Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: 2JFhhV9Y9EYpwWKoLGYxsv65cBFOespZ4eyCoB3pMG0=
Subject key identifier: A2:45:47:82:55:9D:1C:FB:55:13:24:F9:A1:C0:7F:A1:D9:55:86:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C6120648B12C9C708816B6CB06FF96C415F37EA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Tue 06 May 2025 00:50:21 +0000
ROA not before: Tue 06 May 2025 00:50:21 +0000
ROA not after: Tue 10 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:61:20:64:8b:12:c9:c7:08:81:6b:6c:b0:6f:f9:6c:41:5f:37:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 6 00:50:21 2025 GMT
Not After : Jun 10 23:59:59 2025 GMT
Subject: serialNumber=a536d78192a3e29ccf64b3370fddcb32d5fbb0aa308df94f90b6d732feee6f5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:95:ac:b6:3d:a4:5c:da:4b:3e:f3:27:0d:07:
53:c2:c0:82:e3:9d:0d:58:3b:27:a1:0c:b9:54:d1:
27:5c:a4:8e:87:f1:a6:eb:f4:59:15:7d:35:fd:f4:
a0:57:40:47:d4:4f:aa:3a:43:31:1c:79:19:e9:9f:
e3:2a:a1:62:0d:7b:99:c8:f6:7b:f7:58:72:ea:4f:
ab:2b:4d:19:35:aa:0c:59:cd:5e:88:f7:29:4d:30:
45:97:41:60:51:25:d0:d4:e2:7d:4e:61:0a:b2:81:
75:f0:94:c1:22:0c:78:e1:2f:77:91:8f:03:bc:3f:
8b:3c:5a:15:be:d4:94:22:4b:e7:3e:79:9a:97:a7:
29:d2:01:b9:b8:bf:4d:7f:b4:a6:52:a9:34:fd:38:
42:0f:d3:1a:50:d2:27:58:38:0c:d4:e9:c9:e2:fe:
4e:cd:97:44:3a:42:dd:c5:57:9f:39:1b:a8:79:91:
6f:90:5f:a2:65:5f:d7:ea:51:99:89:a3:67:4f:7e:
5e:69:13:b4:b0:62:c5:32:ce:fc:12:34:4e:e6:57:
92:84:53:02:43:ad:fb:7d:ef:90:fd:d1:1a:82:f0:
13:e0:51:85:82:c3:68:36:26:cd:b0:85:bc:69:62:
b9:0d:6a:bc:95:05:5b:30:ec:bb:66:9e:a6:f9:b0:
ed:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:45:47:82:55:9D:1C:FB:55:13:24:F9:A1:C0:7F:A1:D9:55:86:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:76:17:b0:0c:da:10:a7:11:1c:82:0d:48:76:68:07:6d:21:
da:f2:d8:59:f3:4e:8b:df:3d:6a:d5:f3:a6:4b:60:c3:43:2f:
05:65:2e:42:41:91:2a:5b:ee:e2:c7:89:e1:9d:54:a6:05:c2:
a7:fb:85:2d:bd:8c:1e:c0:73:16:24:18:7a:b7:04:14:81:e2:
54:80:9d:fb:e3:c9:20:9b:b3:50:0c:11:80:bb:95:a2:92:e1:
68:ca:bf:1d:7a:0a:4f:d9:62:e3:40:5b:ea:c7:34:94:dd:74:
71:03:2a:dc:4e:07:0f:6a:7a:42:d3:e6:44:71:20:89:fe:09:
60:94:3c:33:ba:43:2f:4d:fb:f5:83:9c:ac:de:3c:21:9c:d5:
52:28:a2:b9:da:5e:9e:2f:7c:ea:27:f2:da:15:8e:fe:79:3a:
0c:22:fd:b1:42:38:43:82:36:9a:6b:27:57:39:f6:c5:53:69:
aa:7f:ab:94:9f:00:57:a4:0f:54:8b:4d:f9:8c:26:b6:b7:fc:
aa:26:88:9f:16:9d:5d:0b:ab:74:6b:25:96:c2:53:91:e5:d4:
0d:c7:ea:c0:89:89:0f:01:5a:8e:fa:a8:6a:4f:80:7e:b4:d4:
9e:88:48:70:20:78:ca:ae:a3:a0:c8:04:b6:00:3c:9d:c3:3e:
aa:3e:bf:c1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTGEgZIsSyccIgWtssG/5bEFfN+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MDYwMDUwMjFaFw0yNTA2MTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1MzZkNzgxOTJhM2UyOWNjZjY0YjMzNzBmZGRjYjMyZDVmYmIwYWEzMDhk
Zjk0ZjkwYjZkNzMyZmVlZTZmNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGVrLY9pFzaSz7zJw0HU8LAguOdDVg7J6EMuVTRJ1ykjofxpuv0WRV9Nf30
oFdAR9RPqjpDMRx5Gemf4yqhYg17mcj2e/dYcupPqytNGTWqDFnNXoj3KU0wRZdB
YFEl0NTifU5hCrKBdfCUwSIMeOEvd5GPA7w/izxaFb7UlCJL5z55mpenKdIBubi/
TX+0plKpNP04Qg/TGlDSJ1g4DNTpyeL+Ts2XRDpC3cVXnzkbqHmRb5BfomVf1+pR
mYmjZ09+XmkTtLBixTLO/BI0TuZXkoRTAkOt+33vkP3RGoLwE+BRhYLDaDYmzbCF
vGliuQ1qvJUFWzDsu2aepvmw7SkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSiRUeC
VZ0c+1UTJPmhwH+h2VWG2TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQABdhewDNoQpxEcgg1IdmgHbSHa8thZ806L3z1q1fOm
S2DDQy8FZS5CQZEqW+7ix4nhnVSmBcKn+4UtvYwewHMWJBh6twQUgeJUgJ3748kg
m7NQDBGAu5WikuFoyr8degpP2WLjQFvqxzSU3XRxAyrcTgcPanpC0+ZEcSCJ/glg
lDwzukMvTfv1g5ys3jwhnNVSKKK52l6eL3zqJ/LaFY7+eToMIv2xQjhDgjaaaydX
OfbFU2mqf6uUnwBXpA9Ui035jCa2t/yqJoifFp1dC6t0ayWWwlOR5dQNx+rAiYkP
AVqO+qhqT4B+tNSeiEhwIHjKrqOgyAS2ADydwz6qPr/B
-----END CERTIFICATE-----
Generated at Tue May 6 04:37:19 2025 by rpki-client