Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
File: 387a5e5f-3658-431f-b236-d486cddcae07.roa (raw, json)
Hash identifier: ZDDJrcjq2SXRVeWmlei33rvVhLzSvgDHt2l5TzahAL4=
Subject key identifier: BC:BC:75:95:01:A0:AE:79:5C:55:98:3A:2B:BF:5A:16:A8:98:39:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 598DA6870417FA8A9CE3173E0354050A7D2E92B9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
Signing time: Tue 03 Jun 2025 16:30:12 +0000
ROA not before: Tue 03 Jun 2025 16:30:12 +0000
ROA not after: Tue 08 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:8d:a6:87:04:17:fa:8a:9c:e3:17:3e:03:54:05:0a:7d:2e:92:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 3 16:30:12 2025 GMT
Not After : Jul 8 23:59:59 2025 GMT
Subject: serialNumber=03ba5fe0f518da5eac17fa8090def513aa96e120bc9ba513b7671fa957d0142a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:71:2e:db:f9:e2:0a:6b:82:7a:bf:24:bc:c6:
d5:5e:d4:f3:b4:7e:44:f7:ed:87:0d:12:c4:77:0f:
0b:17:a8:83:6b:7a:ae:9e:6a:a8:0e:99:ba:a9:e2:
cf:6e:c8:e0:e0:3b:de:d3:60:38:93:d4:94:32:30:
ab:b2:2c:59:ea:0c:5d:cf:00:0c:37:58:4d:5e:54:
40:4d:75:bf:12:a3:ef:c7:38:90:d2:3e:3e:1e:b5:
5e:93:71:30:22:1d:8c:55:64:ef:07:cc:42:9b:26:
ea:26:11:2c:5a:ce:07:1d:ff:c7:61:e6:c1:fb:78:
84:58:6f:98:0f:c3:c5:18:64:80:f6:42:ab:37:51:
4c:1c:39:ce:57:2c:72:1d:9c:6c:71:a7:ad:c5:d7:
83:f2:24:94:e5:19:d8:34:db:cf:8f:95:e9:cb:01:
ea:09:5b:57:01:4e:81:a9:8f:80:06:29:a1:ad:9d:
b7:e9:e4:1d:46:30:f8:81:52:9d:8e:be:3f:2f:7d:
70:8d:eb:de:56:26:56:08:16:ba:95:f0:4e:15:52:
9a:9a:17:bd:93:b6:d1:bc:2a:26:d0:5e:ef:36:50:
ec:fe:e6:a6:7f:20:74:15:1e:65:d8:07:bc:ff:80:
05:07:33:df:f5:f6:13:41:7f:d7:73:81:49:a0:9a:
d5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:BC:75:95:01:A0:AE:79:5C:55:98:3A:2B:BF:5A:16:A8:98:39:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
94:7c:cd:88:0a:97:bd:c2:16:f6:c2:bc:ba:ef:8d:b4:f6:93:
c1:4c:ea:ad:44:7a:ba:c6:88:a5:45:5f:26:c2:2b:09:57:50:
7c:35:f6:b0:a2:bf:7b:05:10:b8:e9:80:ee:65:2e:51:43:13:
7b:2f:f4:3c:52:ae:cb:02:45:86:af:b1:1e:6b:03:04:d9:09:
05:c8:7b:1e:c5:ed:b5:4e:e7:12:14:8a:2a:d8:97:71:a7:7a:
9a:94:66:53:c3:9e:a0:50:ab:00:bb:aa:8c:9f:89:48:50:fc:
27:e9:6f:0b:18:12:35:01:5f:47:f0:0c:d4:57:07:a8:5c:21:
7c:f8:1c:9e:f0:b6:c4:f7:d4:04:a9:c0:95:f1:10:6d:3d:f0:
0f:38:2a:68:ad:1f:ea:80:73:98:4e:5a:76:6c:66:4e:10:a0:
6c:d8:32:8e:35:1f:3c:90:a1:5f:18:d4:de:8b:8d:f4:37:2e:
e6:b5:ee:bb:28:89:d9:94:6d:68:32:6e:7b:fc:a3:73:f9:6c:
dc:79:bb:3d:88:62:2d:42:13:fb:97:cf:bb:ce:7d:ef:e0:55:
fa:32:5f:93:15:06:fa:f1:b6:9e:96:03:06:3f:7a:94:4f:c4:
df:ec:a2:fb:dd:4e:95:11:e4:ef:ac:ae:c9:f6:6e:9f:c7:a8:
7c:68:ce:43
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWY2mhwQX+oqc4xc+A1QFCn0ukrkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MDMxNjMwMTJaFw0yNTA3MDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzYmE1ZmUwZjUxOGRhNWVhYzE3ZmE4MDkwZGVmNTEzYWE5NmUxMjBiYzli
YTUxM2I3NjcxZmE5NTdkMDE0MmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRxLtv54gprgnq/JLzG1V7U87R+RPfthw0SxHcPCxeog2t6rp5qqA6Zuqni
z27I4OA73tNgOJPUlDIwq7IsWeoMXc8ADDdYTV5UQE11vxKj78c4kNI+Ph61XpNx
MCIdjFVk7wfMQpsm6iYRLFrOBx3/x2Hmwft4hFhvmA/DxRhkgPZCqzdRTBw5zlcs
ch2cbHGnrcXXg/IklOUZ2DTbz4+V6csB6glbVwFOgamPgAYpoa2dt+nkHUYw+IFS
nY6+Py99cI3r3lYmVggWupXwThVSmpoXvZO20bwqJtBe7zZQ7P7mpn8gdBUeZdgH
vP+ABQcz3/X2E0F/13OBSaCa1VcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS8vHWV
AaCueVxVmDorv1oWqJg5CTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzg3YTVlNWYtMzY1OC00MzFmLWIyMzYtZDQ4NmNkZGNhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAlHzNiAqXvcIW9sK8uu+NtPaTwUzqrUR6usaIpUVf
JsIrCVdQfDX2sKK/ewUQuOmA7mUuUUMTey/0PFKuywJFhq+xHmsDBNkJBch7HsXt
tU7nEhSKKtiXcad6mpRmU8OeoFCrALuqjJ+JSFD8J+lvCxgSNQFfR/AM1FcHqFwh
fPgcnvC2xPfUBKnAlfEQbT3wDzgqaK0f6oBzmE5admxmThCgbNgyjjUfPJChXxjU
3ouN9Dcu5rXuuyiJ2ZRtaDJue/yjc/ls3Hm7PYhiLUIT+5fPu8597+BV+jJfkxUG
+vG2npYDBj96lE/E3+yi+91OlRHk76yuyfZun8eofGjOQw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:44:11 2025 by rpki-client