:6f:6f:1e:56:29:
5e:c1:bf:bf:3c:e3:55:e7:4a:4e:20:7b:62:d9:96:
c5:a9:b9:a5:64:43:41:35:8f:a6:6f:2d:95:e7:a7:
a6:50:95:ee:37:bd:71:0d:31:16:0a:2e:7d:1f:0f:
85:16:8b:fd:9b:a7:7e:ec:9e:b1:c0:2f:8c:27:b4:
f7:b8:8d:b7:0c:82:0e:36:d6:c3:68:c6:be:72:9f:
d3:ce:eb:b8:f7:82:5a:76:7f:b3:cf:51:a1:da:ed:
44:75:2a:d8:2a:63:17:4d:32:c0:ad:7b:41:08:d7:
10:80:5a:4f:e8:17:c9:e0:fb:ff:55:1c:c7:ba:fe:
d7:2e:1f:d9:54:0b:e7:4e:25:aa:f2:7b:a9:a0:e7:
f8:47:b8:ba:1e:31:8d:00:e2:f2:59:c8:25:da:08:
d9:96:90:46:5c:e5:f2:c7:b5:f6:81:08:ec:c6:ed:
c5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:51:97:75:5A:0A:59:AB:FC:9E:F8:58:C5:01:51:E7:D6:00:AE:79
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
5c:88:5d:99:49:23:dc:ec:71:79:a8:81:07:97:98:c0:eb:00:
14:48:80:2f:29:21:28:f3:e7:70:eb:e2:11:16:58:71:69:51:
59:4e:ca:1d:a7:dc:cf:b0:29:8c:55:9d:99:84:09:93:cb:1d:
ef:3c:f4:b8:b5:e8:c3:6f:88:4a:4f:ff:97:c2:16:01:f4:96:
5b:bf:35:f2:ff:0b:45:45:c6:1f:11:05:eb:00:95:51:90:5f:
30:c3:d9:fc:92:05:b1:87:f2:e8:e9:9d:88:4b:ce:93:8a:87:
0d:ad:c5:1e:af:f9:e5:2f:51:fa:25:1f:6e:36:e6:26:42:d0:
50:3c:46:2b:da:ed:57:e1:9e:82:8c:60:c9:8a:a3:c3:be:5a:
46:2f:35:5b:08:c0:e0:49:09:4a:85:90:f2:7a:8b:76:1d:d0:
e0:99:0d:ff:06:77:43:29:ac:0d:b2:b8:ca:3c:2f:47:3f:24:
07:5b:55:c3:0b:c2:5b:f3:27:bb:ca:25:6e:c8:49:18:05:21:
ff:ad:72:63:30:b7:53:57:20:cc:67:26:f2:4d:37:5b:ca:95:
ac:7b:c4:b8:85:ce:5b:e6:5d:d2:50:78:3e:eb:e3:d4:11:c8:
cc:9f:2f:5c:4e:8c:f4:e8:86:c7:3f:8c:fa:33:dc:01:bd:21:
c4:40:d4:cf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMKzoUNK/DCe6Is9yVs/2pEMcdIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDkxNjMwMDRaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwZWIwNjQyYWZjODRhYjBkYzY0NTRlYTEwMGY2NGNmMzIwMGNjZDMyNGU0
NzI0NDQ3MmUzOTcwMmVhMmJkNzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6e5fYYObpygLfcch03WGC/8S5Ro3xdMd8JjnUM6WwPn5x+cN4v1ejVSg7F
n9K5oApIj4CKiIfVkhjjP48nzSMYFFBrLF718/G8hUzaH81s9C9IcW9vHlYpXsG/
vzzjVedKTiB7YtmWxam5pWRDQTWPpm8tleenplCV7je9cQ0xFgoufR8PhRaL/Zun
fuyescAvjCe097iNtwyCDjbWw2jGvnKf087ruPeCWnZ/s89RodrtRHUq2CpjF00y
wK17QQjXEIBaT+gXyeD7/1Ucx7r+1y4f2VQL504lqvJ7qaDn+Ee4uh4xjQDi8lnI
JdoI2ZaQRlzl8se19oEI7Mbtxb8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTaUZd1
WgpZq/ye+FjFAVHn1gCueTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEAXIhdmUkj3OxxeaiBB5eYwOsAFEiALykhKPPncOvi
ERZYcWlRWU7KHafcz7ApjFWdmYQJk8sd7zz0uLXow2+ISk//l8IWAfSWW7818v8L
RUXGHxEF6wCVUZBfMMPZ/JIFsYfy6OmdiEvOk4qHDa3FHq/55S9R+iUfbjbmJkLQ
UDxGK9rtV+GegoxgyYqjw75aRi81WwjA4EkJSoWQ8nqLdh3Q4JkN/wZ3QymsDbK4
yjwvRz8kB1tVwwvCW/Mnu8olbshJGAUh/61yYzC3U1cgzGcm8k03W8qVrHvEuIXO
W+Zd0lB4Puvj1BHIzJ8vXE6M9OiGxz+M+jPcAb0hxEDUzw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:30:40 2025 by rpki-client