Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: gHvjGjmfSDSOYYdqFfa9fvb7wtAOWOIa+u2qEkQ2xPo=
Subject key identifier: 3B:91:FD:CD:54:95:F7:55:AE:C4:81:7E:31:DB:B9:10:5C:23:64:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63EA640D1E4EC38727B825390EB1ED6C855A4F61
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Mon 16 Jun 2025 21:50:18 +0000
ROA not before: Mon 16 Jun 2025 21:50:18 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ea:64:0d:1e:4e:c3:87:27:b8:25:39:0e:b1:ed:6c:85:5a:4f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:18 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=116318a82ac7efb1b0a3f56577d6c47fe3329ae091fa429cc052133d3c85f7c4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:03:c3:7f:22:a5:59:54:76:d5:d1:a5:fa:fe:
04:d4:56:d0:d1:9a:1c:65:c7:d3:f3:e1:5c:0b:9d:
b9:59:fe:f0:88:20:25:91:82:c7:c0:61:6b:b5:2f:
e3:b9:0b:df:83:20:51:3b:e6:ae:fb:89:1a:05:c6:
a5:c9:d7:f7:fc:10:53:ae:4e:41:61:e7:54:f8:2e:
6e:1e:da:5a:5e:6a:34:a9:88:19:82:86:fd:11:80:
f3:7a:89:ff:2a:eb:96:e6:7f:85:7e:f5:7e:34:ed:
a7:9d:02:88:91:4d:31:c9:b0:1b:07:85:59:dd:0f:
d2:ba:7e:75:25:79:6c:3b:10:de:3f:f6:1e:1d:97:
25:c7:f2:35:74:5f:3f:de:7b:2f:71:f0:ef:eb:01:
41:1b:fe:60:19:5a:8e:97:39:3c:cb:24:75:8a:89:
cb:c7:61:06:a2:a2:63:81:13:01:25:47:59:4e:ad:
09:fa:c9:aa:64:29:b3:57:58:38:50:ba:6b:2b:2e:
38:f7:dc:2f:26:c9:2a:10:6e:64:0a:ff:9c:e8:99:
8e:c1:8f:ff:da:d7:79:58:ea:ff:e7:36:31:e8:2a:
eb:f6:31:d1:45:e1:f5:93:dd:2d:1a:ed:d8:5a:d3:
52:85:cc:c5:bc:26:0a:69:22:90:7e:24:fc:54:5c:
4e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:91:FD:CD:54:95:F7:55:AE:C4:81:7E:31:DB:B9:10:5C:23:64:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
11:8c:fe:d2:20:84:20:18:21:e6:4d:88:67:c5:91:9a:c0:87:
9c:57:73:1d:50:66:33:44:53:58:91:a3:88:8f:2b:a4:eb:60:
b6:d4:9c:2b:ed:25:57:4f:61:9c:f2:21:17:25:71:fc:54:25:
96:74:b0:fc:f3:23:07:2f:b4:78:c7:c8:a1:e4:e8:00:0f:e3:
62:76:03:82:ed:33:26:d8:8e:b4:6b:de:c4:61:50:df:c3:e8:
65:25:91:4c:ba:16:03:db:43:da:a7:9e:fb:90:ad:40:36:aa:
ac:a3:f9:83:16:f6:15:5b:32:45:79:f8:8b:fd:99:80:d0:86:
18:4a:65:3c:26:a0:86:20:17:79:ba:8b:9f:63:c1:c8:61:7a:
30:ee:ae:b9:40:9d:f4:af:df:89:08:13:a1:85:5b:04:99:9b:
0e:28:f4:5d:29:8c:6a:c2:3b:ce:09:c6:1a:7a:24:8b:c8:b8:
b4:a2:f3:0e:bd:25:63:72:16:d2:f1:24:58:5e:c6:f9:39:45:
f5:de:70:f3:73:eb:9f:65:e7:9e:8a:ba:8d:b4:92:a0:05:c3:
06:c4:81:ae:a2:17:07:cf:0b:ab:f6:c1:42:1d:ee:91:ae:71:
d0:06:8e:0d:21:88:68:2e:a9:fa:f3:8f:f8:71:2a:69:5d:34:
0a:52:9d:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUY+pkDR5Ow4cnuCU5DrHtbIVaT2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMThaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDExNjMxOGE4MmFjN2VmYjFiMGEzZjU2NTc3ZDZjNDdmZTMzMjlhZTA5MWZh
NDI5Y2MwNTIxMzNkM2M4NWY3YzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoDw38ipVlUdtXRpfr+BNRW0NGaHGXH0/PhXAuduVn+8IggJZGCx8Bha7Uv
47kL34MgUTvmrvuJGgXGpcnX9/wQU65OQWHnVPgubh7aWl5qNKmIGYKG/RGA83qJ
/yrrluZ/hX71fjTtp50CiJFNMcmwGweFWd0P0rp+dSV5bDsQ3j/2Hh2XJcfyNXRf
P957L3Hw7+sBQRv+YBlajpc5PMskdYqJy8dhBqKiY4ETASVHWU6tCfrJqmQps1dY
OFC6aysuOPfcLybJKhBuZAr/nOiZjsGP/9rXeVjq/+c2Megq6/Yx0UXh9ZPdLRrt
2FrTUoXMxbwmCmkikH4k/FRcThsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ7kf3N
VJX3Va7EgX4x27kQXCNkCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAEYz+0iCEIBgh5k2IZ8WRmsCHnFdzHVBmM0RTWJGj
iI8rpOtgttScK+0lV09hnPIhFyVx/FQllnSw/PMjBy+0eMfIoeToAA/jYnYDgu0z
JtiOtGvexGFQ38PoZSWRTLoWA9tD2qee+5CtQDaqrKP5gxb2FVsyRXn4i/2ZgNCG
GEplPCaghiAXebqLn2PByGF6MO6uuUCd9K/fiQgToYVbBJmbDij0XSmMasI7zgnG
Gnoki8i4tKLzDr0lY3IW0vEkWF7G+TlF9d5w83Prn2Xnnoq6jbSSoAXDBsSBrqIX
B88Lq/bBQh3uka5x0AaODSGIaC6p+vOP+HEqaV00ClKdtw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:19:25 2025 by rpki-client