Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: kx7YCLJpgtpY/8qrirPbREcrIbcrkfH24MS1FeCqwnY=
Subject key identifier: DC:50:E2:ED:C9:23:01:86:B3:CA:D6:1F:01:09:B1:F3:91:C7:D6:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 725CB3AC3A570727BFE29C7613EBE802315161CB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Mon 16 Jun 2025 21:50:05 +0000
ROA not before: Mon 16 Jun 2025 21:50:05 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:5c:b3:ac:3a:57:07:27:bf:e2:9c:76:13:eb:e8:02:31:51:61:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:05 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=ebefa3813956169b6cb44a55fa97dc61915a214092c14a389ef9ea97300651be, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:4b:c6:46:e3:d1:f8:5a:f1:90:7b:e4:fb:
f3:51:51:5c:d3:c0:9e:31:46:64:cb:7d:19:92:f6:
2c:3e:4a:5b:19:1c:8c:40:a1:e8:5d:45:c9:ce:85:
bb:64:67:2f:06:1f:2c:86:0e:de:ca:ae:ab:8d:c3:
d3:de:b9:10:f7:1b:72:fe:81:3a:c5:a0:b4:aa:fc:
bb:4e:fc:c6:eb:46:da:f5:44:ef:7f:e1:3a:d2:c7:
ac:fd:17:c9:03:6c:2e:9e:7e:b6:37:d5:88:7b:58:
fe:8b:e5:f6:da:bd:db:e3:6c:ee:85:f6:c9:92:8e:
90:9d:57:69:ab:57:d8:90:7b:50:d7:15:ee:a0:d3:
61:71:e6:29:fb:9f:93:0d:06:d7:26:8e:fc:33:7d:
6d:d6:2b:2e:94:6b:3e:b6:0f:56:80:0a:c7:46:80:
a8:a5:36:13:8c:6b:61:eb:a5:d6:09:4d:18:f3:d4:
54:c8:15:42:75:87:8e:37:58:cb:21:fa:79:f2:20:
56:1f:3b:1b:8e:45:f7:cf:f5:51:42:56:b7:5f:48:
05:17:4c:46:ac:f2:01:ac:da:d2:2b:8e:ac:79:f0:
d4:df:00:d3:88:df:81:86:be:aa:71:4e:20:35:f0:
e9:8a:86:d7:72:17:a9:2c:27:fd:4b:66:30:2a:17:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:50:E2:ED:C9:23:01:86:B3:CA:D6:1F:01:09:B1:F3:91:C7:D6:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
a3:89:12:8b:0e:25:33:56:ce:59:dd:42:e0:ce:5c:5a:da:f9:
32:58:4a:b8:de:22:dd:8a:51:00:7e:fa:8e:81:49:7f:26:fc:
46:01:c0:79:4e:30:a9:6a:71:04:7c:bd:ae:32:64:75:6c:6b:
5f:dc:11:ec:d0:47:82:b7:51:3f:72:65:eb:06:2a:6f:ea:6c:
cb:49:67:e2:98:4f:a7:52:51:e3:7c:98:4d:1e:40:8f:85:a6:
ff:63:c7:82:57:35:4f:11:5a:5c:ce:e6:09:05:7b:be:8b:13:
be:92:5a:7d:cd:58:13:27:c5:0a:a3:e8:d9:91:41:c2:b4:b1:
18:54:4e:dd:2d:29:ef:f3:e2:cc:93:4a:fb:d9:af:67:5a:32:
1f:5f:8a:fe:40:e2:fd:d8:80:53:b2:d8:25:6a:a0:59:d4:00:
ac:09:a0:56:f5:f6:fb:31:2b:b8:69:b8:a2:8e:a4:df:55:ff:
0b:1d:e0:e6:71:f9:77:68:6a:3d:5c:c4:d9:e9:53:ac:35:a5:
37:6e:f1:48:d5:de:5b:ed:74:17:d7:c6:d9:8a:db:26:3a:61:
11:79:36:ff:57:4a:0a:b9:70:53:9c:50:0e:dd:a4:32:6c:4c:
35:9c:0c:7d:fb:2b:c3:ab:3e:05:dc:35:62:04:07:12:ec:52:
88:b5:99:c6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUclyzrDpXBye/4px2E+voAjFRYcswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViZWZhMzgxMzk1NjE2OWI2Y2I0NGE1NWZhOTdkYzYxOTE1YTIxNDA5MmMx
NGEzODllZjllYTk3MzAwNjUxYmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5kS8ZG49H4WvGQe+T781FRXNPAnjFGZMt9GZL2LD5KWxkcjECh6F1Fyc6F
u2RnLwYfLIYO3squq43D0965EPcbcv6BOsWgtKr8u078xutG2vVE73/hOtLHrP0X
yQNsLp5+tjfViHtY/ovl9tq92+Ns7oX2yZKOkJ1XaatX2JB7UNcV7qDTYXHmKfuf
kw0G1yaO/DN9bdYrLpRrPrYPVoAKx0aAqKU2E4xrYeul1glNGPPUVMgVQnWHjjdY
yyH6efIgVh87G45F98/1UUJWt19IBRdMRqzyAaza0iuOrHnw1N8A04jfgYa+qnFO
IDXw6YqG13IXqSwn/UtmMCoXDvkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTcUOLt
ySMBhrPK1h8BCbHzkcfWWjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAo4kSiw4lM1bOWd1C4M5cWtr5MlhKuN4i3YpRAH76
joFJfyb8RgHAeU4wqWpxBHy9rjJkdWxrX9wR7NBHgrdRP3Jl6wYqb+psy0ln4phP
p1JR43yYTR5Aj4Wm/2PHglc1TxFaXM7mCQV7vosTvpJafc1YEyfFCqPo2ZFBwrSx
GFRO3S0p7/PizJNK+9mvZ1oyH1+K/kDi/diAU7LYJWqgWdQArAmgVvX2+zEruGm4
oo6k31X/Cx3g5nH5d2hqPVzE2elTrDWlN27xSNXeW+10F9fG2YrbJjphEXk2/1dK
CrlwU5xQDt2kMmxMNZwMffsrw6s+Bdw1YgQHEuxSiLWZxg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:22:42 2025 by rpki-client