Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: zDSDqAoa3ZIEjPRY/2F9Vhk8W3bqs4QBAATBy03z6XU=
Subject key identifier: D4:DD:72:40:EB:C7:27:74:B9:EF:9F:F8:D9:39:1C:09:4C:48:15:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49FA820852A8D5278CE2D1AA4AFDF6230169CFE1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Tue 17 Jun 2025 00:50:04 +0000
ROA not before: Tue 17 Jun 2025 00:50:04 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:fa:82:08:52:a8:d5:27:8c:e2:d1:aa:4a:fd:f6:23:01:69:cf:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:04 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=50d8c283b294550d134bf935fdded0d144883484247bb8a228705d8475b38edd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:82:61:5e:84:08:73:73:db:e9:84:b6:c4:e6:
60:5b:dc:4b:89:5b:d0:57:5c:9e:d2:15:10:ef:23:
b7:31:65:56:a9:26:f3:de:d3:70:eb:e6:27:49:72:
12:7c:c4:7d:da:89:31:f6:0e:bc:c8:69:f6:27:53:
8c:ee:4d:6d:98:1c:98:72:e2:ed:83:ae:68:55:3c:
71:f4:2e:3a:e4:ef:c0:7c:37:a3:7e:1b:25:8c:1a:
84:51:4a:e8:a3:4d:6c:15:7c:6d:10:00:06:9a:23:
88:00:3b:03:2f:0e:98:b5:e8:5e:23:83:9a:95:ea:
07:3d:9b:50:a4:34:a2:51:0e:6f:fa:d9:0b:e9:25:
f8:a0:00:f9:aa:78:cd:22:4b:a5:e9:9d:5d:4e:8f:
0b:57:9b:91:7b:0a:76:65:5a:88:79:37:32:51:7e:
0f:67:38:de:1b:ea:14:db:98:fb:0d:8d:eb:42:42:
9b:72:ea:1d:ba:d3:2d:d2:06:98:d3:2f:d0:c3:c8:
ef:26:50:8e:13:12:63:7a:6b:b2:e1:ff:e3:63:23:
71:83:f8:d7:e6:f4:3d:a4:75:d5:34:63:6d:d0:0d:
72:89:30:65:7b:27:43:cb:5b:42:6c:4d:af:fc:7f:
82:62:67:2b:98:66:c5:53:73:2d:b9:4f:5d:ee:4e:
47:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DD:72:40:EB:C7:27:74:B9:EF:9F:F8:D9:39:1C:09:4C:48:15:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
be:54:21:e5:96:a0:40:c5:b4:91:e1:5b:5b:f0:32:59:20:0e:
68:8c:aa:4d:e9:c5:72:ca:36:82:38:ab:3d:d1:64:0c:21:97:
c6:10:d7:5d:4c:b4:d3:a7:31:cb:30:02:dd:90:03:dc:6a:f7:
fd:d0:4a:09:1b:1d:80:8f:a7:39:17:09:55:c5:ea:5c:c6:f4:
e2:82:9f:61:41:c5:82:9f:c0:c9:4a:ff:4e:1b:8f:d4:a1:eb:
2e:2f:12:b9:53:b2:6b:2b:66:1d:90:03:d9:4e:a3:9e:e8:5e:
bc:69:80:ca:91:fc:3f:bc:8f:e5:03:d5:56:aa:48:f1:f6:53:
d1:fe:38:9e:11:6f:ed:8a:b4:da:fe:aa:c2:5e:76:f0:10:26:
7e:37:b2:5f:0f:9b:b8:6e:bc:71:cf:19:d3:1f:4e:a1:a7:87:
48:ce:a1:36:ba:5a:7d:b3:b1:f4:d6:53:07:08:cb:18:cb:03:
f4:0f:91:5a:e1:88:df:1b:99:9f:4d:a7:a5:84:62:f7:d6:6b:
5b:d6:c0:a6:b2:a7:74:49:5a:e2:4f:ca:c2:07:16:7d:25:a5:
31:c8:5f:b6:32:42:d6:a5:db:b9:4c:ae:f0:f4:95:c9:73:7f:
36:af:94:fc:cf:42:eb:23:e7:b6:42:a1:a8:1d:9e:3a:d6:2d:
8e:e0:62:fd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSfqCCFKo1SeM4tGqSv32IwFpz+EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMDRaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwZDhjMjgzYjI5NDU1MGQxMzRiZjkzNWZkZGVkMGQxNDQ4ODM0ODQyNDdi
YjhhMjI4NzA1ZDg0NzViMzhlZGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOCYV6ECHNz2+mEtsTmYFvcS4lb0FdcntIVEO8jtzFlVqkm897TcOvmJ0ly
EnzEfdqJMfYOvMhp9idTjO5NbZgcmHLi7YOuaFU8cfQuOuTvwHw3o34bJYwahFFK
6KNNbBV8bRAABpojiAA7Ay8OmLXoXiODmpXqBz2bUKQ0olEOb/rZC+kl+KAA+ap4
zSJLpemdXU6PC1ebkXsKdmVaiHk3MlF+D2c43hvqFNuY+w2N60JCm3LqHbrTLdIG
mNMv0MPI7yZQjhMSY3prsuH/42MjcYP41+b0PaR11TRjbdANcokwZXsnQ8tbQmxN
r/x/gmJnK5hmxVNzLblPXe5ORx8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTU3XJA
68cndLnvn/jZORwJTEgVpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAvlQh5ZagQMW0keFbW/AyWSAOaIyqTenFcso2gjir
PdFkDCGXxhDXXUy006cxyzAC3ZAD3Gr3/dBKCRsdgI+nORcJVcXqXMb04oKfYUHF
gp/AyUr/ThuP1KHrLi8SuVOyaytmHZAD2U6jnuhevGmAypH8P7yP5QPVVqpI8fZT
0f44nhFv7Yq02v6qwl528BAmfjeyXw+buG68cc8Z0x9OoaeHSM6hNrpafbOx9NZT
BwjLGMsD9A+RWuGI3xuZn02npYRi99ZrW9bAprKndEla4k/KwgcWfSWlMchftjJC
1qXbuUyu8PSVyXN/Nq+U/M9C6yPntkKhqB2eOtYtjuBi/Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:04:57 2025 by rpki-client