Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
File: d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa (raw, json)
Hash identifier: yHaGp3GetVgi/O9orqLbzegqM1/7h86XGAlurP3C97A=
Subject key identifier: CD:F4:70:FD:05:47:4A:A8:61:6A:B1:BE:DE:2B:98:62:63:41:24:80
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23FDCF6842758B0E43240BE8B36F2DBA50FAC600
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
Signing time: Wed 30 Apr 2025 00:20:01 +0000
ROA not before: Wed 30 Apr 2025 00:20:01 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:fd:cf:68:42:75:8b:0e:43:24:0b:e8:b3:6f:2d:ba:50:fa:c6:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 30 00:20:01 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=268951fd3dc5e15aa136d30443897f9f8922d7fcd03c3c3a5c6f4b148f29dd52, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:37:f7:5c:ed:66:95:e1:16:9e:02:c4:74:dd:
10:da:d1:eb:7d:4f:37:f4:1c:85:d7:42:26:06:ed:
3f:60:af:3c:5b:5c:69:69:64:fc:3b:3f:1f:41:2d:
39:9e:c1:cf:79:db:16:bd:1b:40:63:0b:16:a7:61:
6a:3f:d8:62:f1:e8:7f:d4:38:21:d9:7a:ea:18:09:
48:0e:26:38:e2:73:c5:22:00:61:3a:92:af:f5:b1:
6d:25:8f:93:fc:1f:d8:5c:5b:bc:0c:4b:2b:8e:0f:
07:6c:6c:6d:d5:76:45:b5:b9:af:38:4f:aa:6a:41:
fa:63:11:9b:2b:27:4d:be:ff:21:3e:59:4c:bb:e9:
0d:70:3b:1c:24:08:e8:b7:6b:b0:f2:1b:16:cf:c8:
7f:df:79:a6:68:13:3b:51:78:6d:4a:4f:2c:9b:59:
38:a7:56:15:74:a3:b0:9b:b3:45:d6:7d:24:cb:4c:
1c:f8:65:08:4b:52:7f:ea:56:c0:f2:01:74:1c:e1:
b4:dc:32:79:da:15:b5:b9:fe:44:9c:e1:f3:a0:70:
ed:78:ee:c3:ff:fb:8d:2a:81:37:df:82:57:75:ef:
89:0b:e4:e4:0d:fa:83:ac:68:d2:d5:44:fb:1a:b4:
f2:49:f5:df:2b:9b:a7:6d:03:ff:3f:ee:af:1f:37:
4b:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F4:70:FD:05:47:4A:A8:61:6A:B1:BE:DE:2B:98:62:63:41:24:80
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:61:94:12:ca:6d:2a:a3:7f:95:ca:e2:7b:69:d3:be:f7:02:
cf:a6:b9:71:39:91:39:c7:24:ac:41:fa:a7:a4:08:cd:ab:a6:
91:5d:05:68:da:a0:be:c8:53:8d:cb:8b:c7:01:3e:a7:5e:98:
8d:a4:68:5f:fd:84:a7:7b:23:17:ec:c4:d6:d1:56:c2:b2:5f:
5d:54:a3:ae:80:4f:21:c7:07:03:31:f8:8d:86:18:95:53:9f:
3d:ef:ec:67:7e:68:ef:60:aa:53:2d:1a:71:90:5f:18:44:8e:
94:d2:fe:5b:36:91:32:ab:fc:61:6b:7e:c2:e9:49:96:a1:17:
a2:34:7d:32:83:94:11:79:1a:98:ba:4c:33:04:b2:f6:4f:9a:
e4:8e:b2:71:ba:ac:62:d7:2d:79:4e:f4:6b:a9:85:c5:47:b9:
c0:ab:23:18:ff:30:ea:fc:5d:81:37:1c:8d:ca:4f:26:d7:ba:
54:4f:a3:91:f3:5c:3f:28:e6:7e:1c:c4:6c:bc:85:36:04:42:
70:88:be:9c:13:7c:90:dc:c0:d6:b8:e8:cd:10:93:3d:0a:f9:
86:87:7c:68:db:96:57:c8:b1:d1:30:eb:fd:b2:96:77:c3:44:
ff:ae:12:39:ce:ea:b5:7f:d2:1d:45:02:d5:0d:4c:0f:5e:33:
f5:b0:4a:f6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUI/3PaEJ1iw5DJAvos28tulD6xgAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MzAwMDIwMDFaFw0yNTA2MDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2ODk1MWZkM2RjNWUxNWFhMTM2ZDMwNDQzODk3ZjlmODkyMmQ3ZmNkMDNj
M2MzYTVjNmY0YjE0OGYyOWRkNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4391ztZpXhFp4CxHTdENrR631PN/QchddCJgbtP2CvPFtcaWlk/Ds/H0Et
OZ7Bz3nbFr0bQGMLFqdhaj/YYvHof9Q4Idl66hgJSA4mOOJzxSIAYTqSr/WxbSWP
k/wf2FxbvAxLK44PB2xsbdV2RbW5rzhPqmpB+mMRmysnTb7/IT5ZTLvpDXA7HCQI
6LdrsPIbFs/If995pmgTO1F4bUpPLJtZOKdWFXSjsJuzRdZ9JMtMHPhlCEtSf+pW
wPIBdBzhtNwyedoVtbn+RJzh86Bw7Xjuw//7jSqBN9+CV3XviQvk5A36g6xo0tVE
+xq08kn13yubp20D/z/urx83S3MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTN9HD9
BUdKqGFqsb7eK5hiY0EkgDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQxMWVjYTctOTVhZi00MWRkLWEyZmMtZmRhYTE2MmFkMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAsWGUEsptKqN/lcrie2nTvvcCz6a5cTmROcckrEH6
p6QIzaumkV0FaNqgvshTjcuLxwE+p16YjaRoX/2Ep3sjF+zE1tFWwrJfXVSjroBP
IccHAzH4jYYYlVOfPe/sZ35o72CqUy0acZBfGESOlNL+WzaRMqv8YWt+wulJlqEX
ojR9MoOUEXkamLpMMwSy9k+a5I6ycbqsYtcteU70a6mFxUe5wKsjGP8w6vxdgTcc
jcpPJte6VE+jkfNcPyjmfhzEbLyFNgRCcIi+nBN8kNzA1rjozRCTPQr5hod8aNuW
V8ix0TDr/bKWd8NE/64SOc7qtX/SHUUC1Q1MD14z9bBK9g==
-----END CERTIFICATE-----
Generated at Mon May 5 21:21:15 2025 by rpki-client