Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: eFgKoXxAr9D9DK6PSNuwAzj9a+Gm5mt9iOOhgQyrgvw=
Subject key identifier: 80:84:A8:08:D8:06:F3:37:0F:DE:23:F1:4F:E7:FF:1A:21:F6:04:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 76298CDD404BC871A03FBB7AE5B1B33290793571
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Sat 31 May 2025 00:50:05 +0000
ROA not before: Sat 31 May 2025 00:50:05 +0000
ROA not after: Sat 05 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:29:8c:dd:40:4b:c8:71:a0:3f:bb:7a:e5:b1:b3:32:90:79:35:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 31 00:50:05 2025 GMT
Not After : Jul 5 23:59:59 2025 GMT
Subject: serialNumber=86df7acabed1b613bbbc6e9404ddc3c6ecbdaa9b1d18fdc11816d388269c81da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e5:3f:2a:be:55:63:1b:c6:82:af:93:f8:c7:
79:db:73:f5:ec:56:f4:b0:cd:ab:05:d7:92:ab:78:
3a:7c:28:f7:c7:a2:ab:06:d8:4c:23:99:c1:bb:1e:
33:eb:af:77:79:c9:0c:d1:9f:0c:89:f1:f2:90:ea:
58:c4:9a:8b:25:46:fb:df:c2:71:15:06:33:d0:03:
b6:28:c6:91:fa:9d:ee:92:56:04:e9:81:32:e6:a2:
3f:cc:36:5c:e2:3f:43:4e:9f:46:e2:f6:77:80:ea:
d3:aa:ff:c5:47:5f:68:13:cb:6c:ba:db:50:3b:8a:
a4:ee:d5:a4:e0:b5:6f:81:35:09:1f:2d:8f:f1:c5:
d4:7a:2b:c7:22:98:0d:ba:5f:99:8d:6d:3d:d5:29:
89:03:58:42:0f:ec:8f:1a:32:a7:d0:08:8d:5b:3a:
4e:ba:5a:a4:d6:c7:0f:cf:e7:1f:71:6d:1e:c2:c6:
f2:b1:f2:f8:b5:15:da:94:d9:05:48:06:b2:05:79:
be:81:42:69:5d:6c:0d:07:83:71:81:58:a4:b4:3f:
ca:c1:95:32:ed:84:ee:1f:f8:cd:a8:36:34:86:ca:
c2:96:97:b8:68:4d:5e:a2:06:bf:0e:3d:2c:84:19:
66:ef:33:16:75:45:c0:41:24:7e:89:3e:13:b2:7e:
37:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:84:A8:08:D8:06:F3:37:0F:DE:23:F1:4F:E7:FF:1A:21:F6:04:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
36:b5:6c:54:d5:9e:fe:41:44:59:eb:62:af:01:1b:8d:48:95:
5d:43:be:bc:0c:fa:1f:b6:9d:6a:67:c2:86:b7:50:6d:3d:23:
57:1f:b1:28:dc:58:fc:24:f3:b0:d3:85:9b:f1:73:16:80:97:
43:74:6a:84:c7:fb:cc:dc:a2:81:27:6e:d2:38:c4:c6:a4:e6:
b3:ac:c4:a2:71:de:03:72:22:52:8a:ad:ac:71:8b:ef:c0:cb:
cd:3e:87:cf:a3:b4:b8:f1:84:ff:bd:66:b3:ee:34:ad:3f:6f:
7e:96:73:8c:2f:0c:0d:34:cb:fe:df:a4:b4:f3:4d:75:4e:7e:
b3:53:95:4a:6f:95:a9:d7:47:8a:e1:2b:7e:4c:6b:a3:c6:56:
c6:b6:07:89:0a:9c:8b:87:c3:f8:ed:60:05:37:d3:6e:09:50:
c2:53:bb:bc:ae:49:fe:59:63:6c:72:b1:54:0a:a2:98:b4:24:
a7:36:1a:a1:2b:af:a5:51:a5:53:d2:5d:c7:0f:12:b3:78:d0:
d6:49:cc:f8:47:ee:65:e6:60:f1:04:bc:a2:58:44:99:c4:b2:
6a:c0:18:a5:ac:65:b4:b0:6e:81:bc:46:a0:3c:35:b1:92:1a:
4d:5a:bc:af:89:27:e7:2d:fa:69:4d:9d:29:80:5d:22:45:1f:
84:24:ca:c6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdimM3UBLyHGgP7t65bGzMpB5NXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MzEwMDUwMDVaFw0yNTA3MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2ZGY3YWNhYmVkMWI2MTNiYmJjNmU5NDA0ZGRjM2M2ZWNiZGFhOWIxZDE4
ZmRjMTE4MTZkMzg4MjY5YzgxZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPlPyq+VWMbxoKvk/jHedtz9exW9LDNqwXXkqt4Onwo98eiqwbYTCOZwbse
M+uvd3nJDNGfDInx8pDqWMSaiyVG+9/CcRUGM9ADtijGkfqd7pJWBOmBMuaiP8w2
XOI/Q06fRuL2d4Dq06r/xUdfaBPLbLrbUDuKpO7VpOC1b4E1CR8tj/HF1HorxyKY
DbpfmY1tPdUpiQNYQg/sjxoyp9AIjVs6TrpapNbHD8/nH3FtHsLG8rHy+LUV2pTZ
BUgGsgV5voFCaV1sDQeDcYFYpLQ/ysGVMu2E7h/4zag2NIbKwpaXuGhNXqIGvw49
LIQZZu8zFnVFwEEkfok+E7J+NxsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAhKgI
2AbzNw/eI/FP5/8aIfYELjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEANrVsVNWe/kFEWetirwEbjUiVXUO+vAz6H7adamfC
hrdQbT0jVx+xKNxY/CTzsNOFm/FzFoCXQ3RqhMf7zNyigSdu0jjExqTms6zEonHe
A3IiUoqtrHGL78DLzT6Hz6O0uPGE/71ms+40rT9vfpZzjC8MDTTL/t+ktPNNdU5+
s1OVSm+VqddHiuErfkxro8ZWxrYHiQqci4fD+O1gBTfTbglQwlO7vK5J/lljbHKx
VAqimLQkpzYaoSuvpVGlU9Jdxw8Ss3jQ1knM+EfuZeZg8QS8olhEmcSyasAYpaxl
tLBugbxGoDw1sZIaTVq8r4kn5y36aU2dKYBdIkUfhCTKxg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:28:25 2025 by rpki-client