Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: uF7dwv78Ete5ybjzliImOPq+6DEsUgI7chXoxeX2/1o=
Subject key identifier: E8:5F:CD:68:7B:68:0D:DE:96:10:97:A7:C3:11:18:6E:62:32:11:41
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20CAC23F41995C39790D609ACD7913616F097D03
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Fri 09 May 2025 16:30:06 +0000
ROA not before: Fri 09 May 2025 16:30:06 +0000
ROA not after: Fri 13 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:ca:c2:3f:41:99:5c:39:79:0d:60:9a:cd:79:13:61:6f:09:7d:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 9 16:30:06 2025 GMT
Not After : Jun 13 23:59:59 2025 GMT
Subject: serialNumber=e9f41f6b667e68e602078811cb9a7d190cf7f546e3549000842a942b968a64f3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:9d:b0:95:e6:79:4e:38:f4:a7:54:72:71:ee:
a6:9e:4b:f8:9d:54:a8:66:54:c1:b7:ca:1c:36:14:
a2:50:8e:9c:41:2a:c7:d7:d0:da:56:ab:8f:3d:80:
bd:8c:d2:19:32:1a:e7:56:89:73:1b:25:51:72:e9:
f9:cd:a3:c1:a5:52:77:31:b3:c8:0f:b9:25:23:d6:
c7:44:96:0b:19:1b:9b:f3:ae:1f:ad:2e:0e:47:ad:
89:57:17:ef:77:a0:87:88:24:b4:e7:8f:94:03:29:
ee:ed:dc:06:5a:8e:69:af:40:61:8d:5c:ab:71:b0:
b7:81:41:ad:02:71:d6:37:ba:a8:78:88:f7:b1:8b:
5a:0d:a3:bd:b3:37:06:e4:fb:d5:27:16:17:a6:06:
15:51:a6:35:11:47:11:34:b0:6a:14:05:cb:c2:b0:
5b:34:d8:6b:b5:3e:98:96:30:17:e8:47:b1:a7:50:
ce:c2:8f:58:a3:32:40:ef:98:16:77:e2:51:d7:33:
f1:67:9a:74:20:7f:f3:47:8d:4c:66:d1:88:bf:d8:
d4:49:a4:1e:08:79:38:b8:22:2c:b9:8f:1d:c3:d1:
cc:37:6a:25:ad:72:4b:70:66:76:a2:a9:c8:11:08:
bd:89:20:2b:df:2c:27:13:38:ab:28:b4:7f:40:89:
11:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:5F:CD:68:7B:68:0D:DE:96:10:97:A7:C3:11:18:6E:62:32:11:41
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
c9:d3:32:db:ec:0f:e8:a4:b9:8c:91:fc:1e:de:6f:46:fb:46:
c4:96:cc:c9:18:3f:ec:1f:38:87:4a:e5:da:b9:e4:c3:be:be:
13:5b:16:dc:e1:8a:10:7c:b5:8b:65:17:77:2d:f9:ba:c7:4e:
07:e1:70:15:3a:ab:0f:12:71:d6:25:27:e2:a4:b2:2a:28:99:
2f:96:25:5b:fb:b3:e7:7d:50:3b:dc:23:f9:7d:3b:f6:ef:b3:
08:7f:16:75:e1:a1:f8:d6:3f:fc:4c:0b:e6:ec:dd:fd:b6:43:
22:24:63:ba:7c:f8:27:69:01:f7:a8:09:2a:03:bc:33:d3:eb:
b1:7f:c4:df:f1:f0:7a:9e:d8:82:cd:f1:62:ba:48:4d:4b:20:
e2:dd:9a:50:c6:b2:11:50:3a:5b:c1:cb:ba:8f:b3:ff:bb:14:
8f:46:45:cc:e7:28:9c:8c:3e:70:6b:73:2c:f7:3e:7d:93:25:
e0:0e:ef:ba:12:ac:d4:94:29:17:12:66:bc:1f:ad:01:01:d3:
48:b5:a6:05:b6:50:2b:96:6a:1b:a9:c2:87:d1:f6:0a:ac:39:
6d:a1:5d:3a:58:a6:d1:c2:a7:0c:35:01:5d:db:ab:a6:9f:f3:
40:84:12:22:e6:56:1c:a1:ac:7c:74:31:ab:6e:1f:a3:16:25:
8e:ba:dc:1f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIMrCP0GZXDl5DWCazXkTYW8JfQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDkxNjMwMDZaFw0yNTA2MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZjQxZjZiNjY3ZTY4ZTYwMjA3ODgxMWNiOWE3ZDE5MGNmN2Y1NDZlMzU0
OTAwMDg0MmE5NDJiOTY4YTY0ZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALidsJXmeU449KdUcnHupp5L+J1UqGZUwbfKHDYUolCOnEEqx9fQ2larjz2A
vYzSGTIa51aJcxslUXLp+c2jwaVSdzGzyA+5JSPWx0SWCxkbm/OuH60uDketiVcX
73egh4gktOePlAMp7u3cBlqOaa9AYY1cq3Gwt4FBrQJx1je6qHiI97GLWg2jvbM3
BuT71ScWF6YGFVGmNRFHETSwahQFy8KwWzTYa7U+mJYwF+hHsadQzsKPWKMyQO+Y
FnfiUdcz8WeadCB/80eNTGbRiL/Y1EmkHgh5OLgiLLmPHcPRzDdqJa1yS3BmdqKp
yBEIvYkgK98sJxM4qyi0f0CJER8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBToX81o
e2gN3pYQl6fDERhuYjIRQTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAydMy2+wP6KS5jJH8Ht5vRvtGxJbMyRg/7B84h0rl
2rnkw76+E1sW3OGKEHy1i2UXdy35usdOB+FwFTqrDxJx1iUn4qSyKiiZL5YlW/uz
531QO9wj+X079u+zCH8WdeGh+NY//EwL5uzd/bZDIiRjunz4J2kB96gJKgO8M9Pr
sX/E3/Hwep7Ygs3xYrpITUsg4t2aUMayEVA6W8HLuo+z/7sUj0ZFzOconIw+cGtz
LPc+fZMl4A7vuhKs1JQpFxJmvB+tAQHTSLWmBbZQK5ZqG6nCh9H2Cqw5baFdOlim
0cKnDDUBXdurpp/zQIQSIuZWHKGsfHQxq24foxYljrrcHw==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:30:40 2025 by rpki-client