Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: pAUxsWE3ULK/E99Hl4l0p5TVTXuFWswJ0ImaIAmbjv0=
Subject key identifier: 34:0A:F4:63:71:05:20:54:80:E1:12:AC:D7:5B:A6:52:C9:8D:CB:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52D8AAEA38C623D5BC0297C69185DF403733317A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Tue 06 May 2025 00:50:51 +0000
ROA not before: Tue 06 May 2025 00:50:51 +0000
ROA not after: Tue 10 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d8:aa:ea:38:c6:23:d5:bc:02:97:c6:91:85:df:40:37:33:31:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 6 00:50:51 2025 GMT
Not After : Jun 10 23:59:59 2025 GMT
Subject: serialNumber=4dc51b50f1895430a7a051014dfa3b4c8ed978729464133bd8d612ff32a73d0b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1c:d1:71:37:16:b6:ca:bf:f5:81:16:1e:f7:
6b:f3:c2:2b:0f:94:67:f5:eb:17:93:4b:11:a5:95:
82:85:57:c1:cf:ad:4c:4e:77:c9:93:58:ad:b2:9c:
88:42:e3:b8:15:01:7c:3e:08:69:1c:40:fe:b0:1d:
1d:35:c4:b1:8a:40:0b:61:d9:18:f7:e4:20:5a:6d:
17:17:ce:36:bd:5d:d9:88:ab:69:d4:22:05:5e:79:
b6:bb:b9:76:03:32:9c:8c:74:4e:08:88:b7:ac:6e:
60:d1:11:e7:a7:28:21:89:d1:7a:cc:22:6a:ab:7d:
08:1b:b7:59:68:e2:5b:4f:72:1b:78:e4:f3:68:c2:
b7:34:df:bf:c5:53:75:6d:4e:92:af:e8:02:82:31:
7a:2f:a2:4f:c1:81:92:4f:6b:23:45:9e:2f:38:06:
01:c7:ec:e6:eb:fc:68:ff:ff:f9:ff:08:17:73:c6:
17:ac:0b:28:89:1b:3e:94:d6:b3:09:22:94:79:a8:
89:8d:38:36:ea:5c:be:45:f4:5c:24:83:bc:65:48:
34:34:e0:a9:4c:2e:32:9e:ac:f7:d7:a2:38:8e:aa:
d9:3e:42:54:ee:58:4c:6c:f1:47:30:f6:68:93:cc:
98:db:22:53:01:ba:cf:26:2b:73:71:b3:f7:d9:d6:
7d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0A:F4:63:71:05:20:54:80:E1:12:AC:D7:5B:A6:52:C9:8D:CB:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:f5:f8:66:7a:69:67:d8:bd:e9:b8:9b:2d:39:04:f8:a1:64:
3e:20:61:df:cb:54:25:b5:cc:f7:b5:2d:ce:e5:1a:6a:5e:03:
73:c7:0e:f2:9a:f4:ae:65:a4:c6:08:1e:78:6f:19:b9:e2:9c:
f7:0b:9c:47:f4:92:57:a2:26:6e:a4:73:9d:05:c4:1d:f9:f1:
ce:e8:89:39:6b:8d:ef:8f:9e:a4:2a:14:e7:92:2c:be:36:07:
ad:83:fe:76:44:05:49:0c:ed:23:f8:2c:3c:42:27:cb:8e:ff:
2b:64:f8:e0:2c:ee:a7:9a:4e:21:09:a2:13:33:c6:ee:38:7c:
34:87:fa:64:bc:7b:e2:41:06:7c:55:cb:b7:0b:12:55:36:f5:
fa:29:ec:4b:c8:ee:98:9c:96:90:3a:19:28:f0:50:b8:34:59:
b8:2e:df:63:d0:a7:f4:3d:f4:41:ca:81:c5:72:5e:83:75:5a:
50:1d:66:d4:de:41:76:5c:c0:d1:f6:3f:5c:03:90:4c:9b:e6:
14:82:2a:2f:88:47:10:7a:a8:1e:66:f6:c1:7f:04:76:36:bb:
5c:4e:5c:f0:77:bc:d3:05:0d:69:ec:23:cb:92:be:e0:6e:e1:
ce:ea:8f:4d:ba:6c:c7:92:3c:f9:96:d6:71:2e:2e:6a:3b:8d:
6b:89:92:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUtiq6jjGI9W8ApfGkYXfQDczMXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDYwMDUwNTFaFw0yNTA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRkYzUxYjUwZjE4OTU0MzBhN2EwNTEwMTRkZmEzYjRjOGVkOTc4NzI5NDY0
MTMzYmQ4ZDYxMmZmMzJhNzNkMGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANQc0XE3FrbKv/WBFh73a/PCKw+UZ/XrF5NLEaWVgoVXwc+tTE53yZNYrbKc
iELjuBUBfD4IaRxA/rAdHTXEsYpAC2HZGPfkIFptFxfONr1d2YiradQiBV55tru5
dgMynIx0TgiIt6xuYNER56coIYnReswiaqt9CBu3WWjiW09yG3jk82jCtzTfv8VT
dW1Okq/oAoIxei+iT8GBkk9rI0WeLzgGAcfs5uv8aP//+f8IF3PGF6wLKIkbPpTW
swkilHmoiY04NupcvkX0XCSDvGVINDTgqUwuMp6s99eiOI6q2T5CVO5YTGzxRzD2
aJPMmNsiUwG6zyYrc3Gz99nWfbcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ0CvRj
cQUgVIDhEqzXW6ZSyY3LYTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQBY9fhmemln2L3puJstOQT4oWQ+IGHfy1Qltcz3tS3O
5RpqXgNzxw7ymvSuZaTGCB54bxm54pz3C5xH9JJXoiZupHOdBcQd+fHO6Ik5a43v
j56kKhTnkiy+Ngetg/52RAVJDO0j+Cw8QifLjv8rZPjgLO6nmk4hCaITM8buOHw0
h/pkvHviQQZ8Vcu3CxJVNvX6KexLyO6YnJaQOhko8FC4NFm4Lt9j0Kf0PfRByoHF
cl6DdVpQHWbU3kF2XMDR9j9cA5BMm+YUgioviEcQeqgeZvbBfwR2NrtcTlzwd7zT
BQ1p7CPLkr7gbuHO6o9NumzHkjz5ltZxLi5qO41riZLy
-----END CERTIFICATE-----
Generated at Fri May 9 10:14:01 2025 by rpki-client