Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: rH93iduMDhxXXgYbqVkYZd1govPkMj/5tEjrdVuo/eQ=
Subject key identifier: 08:60:A4:62:F0:49:7C:B4:51:72:8B:0D:F3:B8:CF:CA:5A:FD:E2:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34219AED250ACABE31E80E963F9849AE0FD73725
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Fri 25 Apr 2025 20:31:09 +0000
ROA not before: Fri 25 Apr 2025 20:31:09 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:21:9a:ed:25:0a:ca:be:31:e8:0e:96:3f:98:49:ae:0f:d7:37:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:09 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=0db390325ee16ac50c6906e3668e5c2a4266518bb9b2c45b6beed2d5efe042e7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a9:88:66:e2:eb:50:d2:84:92:94:f5:60:c2:
2b:c4:40:c6:47:80:56:07:d1:80:61:de:11:0d:6d:
c2:a6:cd:3b:59:5a:be:41:9a:cc:53:be:05:00:a1:
cf:e8:e8:50:c3:e5:d6:e3:6d:ab:8c:cd:f5:e9:97:
f6:4e:85:77:a8:9d:83:49:2d:ff:24:b7:1a:70:2f:
cb:51:f0:37:73:65:fa:e7:2d:96:50:c0:af:5b:bf:
5a:39:49:45:9d:ac:63:cc:f1:95:d9:94:19:ee:66:
b3:c7:24:f5:be:e8:ed:5d:79:05:18:8d:9d:83:34:
4b:f7:d8:b5:ad:ab:7a:1c:60:f4:51:94:64:87:f0:
3e:29:89:5f:76:46:17:51:7b:01:63:86:e2:d2:9a:
e5:c5:f3:e7:99:b8:78:a9:22:ad:d0:93:e4:93:1b:
e7:84:3c:c9:c2:fc:de:df:b9:2a:ed:a4:c7:16:37:
25:7d:1e:9c:eb:8f:0a:45:8f:42:6f:ce:dd:d2:07:
de:07:f6:97:48:eb:55:3f:84:1e:08:cc:c3:c9:fa:
39:a5:06:91:19:73:29:23:89:aa:8e:d6:d6:aa:53:
c5:6a:4a:8f:34:10:1b:9b:76:04:94:7b:77:13:4f:
43:aa:4b:f4:fe:37:1e:ff:58:b6:27:0a:cf:6b:b0:
eb:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:60:A4:62:F0:49:7C:B4:51:72:8B:0D:F3:B8:CF:CA:5A:FD:E2:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:9a:5e:7b:96:cc:d6:f7:b4:7d:e5:95:e6:9b:70:54:37:79:
b7:a6:d8:07:9e:24:14:e4:d3:28:f0:90:d0:8a:b5:0a:45:3c:
9f:cb:0f:bb:90:99:de:2f:7b:66:ba:be:8c:30:a2:16:e6:8c:
5f:a3:2b:7d:a0:68:9a:44:bf:e7:f9:3b:05:ed:53:db:63:ac:
5b:48:8a:dc:ac:01:d9:fc:a3:4a:6d:89:21:99:85:ff:56:cd:
34:1a:c8:90:ba:30:b3:ac:17:4e:7c:a1:d8:e4:1c:9f:61:12:
81:53:51:d9:28:13:fb:73:5a:1d:21:49:f2:17:c0:be:41:48:
a1:4c:d3:58:64:72:1b:37:17:77:2c:3f:a5:cf:30:75:56:6b:
d1:24:bb:3a:c8:c8:7e:f9:7f:56:34:a5:d6:b8:46:b4:d4:4a:
1e:9f:4b:f5:d8:4f:b0:fa:89:59:27:c2:ce:34:bd:02:2c:c2:
39:d8:ce:3e:11:ff:51:85:4f:70:4a:31:ed:e5:5c:37:29:c0:
0d:c8:73:ad:36:f8:93:be:67:ae:72:a5:6b:09:ee:2d:9d:aa:
0f:6c:db:19:e6:86:0c:0d:f2:47:ee:4c:0c:e1:70:a8:39:ff:
e3:c7:6b:60:af:ad:c4:2b:6f:92:f4:77:f5:e0:3c:a8:fa:fb:
b3:6e:73:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNCGa7SUKyr4x6A6WP5hJrg/XNyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMDlaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkYjM5MDMyNWVlMTZhYzUwYzY5MDZlMzY2OGU1YzJhNDI2NjUxOGJiOWIy
YzQ1YjZiZWVkMmQ1ZWZlMDQyZTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMipiGbi61DShJKU9WDCK8RAxkeAVgfRgGHeEQ1twqbNO1lavkGazFO+BQCh
z+joUMPl1uNtq4zN9emX9k6Fd6idg0kt/yS3GnAvy1HwN3Nl+uctllDAr1u/WjlJ
RZ2sY8zxldmUGe5ms8ck9b7o7V15BRiNnYM0S/fYta2rehxg9FGUZIfwPimJX3ZG
F1F7AWOG4tKa5cXz55m4eKkirdCT5JMb54Q8ycL83t+5Ku2kxxY3JX0enOuPCkWP
Qm/O3dIH3gf2l0jrVT+EHgjMw8n6OaUGkRlzKSOJqo7W1qpTxWpKjzQQG5t2BJR7
dxNPQ6pL9P43Hv9YticKz2uw62ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIYKRi
8El8tFFyiw3zuM/KWv3ilTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQAzml57lszW97R95ZXmm3BUN3m3ptgHniQU5NMo8JDQ
irUKRTyfyw+7kJneL3tmur6MMKIW5oxfoyt9oGiaRL/n+TsF7VPbY6xbSIrcrAHZ
/KNKbYkhmYX/Vs00GsiQujCzrBdOfKHY5ByfYRKBU1HZKBP7c1odIUnyF8C+QUih
TNNYZHIbNxd3LD+lzzB1VmvRJLs6yMh++X9WNKXWuEa01Eoen0v12E+w+olZJ8LO
NL0CLMI52M4+Ef9RhU9wSjHt5Vw3KcANyHOtNviTvmeucqVrCe4tnaoPbNsZ5oYM
DfJH7kwM4XCoOf/jx2tgr63EK2+S9Hf14Dyo+vuzbnP+
-----END CERTIFICATE-----
Generated at Mon May 5 13:42:17 2025 by rpki-client