Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: p2GSAgw2zUvL5NAK00pS1mFfjSQZNxBwcVGkKJu0WT8=
Subject key identifier: FD:A3:68:A6:36:16:60:27:6E:B1:75:A0:8C:AA:65:8C:6C:49:B1:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5E32591F25AD589D9A1814DA1C89331ED50AA674
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Wed 25 Jun 2025 00:50:04 +0000
ROA not before: Wed 25 Jun 2025 00:50:04 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:32:59:1f:25:ad:58:9d:9a:18:14:da:1c:89:33:1e:d5:0a:a6:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:04 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=0b90e8c83818570a706aaaad8c1d480e4f21e24ca54a143223acac3fc9811940, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:0b:1a:af:89:a6:5c:45:db:d7:55:8a:bc:f5:
81:10:89:ec:59:68:ca:1e:fc:fc:3e:4a:83:57:12:
c9:84:5c:c3:83:96:2a:1b:52:a6:ce:95:f7:0e:49:
7f:cc:ef:de:a5:29:f1:c2:a2:ee:66:e8:b1:78:5f:
71:45:9f:1d:73:eb:fc:38:a4:d4:78:cd:ce:c2:3d:
a6:64:7b:ff:ac:7e:99:57:41:30:85:37:42:c3:9e:
52:17:4e:9d:b7:cc:02:ad:1e:72:55:58:1c:87:4e:
fa:a4:66:a2:00:8e:38:ea:3e:88:91:c2:eb:c1:ce:
42:5f:d0:d4:3a:e6:3f:27:ff:18:6c:57:1e:7f:2a:
fd:53:6b:75:e9:1c:81:74:f5:28:ea:96:34:85:2c:
e9:a1:12:81:c7:f0:11:e2:31:d6:40:84:b7:7d:19:
a3:d7:78:51:24:b0:86:ed:9b:12:4e:0c:fc:cf:9b:
37:fb:fc:45:8b:4f:54:70:b4:4d:20:cb:d2:5e:78:
77:41:f7:e9:2d:00:a3:ae:02:03:a2:5a:56:26:0f:
3b:f5:2d:13:8a:f2:b3:3d:23:e7:47:a4:c4:5d:c6:
c9:81:f8:9d:2e:b2:5f:e7:2e:1f:35:aa:39:0b:67:
f1:e1:74:f4:fb:13:43:bf:4a:d0:7f:87:5a:81:3f:
bb:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A3:68:A6:36:16:60:27:6E:B1:75:A0:8C:AA:65:8C:6C:49:B1:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:a7:13:42:21:e0:dc:17:ee:39:88:00:b1:5c:30:7e:3f:f4:
92:ae:16:f7:0b:90:65:c8:23:e7:de:f0:03:f7:e5:2f:4e:08:
d3:f1:f7:1f:5d:bb:06:f3:68:5d:8e:0e:6f:6c:d6:96:d6:4c:
ad:8b:04:e8:29:db:aa:3d:68:43:f6:bf:cb:fa:c9:7c:2c:14:
c2:45:82:28:57:9a:c9:83:bb:4a:94:bc:a1:8a:2b:1d:b8:90:
9d:b8:39:ab:1a:35:64:1d:88:a4:52:16:42:eb:30:6a:7c:45:
92:77:5a:72:c8:b8:66:d7:fb:09:d0:63:26:f5:8d:a8:d2:70:
c7:f1:9f:54:3f:aa:f7:3f:8c:51:84:b3:a5:12:7b:58:ee:23:
77:60:d9:27:55:7f:3b:ee:48:09:76:1b:5a:0e:46:47:f9:7c:
48:fb:e6:95:76:3f:28:c2:cc:8c:58:de:86:8c:45:be:4f:c8:
5f:4b:6f:f9:37:b4:d7:65:12:6a:71:04:8f:94:5e:18:a0:51:
d1:85:cd:1f:cb:24:03:a5:06:b3:14:aa:47:c2:99:ae:2b:83:
9e:4f:61:1d:bd:7c:37:71:f0:ac:46:6a:ef:85:e1:99:e4:df:
97:d7:c2:85:8e:89:22:f6:31:97:61:28:4f:85:cf:cd:30:c3:
9e:cf:36:80
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXjJZHyWtWJ2aGBTaHIkzHtUKpnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMDRaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiOTBlOGM4MzgxODU3MGE3MDZhYWFhZDhjMWQ0ODBlNGYyMWUyNGNhNTRh
MTQzMjIzYWNhYzNmYzk4MTE5NDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOYLGq+JplxF29dVirz1gRCJ7Floyh78/D5Kg1cSyYRcw4OWKhtSps6V9w5J
f8zv3qUp8cKi7mbosXhfcUWfHXPr/Dik1HjNzsI9pmR7/6x+mVdBMIU3QsOeUhdO
nbfMAq0eclVYHIdO+qRmogCOOOo+iJHC68HOQl/Q1DrmPyf/GGxXHn8q/VNrdekc
gXT1KOqWNIUs6aESgcfwEeIx1kCEt30Zo9d4USSwhu2bEk4M/M+bN/v8RYtPVHC0
TSDL0l54d0H36S0Ao64CA6JaViYPO/UtE4rysz0j50ekxF3GyYH4nS6yX+cuHzWq
OQtn8eF09PsTQ79K0H+HWoE/uxsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9o2im
NhZgJ26xdaCMqmWMbEmxODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEASqcTQiHg3BfuOYgAsVwwfj/0kq4W9wuQZcgj597w
A/flL04I0/H3H127BvNoXY4Ob2zWltZMrYsE6Cnbqj1oQ/a/y/rJfCwUwkWCKFea
yYO7SpS8oYorHbiQnbg5qxo1ZB2IpFIWQuswanxFkndacsi4Ztf7CdBjJvWNqNJw
x/GfVD+q9z+MUYSzpRJ7WO4jd2DZJ1V/O+5ICXYbWg5GR/l8SPvmlXY/KMLMjFje
hoxFvk/IX0tv+Te012USanEEj5ReGKBR0YXNH8skA6UGsxSqR8KZriuDnk9hHb18
N3HwrEZq74XhmeTfl9fChY6JIvYxl2EoT4XPzTDDns82gA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:36:19 2025 by rpki-client