Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: fSwZVlzsQN+hbNOnfaYz3YGY3UT/IdVFsjbos48oSvw=
Subject key identifier: 08:C9:01:3C:DB:A7:05:7F:AA:A8:D8:EE:45:9C:40:08:C4:55:77:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6445A3764355BEF44FE36E84A18A7A0997119BDB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Mon 28 Apr 2025 15:51:11 +0000
ROA not before: Mon 28 Apr 2025 15:51:11 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 15:42:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:45:a3:76:43:55:be:f4:4f:e3:6e:84:a1:8a:7a:09:97:11:9b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 28 15:51:11 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=269a3d7b6d32addd39c092ed8fe3838cbdb871a981298386a310de3b2bb16b0a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:87:bd:9b:f4:31:97:ae:17:f0:51:b6:d6:98:
bf:c7:0e:ce:0d:db:24:d5:1b:fe:2c:c2:7d:fe:a9:
8e:5f:76:99:93:ca:a7:91:b3:b0:65:76:0d:de:d9:
19:68:0d:48:7b:ff:2d:8b:07:4f:da:45:47:d4:97:
3d:30:2f:cb:a2:1f:be:ac:0f:42:85:19:52:6d:24:
20:9f:cc:40:b5:52:2d:3b:54:e2:75:4c:0e:39:e1:
61:b6:cf:7a:89:6e:c6:0b:61:3b:cf:52:46:fb:f2:
50:16:85:a1:7e:85:bf:6f:ee:7a:b7:0f:e7:4b:ca:
ae:ef:0f:74:2e:c6:88:62:dd:2c:65:44:dc:13:4b:
d8:ec:69:83:4c:8f:1a:ef:26:1a:cc:45:86:c9:37:
cb:4b:c0:e6:82:20:7b:71:8e:b9:1a:59:57:c9:49:
46:63:44:c3:5a:e3:16:9a:36:90:85:d1:58:a1:3b:
6f:f3:ec:44:82:36:9e:7c:55:cb:0a:43:d1:86:77:
52:00:7f:a1:be:19:63:4d:e2:a9:26:10:b2:45:1b:
b2:6f:5a:de:e5:d0:c7:c4:c0:77:43:28:80:2e:f5:
41:29:c0:2e:10:74:e9:b5:7f:e6:c6:2d:46:c2:f2:
41:a4:fc:ff:e9:a0:58:3f:4f:07:ae:d3:57:0d:8c:
de:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:C9:01:3C:DB:A7:05:7F:AA:A8:D8:EE:45:9C:40:08:C4:55:77:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:76:b5:5e:87:30:93:ed:4a:fc:d7:a6:c2:7a:70:9a:79:8d:
36:05:0c:b2:69:0e:57:4c:4f:c0:9d:f6:e3:5f:6e:c1:50:81:
08:07:c2:3b:d9:b9:3b:28:86:67:6d:be:eb:4b:e8:88:17:cd:
66:0f:b0:87:01:4c:92:83:2b:75:92:0a:a7:ea:95:3e:53:6f:
c2:0f:1f:79:15:1d:39:ac:81:fe:93:1f:44:15:20:ef:cf:3f:
b8:4a:b0:1a:08:84:09:39:03:57:72:73:a8:e1:80:00:59:22:
7f:81:d5:30:fc:b0:af:14:9a:95:02:88:10:f0:d9:ff:67:ea:
74:f3:56:c4:c3:dc:5a:7c:fa:81:63:a0:2f:56:ca:41:92:90:
77:b7:8d:02:bc:7d:a4:12:9b:f8:80:5a:67:c9:c9:b2:12:18:
1e:8e:1d:59:08:bc:c5:3c:a0:42:f0:03:3d:0b:f2:d6:f4:fb:
c1:49:bb:d5:ca:32:d5:79:5a:85:56:48:0e:c4:ae:62:7b:9b:
37:c9:4b:ab:6a:f7:f2:26:f7:89:34:e8:d8:c5:08:25:31:83:
45:d9:82:cc:ab:b5:b7:f1:28:ab:1a:ad:c3:e0:a5:0e:d2:ba:
1e:65:75:b1:c6:9b:85:db:aa:a7:a4:5b:7e:ef:6f:4f:88:d9:
ed:0a:1b:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZEWjdkNVvvRP426EoYp6CZcRm9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjgxNTUxMTFaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2OWEzZDdiNmQzMmFkZGQzOWMwOTJlZDhmZTM4MzhjYmRiODcxYTk4MTI5
ODM4NmEzMTBkZTNiMmJiMTZiMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2HvZv0MZeuF/BRttaYv8cOzg3bJNUb/izCff6pjl92mZPKp5GzsGV2Dd7Z
GWgNSHv/LYsHT9pFR9SXPTAvy6IfvqwPQoUZUm0kIJ/MQLVSLTtU4nVMDjnhYbbP
eoluxgthO89SRvvyUBaFoX6Fv2/uercP50vKru8PdC7GiGLdLGVE3BNL2Oxpg0yP
Gu8mGsxFhsk3y0vA5oIge3GOuRpZV8lJRmNEw1rjFpo2kIXRWKE7b/PsRII2nnxV
ywpD0YZ3UgB/ob4ZY03iqSYQskUbsm9a3uXQx8TAd0MogC71QSnALhB06bV/5sYt
RsLyQaT8/+mgWD9PB67TVw2M3o0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQIyQE8
26cFf6qo2O5FnEAIxFV3gjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAGna1Xocwk+1K/NemwnpwmnmNNgUMsmkOV0xPwJ32
419uwVCBCAfCO9m5OyiGZ22+60voiBfNZg+whwFMkoMrdZIKp+qVPlNvwg8feRUd
OayB/pMfRBUg788/uEqwGgiECTkDV3JzqOGAAFkif4HVMPywrxSalQKIEPDZ/2fq
dPNWxMPcWnz6gWOgL1bKQZKQd7eNArx9pBKb+IBaZ8nJshIYHo4dWQi8xTygQvAD
PQvy1vT7wUm71coy1XlahVZIDsSuYnubN8lLq2r38ib3iTTo2MUIJTGDRdmCzKu1
t/Eoqxqtw+ClDtK6HmV1scabhduqp6Rbfu9vT4jZ7QobFw==
-----END CERTIFICATE-----
Generated at Thu May 8 18:05:32 2025 by rpki-client