Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: 4Br6quWoTGzy0VqU/iyYajIt7eve1wrBG2fNc3ILyPg=
Subject key identifier: DD:FB:AF:7A:C5:40:64:67:6D:53:F3:F4:B6:B1:39:EF:C5:50:75:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28C5CE811F5A26549CBBC45C49916401E80670CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Mon 28 Apr 2025 15:50:07 +0000
ROA not before: Mon 28 Apr 2025 15:50:07 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:c5:ce:81:1f:5a:26:54:9c:bb:c4:5c:49:91:64:01:e8:06:70:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:07 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=9c226fdd6c10a2cd6a2f2aa2729b502307b02f2194a872ebcfa8cd16b0b6e3ea, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d6:7e:1c:bd:58:fc:8f:38:77:c0:00:4d:66:
47:4d:1b:1a:76:d6:f7:8a:77:5c:b0:70:e0:5c:fa:
be:84:79:5d:74:0e:78:e1:ed:48:4a:09:3c:93:77:
2e:4a:0b:cf:7c:6a:d1:b6:8f:0c:6d:31:79:35:45:
75:f2:65:1b:47:d3:fd:92:7f:21:50:b0:84:d1:af:
7b:67:c2:38:0d:76:a6:7c:12:97:1a:4f:c8:66:2e:
91:9d:43:ad:65:86:fa:af:d9:55:e4:58:6b:28:c4:
e4:e2:e1:04:de:87:07:09:8c:55:f6:62:1f:ed:5e:
03:d7:a9:7a:92:e9:1a:f8:c2:ca:74:9b:c9:6c:17:
ba:16:93:06:7d:d2:40:fe:c7:1c:ea:68:fb:cc:4b:
0b:d3:92:0d:8d:3c:04:61:ea:fe:81:e0:64:f3:93:
1c:b2:51:02:9e:e2:5f:ba:38:11:5b:f5:1c:48:47:
41:45:17:81:d6:48:b5:2e:ee:fb:f7:cb:46:9f:8b:
ca:7f:85:66:49:05:14:74:fe:08:a5:de:c9:6e:48:
02:91:40:e1:13:fe:6b:d9:8e:75:11:32:30:71:5a:
73:7a:22:f3:78:1c:17:6c:3e:65:c3:0c:cf:bc:86:
c0:27:50:cf:e9:63:3c:1f:d9:6d:82:2d:9e:51:de:
1b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:FB:AF:7A:C5:40:64:67:6D:53:F3:F4:B6:B1:39:EF:C5:50:75:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
c2:d5:4a:c9:1c:c1:fb:f5:17:78:a4:9e:14:90:39:2d:2c:fa:
fb:41:a3:79:aa:91:b5:25:0d:30:84:e2:ea:ab:71:eb:4d:64:
78:ae:38:a9:b1:84:2d:ad:aa:c3:01:da:0b:18:ba:58:8f:82:
35:4e:2f:5b:21:74:2c:94:ff:00:c2:4d:b5:ec:c6:1e:57:fa:
9a:35:c2:24:ae:f1:ef:cb:ee:57:90:ec:62:18:d7:eb:19:58:
19:87:b8:b7:70:11:4d:88:3e:7a:ee:33:0d:dc:40:bc:61:64:
27:2d:60:64:50:18:ec:d0:55:ee:82:e6:92:3c:cb:06:61:02:
7a:78:80:60:ef:47:9d:aa:0b:e9:04:e0:82:73:aa:46:51:87:
ad:b0:d1:13:52:c1:78:e5:9d:6f:7f:9d:2c:96:38:dc:00:e3:
7e:92:8d:6f:df:d9:69:fc:ad:89:f7:bc:2c:35:fd:d1:b6:68:
11:0b:04:dd:a6:a9:bf:83:1a:ed:ea:8a:66:bc:67:6e:a5:54:
b1:46:1c:bb:33:ff:c8:8a:58:4c:cb:40:06:ee:94:c4:87:61:
a6:1f:d6:3c:69:8f:39:56:d9:49:62:d4:96:0a:11:2b:e9:20:
7a:9a:0c:16:57:43:a4:af:af:6d:82:ac:21:2c:69:d9:40:1a:
f2:d3:67:51
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUKMXOgR9aJlScu8RcSZFkAegGcM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMDdaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDljMjI2ZmRkNmMxMGEyY2Q2YTJmMmFhMjcyOWI1MDIzMDdiMDJmMjE5NGE4
NzJlYmNmYThjZDE2YjBiNmUzZWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfWfhy9WPyPOHfAAE1mR00bGnbW94p3XLBw4Fz6voR5XXQOeOHtSEoJPJN3
LkoLz3xq0baPDG0xeTVFdfJlG0fT/ZJ/IVCwhNGve2fCOA12pnwSlxpPyGYukZ1D
rWWG+q/ZVeRYayjE5OLhBN6HBwmMVfZiH+1eA9epepLpGvjCynSbyWwXuhaTBn3S
QP7HHOpo+8xLC9OSDY08BGHq/oHgZPOTHLJRAp7iX7o4EVv1HEhHQUUXgdZItS7u
+/fLRp+Lyn+FZkkFFHT+CKXeyW5IApFA4RP+a9mOdREyMHFac3oi83gcF2w+ZcMM
z7yGwCdQz+ljPB/ZbYItnlHeG9UCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTd+696
xUBkZ21T8/S2sTnvxVB1eDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAMLVSskcwfv1F3iknhSQOS0s+vtBo3mqkbUlDTCE
4uqrcetNZHiuOKmxhC2tqsMB2gsYuliPgjVOL1shdCyU/wDCTbXsxh5X+po1wiSu
8e/L7leQ7GIY1+sZWBmHuLdwEU2IPnruMw3cQLxhZCctYGRQGOzQVe6C5pI8ywZh
Anp4gGDvR52qC+kE4IJzqkZRh62w0RNSwXjlnW9/nSyWONwA436SjW/f2Wn8rYn3
vCw1/dG2aBELBN2mqb+DGu3qima8Z26lVLFGHLsz/8iKWEzLQAbulMSHYaYf1jxp
jzlW2Uli1JYKESvpIHqaDBZXQ6Svr22CrCEsadlAGvLTZ1E=
-----END CERTIFICATE-----
Generated at Mon May 5 04:03:35 2025 by rpki-client