Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: XLreCpIMF7gfGFIH+kWpZUxNxMhFHWvQuZkip0AcR+k=
Subject key identifier: 5A:94:6F:04:FA:23:BF:92:BD:D9:72:D2:AA:53:B2:4C:E8:3E:C0:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F3A2F05FB9D85878DF0BF80C5475D52EE8EA8FA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Mon 28 Apr 2025 15:50:06 +0000
ROA not before: Mon 28 Apr 2025 15:50:06 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 05 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:3a:2f:05:fb:9d:85:87:8d:f0:bf:80:c5:47:5d:52:ee:8e:a8:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:50:06 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=10e218d438f5f7cade5baf787f8e4d6b6a09c306401bd3347462374d4ec10ded, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b8:08:73:2b:65:1b:8b:90:1a:49:17:6a:6e:
98:a9:07:de:01:52:35:a9:ee:60:bc:a9:a2:d3:64:
7b:74:65:ba:c4:18:7d:b8:cb:72:75:53:2a:05:f8:
29:81:08:3b:71:ea:f9:e9:98:90:dd:f5:c2:6c:75:
3f:04:5c:dc:dd:12:e7:c7:1c:cb:31:b3:a0:07:f6:
85:55:43:57:19:fa:e8:4f:cc:d4:86:01:bf:1c:de:
30:2b:24:04:8d:05:e0:76:de:17:e4:d9:c7:a7:e6:
f5:15:1c:4d:56:9f:77:05:6b:1f:44:15:8d:c3:39:
ea:94:21:6f:e9:a1:f7:00:22:52:17:10:c6:50:8c:
d7:ee:69:52:fa:b3:d5:bd:93:f2:3c:dd:4c:21:7e:
d7:94:1b:43:1b:fb:14:bb:c0:73:ba:cc:e4:6d:dd:
ed:9e:25:91:b0:2e:7c:a7:cc:8f:a3:42:01:ef:ad:
0d:02:68:a7:82:85:dd:15:eb:ec:6a:98:2c:fb:b0:
c0:db:4b:2f:12:d4:06:42:78:99:ec:e9:30:9a:a3:
94:9d:5f:dd:d6:0c:4f:f4:a8:48:92:7c:6d:42:4f:
13:17:86:b1:45:87:2c:33:e0:ef:de:db:63:f7:09:
4f:6f:dd:f9:f6:5d:62:37:c7:6e:95:a5:44:c6:7d:
00:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:94:6F:04:FA:23:BF:92:BD:D9:72:D2:AA:53:B2:4C:E8:3E:C0:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
85:23:38:bc:cf:71:53:93:04:75:9f:a6:1d:9a:98:f5:8c:cf:
6b:d0:09:a7:05:7a:01:f0:00:04:28:fc:a9:f5:31:1b:7b:7e:
d0:3b:1c:5b:ba:b3:00:d9:7f:aa:bb:3f:55:53:b6:db:90:69:
df:05:db:35:16:2e:15:a2:e3:d6:4f:35:2d:5e:92:e0:a0:e2:
72:b3:34:54:18:07:61:90:40:ef:ef:cd:c8:6a:c0:c7:db:b8:
83:07:93:55:dd:ae:20:3c:fa:c7:b2:42:6f:5a:59:de:5a:7b:
61:82:b6:36:a8:ee:5b:2f:71:3a:d0:63:66:4c:1d:0b:a9:92:
b5:f4:f7:e4:2c:9f:e1:66:69:fe:ca:d1:a6:2c:a1:8b:b4:6f:
83:c8:1b:05:be:b9:65:74:e0:8a:6d:12:ec:12:9d:12:47:74:
32:1e:9c:3b:ae:df:84:d3:62:3e:4b:8f:04:8f:30:e7:07:bc:
a8:2d:74:2f:ea:2b:73:0e:f4:af:f1:34:1e:39:6b:f5:de:b6:
4c:ef:d1:03:56:ff:81:7a:35:79:c1:f8:6c:c0:02:2c:79:fb:
1b:e0:36:61:3e:52:b8:2c:a2:54:a8:2c:12:39:01:09:cc:e8:
96:34:a3:4f:44:b3:7a:e6:a8:00:06:1e:d4:35:67:08:8b:b6:
c7:0b:03:4e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHzovBfudhYeN8L+AxUddUu6OqPowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUwMDZaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwZTIxOGQ0MzhmNWY3Y2FkZTViYWY3ODdmOGU0ZDZiNmEwOWMzMDY0MDFi
ZDMzNDc0NjIzNzRkNGVjMTBkZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOy4CHMrZRuLkBpJF2pumKkH3gFSNanuYLypotNke3RlusQYfbjLcnVTKgX4
KYEIO3Hq+emYkN31wmx1PwRc3N0S58ccyzGzoAf2hVVDVxn66E/M1IYBvxzeMCsk
BI0F4HbeF+TZx6fm9RUcTVafdwVrH0QVjcM56pQhb+mh9wAiUhcQxlCM1+5pUvqz
1b2T8jzdTCF+15QbQxv7FLvAc7rM5G3d7Z4lkbAufKfMj6NCAe+tDQJop4KF3RXr
7GqYLPuwwNtLLxLUBkJ4mezpMJqjlJ1f3dYMT/SoSJJ8bUJPExeGsUWHLDPg797b
Y/cJT2/d+fZdYjfHbpWlRMZ9ADsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRalG8E
+iO/kr3ZctKqU7JM6D7AJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAhSM4vM9xU5MEdZ+mHZqY9YzPa9AJpwV6AfAABCj8
qfUxG3t+0DscW7qzANl/qrs/VVO225Bp3wXbNRYuFaLj1k81LV6S4KDicrM0VBgH
YZBA7+/NyGrAx9u4gweTVd2uIDz6x7JCb1pZ3lp7YYK2NqjuWy9xOtBjZkwdC6mS
tfT35Cyf4WZp/srRpiyhi7Rvg8gbBb65ZXTgim0S7BKdEkd0Mh6cO67fhNNiPkuP
BI8w5we8qC10L+orcw70r/E0Hjlr9d62TO/RA1b/gXo1ecH4bMACLHn7G+A2YT5S
uCyiVKgsEjkBCczoljSjT0SzeuaoAAYe1DVnCIu2xwsDTg==
-----END CERTIFICATE-----
Generated at Mon May 5 03:57:02 2025 by rpki-client