Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: QhWqRS06D4/SKmlqGoAdND+0g+Ax+BK9SN+BuGYQgQk=
Subject key identifier: 2A:44:9C:27:69:BA:F7:EA:2B:23:16:20:04:A1:5D:33:F5:3B:8E:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66DB211A9EEF04A2A265900424FFFFCDA8941CD1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Wed 25 Jun 2025 00:50:05 +0000
ROA not before: Wed 25 Jun 2025 00:50:05 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:db:21:1a:9e:ef:04:a2:a2:65:90:04:24:ff:ff:cd:a8:94:1c:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:05 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=c040a560f5082499c7519a24eff016b8a6337249525fed8f340c262adb7f77e4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:23:54:9d:ee:a4:eb:59:55:91:8e:a7:bb:1b:
8d:9b:5e:a5:e5:6b:bc:85:70:05:50:87:36:ff:67:
72:79:e4:29:23:f8:e5:f7:c5:35:b6:b0:1d:85:46:
31:0b:75:75:fd:34:86:2e:b6:82:10:d9:38:d3:9d:
0e:0d:ba:28:96:32:da:d4:aa:6e:e7:ee:58:72:84:
78:77:e8:2c:1a:fe:a6:5c:54:e3:b7:8b:41:20:ea:
ca:92:6b:3c:65:22:f5:ce:5d:12:8c:02:ac:a1:4a:
08:02:54:34:42:15:4d:6e:f0:9e:15:4b:af:2c:9a:
5a:3a:50:4f:40:16:aa:c3:9c:b5:df:b9:a6:78:5c:
c6:cb:c6:75:67:7a:e9:39:7b:90:bc:4e:01:b1:7a:
34:7d:a2:a9:f0:59:a2:3f:54:b7:f8:0a:86:42:91:
7c:08:49:c7:f6:88:61:90:8c:d3:90:3e:bb:a6:c9:
bd:14:2a:47:70:15:b0:ac:1c:c7:53:9d:9f:08:f5:
27:05:ef:7f:6c:29:5d:bf:73:d4:3a:35:d0:e0:d5:
06:2e:a6:00:ba:70:c8:d8:ff:7f:c3:09:e1:1c:09:
d7:c3:0c:82:ff:a0:b3:f6:d0:c2:a3:37:98:ef:62:
ce:a0:17:fb:54:c2:c9:9e:8e:9e:aa:12:d2:ff:c5:
e7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:44:9C:27:69:BA:F7:EA:2B:23:16:20:04:A1:5D:33:F5:3B:8E:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:cd:98:26:a3:56:c2:4f:71:7b:29:70:70:2d:86:d5:b6:98:
68:b9:26:8c:09:20:6a:99:40:31:48:2f:fe:35:ac:f4:a0:95:
67:87:a4:4c:c0:ee:3a:c0:4b:66:e7:92:7e:8f:73:ce:4f:92:
1f:f4:53:99:f3:7a:6d:fd:5d:13:b7:2d:31:35:59:8f:94:3b:
ec:6c:71:0f:57:94:9d:cf:15:cf:91:fd:bf:17:a9:2d:80:73:
e9:c5:fc:b0:57:32:71:0d:e2:36:8b:67:8c:4b:ff:e9:74:10:
2c:c3:db:30:8e:c1:41:3a:b2:f6:9d:8c:25:d1:94:7a:dd:2b:
19:67:21:1b:19:df:3a:2d:d2:5a:f1:1c:d1:99:e2:26:98:91:
93:e2:f6:80:8c:f3:c4:4b:16:74:cf:3f:b2:8c:8a:5e:74:93:
a7:94:e6:b1:9f:fe:05:10:1e:db:cf:8e:67:61:00:9b:d2:27:
1e:26:b1:22:9e:f0:3f:cc:c4:fd:42:6e:04:1e:8f:62:38:ea:
c3:2c:a0:32:ad:44:40:e8:7d:68:c3:80:1f:e7:ed:73:e8:8f:
29:dc:70:9e:87:b3:9e:3e:cf:a3:1d:3a:3e:7d:6c:ba:5e:d1:
68:99:aa:78:ff:74:00:01:93:78:ee:5b:ac:2f:08:5e:74:54:
02:2d:04:2e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZtshGp7vBKKiZZAEJP//zaiUHNEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMDVaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwNDBhNTYwZjUwODI0OTljNzUxOWEyNGVmZjAxNmI4YTYzMzcyNDk1MjVm
ZWQ4ZjM0MGMyNjJhZGI3Zjc3ZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL8jVJ3upOtZVZGOp7sbjZtepeVrvIVwBVCHNv9ncnnkKSP45ffFNbawHYVG
MQt1df00hi62ghDZONOdDg26KJYy2tSqbufuWHKEeHfoLBr+plxU47eLQSDqypJr
PGUi9c5dEowCrKFKCAJUNEIVTW7wnhVLryyaWjpQT0AWqsOctd+5pnhcxsvGdWd6
6Tl7kLxOAbF6NH2iqfBZoj9Ut/gKhkKRfAhJx/aIYZCM05A+u6bJvRQqR3AVsKwc
x1Odnwj1JwXvf2wpXb9z1Do10ODVBi6mALpwyNj/f8MJ4RwJ18MMgv+gs/bQwqM3
mO9izqAX+1TCyZ6OnqoS0v/F50sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQqRJwn
abr36isjFiAEoV0z9TuOfDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAv82YJqNWwk9xeylwcC2G1baYaLkmjAkgaplAMUgv
/jWs9KCVZ4ekTMDuOsBLZueSfo9zzk+SH/RTmfN6bf1dE7ctMTVZj5Q77GxxD1eU
nc8Vz5H9vxepLYBz6cX8sFcycQ3iNotnjEv/6XQQLMPbMI7BQTqy9p2MJdGUet0r
GWchGxnfOi3SWvEc0ZniJpiRk+L2gIzzxEsWdM8/soyKXnSTp5TmsZ/+BRAe28+O
Z2EAm9InHiaxIp7wP8zE/UJuBB6PYjjqwyygMq1EQOh9aMOAH+ftc+iPKdxwnoez
nj7Pox06Pn1sul7RaJmqeP90AAGTeO5brC8IXnRUAi0ELg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:51:47 2025 by rpki-client