Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: a8g3EYTsioLtnVkrfUmIOg3mDyRrt8UnCE3hZwMdLV4=
Subject key identifier: B1:00:54:9F:EF:E7:80:A3:66:E4:7F:1C:CF:68:14:93:18:50:B8:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1D059449FE5CCB3DF557BC2A87E160D0CDF00059
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Tue 20 May 2025 20:40:55 +0000
ROA not before: Tue 20 May 2025 20:40:55 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:05:94:49:fe:5c:cb:3d:f5:57:bc:2a:87:e1:60:d0:cd:f0:00:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:40:55 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=311c539d53860f0577780ef781dd51885cb91d83be299c70a9967efcf1e3c31b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:14:24:e2:9d:19:20:4b:49:14:58:e4:fb:eb:
d0:27:70:c2:09:83:30:a8:0b:b9:13:f2:e3:b9:3e:
21:43:ec:52:e6:0e:cc:6c:4e:74:17:e1:1d:0f:20:
6c:ea:ef:20:74:09:d7:c0:8a:73:dc:ba:88:7f:39:
ef:13:9c:35:29:b5:eb:c9:32:42:90:fd:25:28:77:
02:2f:c0:1e:e0:0a:de:bf:aa:27:31:7f:b7:a8:89:
fa:b3:88:9c:73:ce:82:9c:52:38:bc:79:14:f1:48:
4b:4d:a8:d4:c1:96:b0:8c:31:d0:30:6f:c1:9f:b7:
fd:9d:2f:04:61:d5:60:bd:05:3f:12:32:d7:96:43:
e3:9d:f9:d5:c9:d2:dc:1d:fb:67:26:5a:02:5d:b0:
02:48:a1:73:ad:d3:41:59:13:0b:b8:5a:b0:f1:4e:
69:cf:14:14:c6:16:a0:72:c4:57:02:2b:f4:0d:d4:
34:3e:f1:0b:69:20:ec:6a:3d:13:92:07:95:d5:03:
66:da:16:4e:e7:01:bc:82:33:38:04:00:24:32:1d:
9f:64:f2:73:21:b8:fe:7b:24:5b:08:5f:48:b0:e6:
64:68:72:30:2a:8c:f6:f8:5d:ac:29:5d:ba:c4:54:
23:19:f2:cf:a6:c6:ed:46:ae:ad:97:0d:29:79:03:
e6:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:00:54:9F:EF:E7:80:A3:66:E4:7F:1C:CF:68:14:93:18:50:B8:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:14:90:e2:b4:49:fb:35:86:03:2a:74:55:49:c0:a7:7c:54:
d3:15:4e:fd:94:82:a6:60:c5:3f:42:d2:ea:aa:33:fe:47:8d:
32:02:9c:3a:d8:67:df:d1:34:15:4e:db:5c:14:76:61:cf:7c:
36:72:5b:e6:30:cd:c4:6b:63:02:fd:3c:5c:d8:39:b5:92:c0:
98:a2:1a:a9:e5:12:27:82:ef:12:e8:56:23:cb:ec:36:6d:21:
ef:ea:cf:55:85:ee:37:50:0c:66:70:de:98:b5:e2:c6:bc:00:
6c:ef:c9:d1:d9:63:64:27:30:39:8c:c6:12:37:73:b3:05:d4:
86:4c:8b:c4:0d:22:76:34:74:bc:36:48:87:e7:f7:1f:8e:0b:
88:98:46:3a:26:3f:6a:83:11:5d:3d:92:56:3a:f6:f9:31:28:
b0:db:32:47:c6:a5:b4:f3:fa:9a:62:7d:ff:23:64:a6:a0:30:
1e:1c:40:e6:e8:fe:6c:33:d8:21:82:30:4a:73:72:23:86:25:
2b:1d:bf:10:7e:ab:13:ff:e1:dd:8e:c2:87:17:c1:22:76:f3:
0e:99:b9:6c:a5:0c:9e:09:91:73:6a:bf:1f:c2:3f:33:13:fe:
3a:ca:ec:8b:ab:da:f5:c9:81:90:ee:04:52:8a:de:e8:42:9a:
47:b8:7d:9f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHQWUSf5cyz31V7wqh+Fg0M3wAFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQwNTVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxMWM1MzlkNTM4NjBmMDU3Nzc4MGVmNzgxZGQ1MTg4NWNiOTFkODNiZTI5
OWM3MGE5OTY3ZWZjZjFlM2MzMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQUJOKdGSBLSRRY5Pvr0CdwwgmDMKgLuRPy47k+IUPsUuYOzGxOdBfhHQ8g
bOrvIHQJ18CKc9y6iH857xOcNSm168kyQpD9JSh3Ai/AHuAK3r+qJzF/t6iJ+rOI
nHPOgpxSOLx5FPFIS02o1MGWsIwx0DBvwZ+3/Z0vBGHVYL0FPxIy15ZD45351cnS
3B37ZyZaAl2wAkihc63TQVkTC7hasPFOac8UFMYWoHLEVwIr9A3UND7xC2kg7Go9
E5IHldUDZtoWTucBvIIzOAQAJDIdn2TycyG4/nskWwhfSLDmZGhyMCqM9vhdrCld
usRUIxnyz6bG7UaurZcNKXkD5kUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSxAFSf
7+eAo2bkfxzPaBSTGFC4wzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEATxSQ4rRJ+zWGAyp0VUnAp3xU0xVO/ZSCpmDFP0LS
6qoz/keNMgKcOthn39E0FU7bXBR2Yc98NnJb5jDNxGtjAv08XNg5tZLAmKIaqeUS
J4LvEuhWI8vsNm0h7+rPVYXuN1AMZnDemLXixrwAbO/J0dljZCcwOYzGEjdzswXU
hkyLxA0idjR0vDZIh+f3H44LiJhGOiY/aoMRXT2SVjr2+TEosNsyR8altPP6mmJ9
/yNkpqAwHhxA5uj+bDPYIYIwSnNyI4YlKx2/EH6rE//h3Y7ChxfBInbzDpm5bKUM
ngmRc2q/H8I/MxP+Osrsi6va9cmBkO4EUore6EKaR7h9nw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 03:49:15 2025 by rpki-client