Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: y6ZBzYJOV7iTrGuDNJEsAEuvU0nwj8KPVBm2dW3Skis=
Subject key identifier: DB:13:9B:95:A1:8B:7D:F1:9E:A1:8C:1B:2D:60:54:01:E8:EB:83:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 65F0EF3432E87E55401BF9C2690FCED7A74C01
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Tue 06 May 2025 00:50:06 +0000
ROA not before: Tue 06 May 2025 00:50:06 +0000
ROA not after: Tue 10 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:f0:ef:34:32:e8:7e:55:40:1b:f9:c2:69:0f:ce:d7:a7:4c:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 6 00:50:06 2025 GMT
Not After : Jun 10 23:59:59 2025 GMT
Subject: serialNumber=6503fb24ef952f6bfc90068f6d32ad9b391d30de42c51f4b2243842592633ff3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:0c:38:48:b8:12:c8:50:da:b3:1a:fc:c2:89:
28:d7:0b:e2:8f:95:a5:2e:29:16:32:18:d8:a7:9c:
87:93:2c:5d:8f:96:55:7d:b9:17:0b:1d:6f:33:ef:
77:11:a5:c5:89:5f:24:3f:b9:6e:8b:e5:6b:7b:07:
9b:aa:35:10:ad:80:c7:7b:2b:1a:30:5a:df:96:c5:
de:c3:69:15:4b:09:86:f8:bd:47:cf:0f:2e:4e:46:
18:76:21:7c:05:c6:b1:f8:5d:39:6a:29:95:2d:12:
ce:d6:0d:49:a3:d1:f6:74:e5:e3:cd:57:88:31:5e:
a8:f3:99:fe:e9:37:e1:7a:16:a5:42:3d:cf:d8:0e:
c0:af:17:90:19:95:fc:f9:8c:ee:78:2c:c1:a7:a6:
6e:65:84:a8:5b:08:b2:b5:5d:19:22:f8:cf:36:0b:
a4:29:b7:3d:68:68:aa:73:2e:d8:8d:e2:e2:39:bb:
81:42:13:1b:5d:67:4c:d4:6b:c1:1e:93:c0:d3:84:
ba:43:93:a6:48:ac:03:97:f7:0d:5b:2e:ee:84:2e:
51:cd:f1:d4:5d:69:72:3a:89:b9:11:dc:0a:4b:4f:
d2:ac:11:ca:6b:c1:33:70:ce:f8:c0:3c:f6:3a:97:
3f:3a:44:ea:7f:8a:84:21:71:fd:13:1e:68:45:64:
e4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:13:9B:95:A1:8B:7D:F1:9E:A1:8C:1B:2D:60:54:01:E8:EB:83:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
96:e9:a4:98:97:c3:45:08:97:05:fc:1b:9f:17:18:c8:0f:01:
8a:1e:1c:34:e0:8f:9d:a5:ae:40:bd:d3:96:85:51:1e:c1:6f:
2e:a8:e3:cc:4e:7d:4b:05:fe:7c:df:fe:3b:50:18:b2:49:80:
cd:0b:f4:24:81:1a:a9:b0:6c:40:bd:fe:09:0e:9c:1d:e8:30:
ac:6b:f7:b7:06:33:dc:49:7b:82:44:d0:83:d3:05:c4:6a:65:
38:9b:dd:9f:d7:a0:59:05:aa:ab:97:e0:c8:23:e6:38:20:8c:
08:cb:a1:56:ab:f3:d7:77:56:fd:df:b5:95:a6:b4:2d:cc:92:
61:a0:85:6b:10:74:7c:5e:14:83:cd:79:e8:05:21:99:81:14:
c3:1d:02:f7:75:9e:46:bf:e6:d7:8a:55:f9:ee:a3:fb:7e:92:
75:a0:2d:e4:02:1a:b7:7d:bc:55:ce:cc:89:2c:b5:75:26:91:
ea:b5:e7:a9:9b:e9:3d:43:2a:4f:00:85:41:79:3d:45:a9:60:
1d:0f:f0:d3:72:0f:6d:22:c7:37:98:cd:a1:c8:2d:75:1f:55:
41:6f:24:6b:b0:cf:89:04:d6:8e:1f:05:26:d6:5b:9b:37:20:
c7:89:07:76:12:e5:2d:81:f4:bd:b8:63:79:76:ec:1c:ea:30:
b5:21:5d:e7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgITZfDvNDLoflVAG/nCaQ/O16dMATANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI1MDUwNjAwNTAwNloXDTI1MDYxMDIzNTk1OVowejFJMEcGA1UE
BRNANjUwM2ZiMjRlZjk1MmY2YmZjOTAwNjhmNmQzMmFkOWIzOTFkMzBkZTQyYzUx
ZjRiMjI0Mzg0MjU5MjYzM2ZmMzEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0gw4SLgSyFDasxr8woko1wvij5WlLikWMhjYp5yHkyxdj5ZVfbkXCx1vM+93
EaXFiV8kP7lui+VrewebqjUQrYDHeysaMFrflsXew2kVSwmG+L1Hzw8uTkYYdiF8
Bcax+F05aimVLRLO1g1Jo9H2dOXjzVeIMV6o85n+6TfhehalQj3P2A7ArxeQGZX8
+YzueCzBp6ZuZYSoWwiytV0ZIvjPNgukKbc9aGiqcy7YjeLiObuBQhMbXWdM1GvB
HpPA04S6Q5OmSKwDl/cNWy7uhC5RzfHUXWlyOom5EdwKS0/SrBHKa8EzcM74wDz2
Opc/OkTqf4qEIXH9Ex5oRWTkLwIDAQABo4ICITCCAh0wHQYDVR0OBBYEFNsTm5Wh
i33xnqGMGy1gVAHo64P2MB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy83
YTlkNDk3MC04ZTljLTRkMTEtYTFjNi03NzJhNTcxMzM0ZmQucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuY8QMA0G
CSqGSIb3DQEBCwUAA4IBAQCW6aSYl8NFCJcF/BufFxjIDwGKHhw04I+dpa5AvdOW
hVEewW8uqOPMTn1LBf583/47UBiySYDNC/QkgRqpsGxAvf4JDpwd6DCsa/e3BjPc
SXuCRNCD0wXEamU4m92f16BZBaqrl+DII+Y4IIwIy6FWq/PXd1b937WVprQtzJJh
oIVrEHR8XhSDzXnoBSGZgRTDHQL3dZ5Gv+bXilX57qP7fpJ1oC3kAhq3fbxVzsyJ
LLV1JpHqteepm+k9QypPAIVBeT1FqWAdD/DTcg9tIsc3mM2hyC11H1VBbyRrsM+J
BNaOHwUm1lubNyDHiQd2EuUtgfS9uGN5duwc6jC1IV3n
-----END CERTIFICATE-----
Generated at Fri May 9 10:09:25 2025 by rpki-client