Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: HUZoeF/3/0xgX5u8ylIIyu/Uy/mOKshTlAUHuHs5j6k=
Subject key identifier: 06:66:D4:5E:02:9C:E1:AE:81:A3:74:92:D5:46:0A:35:8D:97:6E:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 538A684CB98ECFA55B6E2E4DF900276D47A9F70F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Fri 25 Apr 2025 20:31:04 +0000
ROA not before: Fri 25 Apr 2025 20:31:04 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 10 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:8a:68:4c:b9:8e:cf:a5:5b:6e:2e:4d:f9:00:27:6d:47:a9:f7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:04 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=726e45f15a6d5631901f958d2c76c66303f3eed003c85dbd2de6d4a734676585, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:3c:fe:1f:c7:bd:02:e0:bb:a2:83:20:74:
3b:1d:a4:2a:eb:61:4e:70:43:1a:8d:ff:29:f2:9b:
a0:37:0c:96:37:d9:f7:61:9d:97:de:67:bd:5d:88:
9b:16:b4:10:a8:ee:49:33:da:92:f3:3f:fc:26:71:
d1:93:75:59:c4:ec:9d:03:75:5e:ee:76:b8:ca:85:
25:30:a3:08:24:2b:71:8a:74:51:86:c9:ff:97:1e:
66:e7:da:a9:5a:f2:00:ab:a9:5a:5b:b8:6f:b5:47:
f8:ad:e7:ce:b5:d3:fb:a7:c4:b7:26:f2:7c:41:0c:
3b:54:6c:a4:77:0f:f4:57:01:af:bf:45:82:10:6e:
38:82:b1:bd:57:35:55:24:96:37:86:04:87:30:63:
43:97:e7:ed:cc:66:09:c4:af:67:18:34:e9:af:99:
2b:3d:77:65:df:4a:61:12:50:f0:d4:97:f4:75:bd:
4e:b9:09:e5:e1:2a:0a:eb:4d:e9:bf:81:06:7c:63:
90:16:9c:17:aa:bf:a0:b7:b4:18:0f:fe:66:08:08:
17:38:dd:1d:6d:02:51:04:ea:50:e6:f1:1b:88:2b:
0c:52:03:55:04:a3:06:f3:73:04:51:27:ba:b9:fd:
8b:e8:81:6c:d1:73:5f:8b:f7:9f:ab:00:fe:e1:12:
45:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:66:D4:5E:02:9C:E1:AE:81:A3:74:92:D5:46:0A:35:8D:97:6E:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:ad:99:66:a8:95:24:53:21:92:54:5c:ea:04:29:f7:c1:f2:
05:8b:ec:4c:12:59:98:0a:3c:f3:5b:77:f0:76:63:71:02:57:
ef:d5:5d:a0:3c:18:68:d1:53:28:dd:41:70:c5:33:1a:3e:b6:
4d:ee:08:ad:f1:6a:00:df:f2:1a:f6:da:86:b7:54:c1:c1:df:
6f:f3:de:6b:05:97:1a:24:93:59:86:09:43:23:09:0b:fb:b5:
34:6d:5a:4e:01:d2:58:84:be:1d:50:85:83:cd:b0:39:2c:84:
27:4e:18:9b:9f:87:54:76:4e:e9:7f:7b:9d:dd:87:37:f3:6b:
0c:d1:69:f5:9a:b5:33:8c:2d:6e:7a:1d:60:8c:16:00:b3:82:
f9:bc:a0:c2:52:61:c6:98:eb:15:8a:00:b4:07:f1:32:30:4d:
89:aa:71:dd:75:9f:88:35:38:23:05:a2:7d:c7:a2:52:f3:00:
d9:45:b8:25:8e:90:62:5c:06:d8:ea:61:bd:e5:45:45:eb:49:
22:f0:66:87:cc:fb:82:ce:c8:b8:e7:38:1c:d3:c4:77:5b:4f:
51:ed:f7:c8:ca:17:4c:19:ad:9e:2d:11:66:fb:b9:e9:6a:e0:
7c:04:63:74:f3:5a:08:58:24:e4:06:82:c3:fd:ca:56:94:99:
91:de:15:b3
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUU4poTLmOz6Vbbi5N+QAnbUep9w8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMDRaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyNmU0NWYxNWE2ZDU2MzE5MDFmOTU4ZDJjNzZjNjYzMDNmM2VlZDAwM2M4
NWRiZDJkZTZkNGE3MzQ2NzY1ODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJapPP4fx70C4LuigyB0Ox2kKuthTnBDGo3/KfKboDcMljfZ92Gdl95nvV2I
mxa0EKjuSTPakvM//CZx0ZN1WcTsnQN1Xu52uMqFJTCjCCQrcYp0UYbJ/5ceZufa
qVryAKupWlu4b7VH+K3nzrXT+6fEtybyfEEMO1RspHcP9FcBr79FghBuOIKxvVc1
VSSWN4YEhzBjQ5fn7cxmCcSvZxg06a+ZKz13Zd9KYRJQ8NSX9HW9TrkJ5eEqCutN
6b+BBnxjkBacF6q/oLe0GA/+ZggIFzjdHW0CUQTqUObxG4grDFIDVQSjBvNzBFEn
urn9i+iBbNFzX4v3n6sA/uESRfsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQGZtRe
ApzhroGjdJLVRgo1jZdusjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEA062ZZqiVJFMhklRc6gQp98HyBYvsTBJZmAo881t3
8HZjcQJX79VdoDwYaNFTKN1BcMUzGj62Te4IrfFqAN/yGvbahrdUwcHfb/PeawWX
GiSTWYYJQyMJC/u1NG1aTgHSWIS+HVCFg82wOSyEJ04Ym5+HVHZO6X97nd2HN/Nr
DNFp9Zq1M4wtbnodYIwWALOC+bygwlJhxpjrFYoAtAfxMjBNiapx3XWfiDU4IwWi
fceiUvMA2UW4JY6QYlwG2OphveVFRetJIvBmh8z7gs7IuOc4HNPEd1tPUe33yMoX
TBmtni0RZvu56WrgfARjdPNaCFgk5AaCw/3KVpSZkd4Vsw==
-----END CERTIFICATE-----
Generated at Fri May 9 07:23:15 2025 by rpki-client