Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: AEj28EfWQ2kZqIN+tmyyVp6kyKRxTy7Vh8gl1gPMIXc=
Subject key identifier: 22:36:27:A3:B9:2B:84:F9:87:DF:79:78:9D:D6:9B:61:EA:8C:40:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5BF7098F94C7E9DC8E540AC7D85BDAD3D318AF30
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Mon 28 Apr 2025 15:51:12 +0000
ROA not before: Mon 28 Apr 2025 15:51:12 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:f7:09:8f:94:c7:e9:dc:8e:54:0a:c7:d8:5b:da:d3:d3:18:af:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:51:12 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=6f81d99d7670df551ab655a4c5c77c17954df46a47f66cdc17c222089c38f9a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:85:f7:5d:6e:68:8c:40:47:0b:f4:36:d3:2c:
2d:10:6e:e8:41:02:f4:9f:f5:d6:d9:d5:db:e9:4b:
ae:7d:26:d9:61:46:a7:39:a3:af:89:41:d9:26:78:
c8:54:49:eb:7b:90:5b:db:bb:ad:bf:a0:da:48:f1:
e6:de:8f:31:9b:61:0a:9a:64:63:76:aa:ea:be:41:
6f:a7:0e:e5:b7:b1:59:1f:7e:28:25:e4:80:8f:52:
74:1f:52:65:4f:ce:db:83:0b:98:0b:62:b6:4f:02:
00:5c:7e:2d:d5:3f:d4:a2:7b:ac:31:cd:d4:59:eb:
50:0c:66:99:03:7b:33:c2:01:2e:59:35:47:05:18:
80:53:9e:dc:ec:a3:dd:9d:06:74:f9:29:82:8d:2f:
19:a5:53:03:22:64:37:77:43:dc:26:6e:d9:22:03:
1d:c3:e3:83:d9:ee:81:ba:6e:b8:ac:9b:c3:03:ad:
8f:16:30:00:91:3d:3a:3e:f1:81:98:a5:6b:83:68:
90:98:ca:ff:d3:24:80:d8:99:11:11:79:1c:e0:1d:
fb:93:ab:7b:cc:05:25:3b:89:94:76:04:b6:38:f9:
7c:dd:62:2b:32:73:af:4a:d1:8e:fa:85:9a:10:b9:
2f:3b:bd:1f:a2:e2:80:1c:15:64:47:3e:95:8b:bf:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:36:27:A3:B9:2B:84:F9:87:DF:79:78:9D:D6:9B:61:EA:8C:40:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
b8:02:44:52:3f:8b:05:8d:c2:db:3d:f2:5c:9c:cd:f0:bb:04:
31:21:a4:81:b2:c0:27:19:4a:bd:47:7e:08:de:6e:82:70:c0:
91:2a:09:53:51:3f:78:eb:9e:34:cc:d3:57:c5:98:e4:36:bc:
5e:7e:c9:f4:69:ad:18:22:00:a6:17:cd:38:d2:35:e5:9d:f3:
e5:1d:bf:ab:6f:8d:22:e3:08:76:d0:d9:31:cd:37:eb:ce:ff:
18:f5:6a:0d:65:64:85:12:15:97:4a:c4:88:8d:b1:68:f0:2a:
95:e5:8f:eb:84:c5:02:55:36:15:97:8c:3f:0e:75:85:72:7d:
21:5a:96:09:8a:eb:20:1f:68:1c:a4:f8:af:b1:23:e4:ea:33:
44:ed:e3:db:8a:3f:f9:6a:fe:88:9c:ae:8b:05:92:c9:d9:70:
02:37:7a:0a:1b:45:fc:8f:ad:2a:a6:67:d9:27:10:9d:0a:25:
d6:cb:d1:9d:5f:0b:55:c0:0f:e7:f4:7a:6e:0f:bf:aa:4d:98:
29:7d:27:dd:5a:7a:8c:12:a8:d3:57:06:99:db:1a:da:8c:10:
01:e4:cb:1b:e1:b4:d9:f1:dd:ae:eb:ab:69:da:94:c7:9e:46:
02:6a:52:cf:27:01:8a:cb:a0:a6:da:89:be:e2:0b:6f:a5:6f:
7e:8f:cb:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUW/cJj5TH6dyOVArH2Fva09MYrzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUxMTJaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmODFkOTlkNzY3MGRmNTUxYWI2NTVhNGM1Yzc3YzE3OTU0ZGY0NmE0N2Y2
NmNkYzE3YzIyMjA4OWMzOGY5YTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJyF911uaIxARwv0NtMsLRBu6EEC9J/11tnV2+lLrn0m2WFGpzmjr4lB2SZ4
yFRJ63uQW9u7rb+g2kjx5t6PMZthCppkY3aq6r5Bb6cO5bexWR9+KCXkgI9SdB9S
ZU/O24MLmAtitk8CAFx+LdU/1KJ7rDHN1FnrUAxmmQN7M8IBLlk1RwUYgFOe3Oyj
3Z0GdPkpgo0vGaVTAyJkN3dD3CZu2SIDHcPjg9nugbpuuKybwwOtjxYwAJE9Oj7x
gZila4NokJjK/9MkgNiZERF5HOAd+5Ore8wFJTuJlHYEtjj5fN1iKzJzr0rRjvqF
mhC5Lzu9H6LigBwVZEc+lYu/qpkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQiNiej
uSuE+YffeXid1pth6oxAYTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAuAJEUj+LBY3C2z3yXJzN8LsEMSGkgbLAJxlKvUd+
CN5ugnDAkSoJU1E/eOueNMzTV8WY5Da8Xn7J9GmtGCIAphfNONI15Z3z5R2/q2+N
IuMIdtDZMc03687/GPVqDWVkhRIVl0rEiI2xaPAqleWP64TFAlU2FZeMPw51hXJ9
IVqWCYrrIB9oHKT4r7Ej5OozRO3j24o/+Wr+iJyuiwWSydlwAjd6ChtF/I+tKqZn
2ScQnQol1svRnV8LVcAP5/R6bg+/qk2YKX0n3Vp6jBKo01cGmdsa2owQAeTLG+G0
2fHdruuradqUx55GAmpSzycBisugptqJvuILb6Vvfo/L7w==
-----END CERTIFICATE-----
Generated at Tue May 6 03:06:04 2025 by rpki-client