Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: tgCxTNiZLzTvAA4v2HHF8si5wdvY1EWV42FLPewl0Is=
Subject key identifier: D8:FD:37:62:11:51:2A:B3:0A:25:08:AB:0C:C8:47:39:57:E2:34:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A93C26450239F66344BE2C08AC4E26F2896251D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Tue 17 Jun 2025 00:50:03 +0000
ROA not before: Tue 17 Jun 2025 00:50:03 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:93:c2:64:50:23:9f:66:34:4b:e2:c0:8a:c4:e2:6f:28:96:25:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:03 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=935b073f198eb6dc6df487ddc1faf5bfa98433a60b7c99af1813867888ec724f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:8d:02:02:38:88:56:d2:42:97:28:88:51:7a:
1c:a9:5a:42:e1:75:d8:a4:61:f1:ae:1e:08:3f:79:
a7:22:e3:c0:20:62:21:15:0f:39:3e:65:d0:50:66:
a5:d8:88:fa:68:69:1a:5c:16:20:86:a4:56:16:9f:
8b:c1:7f:ba:07:bd:b4:1e:b4:cb:78:db:49:e2:f1:
f3:59:5e:37:10:09:f5:10:63:d4:64:c5:e8:96:0c:
bb:78:30:63:99:1a:02:b8:f8:37:a4:91:20:08:7c:
ea:0f:f9:16:c0:6a:ef:f1:4c:5b:c8:9c:39:53:5a:
e7:fe:32:d6:d4:c3:92:04:a1:fa:24:92:17:2b:60:
89:22:03:44:32:eb:9a:19:e9:77:22:1d:ef:ad:8e:
4d:5e:f5:e8:dc:84:be:32:cb:fe:c6:57:f1:bf:a0:
10:1e:f2:90:c4:9d:83:8a:e1:67:81:63:2a:64:47:
76:9c:b5:f0:50:be:19:23:7d:00:ea:60:13:1b:ee:
76:53:26:4d:b2:fc:ca:3c:7b:62:9b:2d:97:83:a7:
3b:d5:cb:c0:b7:f3:6e:3e:4d:cc:32:fd:48:c1:f4:
56:23:06:df:e3:07:ce:b7:ef:cf:24:4d:4f:f7:1e:
c8:a2:14:02:00:73:35:7d:d2:dc:69:bc:07:28:13:
c7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FD:37:62:11:51:2A:B3:0A:25:08:AB:0C:C8:47:39:57:E2:34:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
59:6b:9f:4e:85:af:12:1c:1f:2a:62:43:7f:75:9a:c0:1a:3e:
be:6b:d3:ca:df:80:1f:bf:88:64:19:f8:5b:ec:f7:54:f0:5e:
f2:a2:10:64:c2:09:1f:2c:9d:17:ed:86:8e:65:35:db:b7:48:
6e:5f:5a:27:37:00:91:c5:9e:b3:8c:aa:81:46:e2:fe:46:55:
0a:83:30:df:18:be:59:b3:3e:16:8a:4c:b2:e4:1b:6f:c5:a0:
09:54:93:0f:03:f9:b2:3e:d4:36:9c:eb:85:2e:0b:76:e9:cf:
58:24:c5:f9:19:48:03:72:93:15:7b:4c:91:2d:90:11:5c:e8:
2f:ec:f4:41:b9:b7:37:5c:97:90:61:8d:d4:a1:86:4b:db:07:
d7:44:77:d6:62:94:dc:00:44:19:fc:60:89:13:c9:cd:7c:dd:
55:5f:96:98:51:e2:be:a1:c0:26:f5:19:ea:97:d2:bb:73:4f:
fc:5e:28:5c:d7:17:f1:6d:1d:05:12:32:ff:e4:41:86:88:58:
ff:56:c9:0d:c1:03:6b:d9:05:91:b5:a2:f6:d0:4c:ea:1f:f3:
c6:21:dc:75:6d:1c:ea:96:2f:58:62:0d:a4:13:c7:e9:93:eb:
f1:2d:47:a7:4d:31:99:1a:8c:5b:4b:e6:62:04:61:2b:e7:e7:
9d:60:57:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGpPCZFAjn2Y0S+LAisTibyiWJR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwMDNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDkzNWIwNzNmMTk4ZWI2ZGM2ZGY0ODdkZGMxZmFmNWJmYTk4NDMzYTYwYjdj
OTlhZjE4MTM4Njc4ODhlYzcyNGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOSNAgI4iFbSQpcoiFF6HKlaQuF12KRh8a4eCD95pyLjwCBiIRUPOT5l0FBm
pdiI+mhpGlwWIIakVhafi8F/uge9tB60y3jbSeLx81leNxAJ9RBj1GTF6JYMu3gw
Y5kaArj4N6SRIAh86g/5FsBq7/FMW8icOVNa5/4y1tTDkgSh+iSSFytgiSIDRDLr
mhnpdyId762OTV716NyEvjLL/sZX8b+gEB7ykMSdg4rhZ4FjKmRHdpy18FC+GSN9
AOpgExvudlMmTbL8yjx7Ypstl4OnO9XLwLfzbj5NzDL9SMH0ViMG3+MHzrfvzyRN
T/ceyKIUAgBzNX3S3Gm8BygTx+UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTY/Tdi
EVEqswolCKsMyEc5V+I0fDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAWWufToWvEhwfKmJDf3WawBo+vmvTyt+AH7+IZBn4
W+z3VPBe8qIQZMIJHyydF+2GjmU127dIbl9aJzcAkcWes4yqgUbi/kZVCoMw3xi+
WbM+FopMsuQbb8WgCVSTDwP5sj7UNpzrhS4LdunPWCTF+RlIA3KTFXtMkS2QEVzo
L+z0Qbm3N1yXkGGN1KGGS9sH10R31mKU3ABEGfxgiRPJzXzdVV+WmFHivqHAJvUZ
6pfSu3NP/F4oXNcX8W0dBRIy/+RBhohY/1bJDcEDa9kFkbWi9tBM6h/zxiHcdW0c
6pYvWGINpBPH6ZPr8S1Hp00xmRqMW0vmYgRhK+fnnWBXBA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 10:25:52 2025 by rpki-client