Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: a1SBzxUl5CP8OoZ8W5AB26/6EiDmcFp/ub6OKLNy3kQ=
Subject key identifier: 11:99:55:34:44:36:CB:C2:43:9A:9D:56:A7:3B:E2:58:1D:19:94:1A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C4D252724D5113E1980B46788A5DA0BAB6561E6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Tue 20 May 2025 20:41:21 +0000
ROA not before: Tue 20 May 2025 20:41:21 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 13:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:4d:25:27:24:d5:11:3e:19:80:b4:67:88:a5:da:0b:ab:65:61:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:21 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=04781537af54d551aa1ab2f84fdfd58e49e1228e90e758e433ec8ed8ffc7db5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:57:26:f8:e0:42:03:01:8e:8c:6d:0b:bd:52:
4d:2a:bb:df:1b:0c:63:6c:26:c2:58:56:7e:be:08:
19:2c:06:56:36:ec:de:08:f9:58:0e:78:d3:71:00:
e5:8d:9e:9f:26:15:05:83:78:e8:2f:4a:ff:82:92:
0f:81:90:a1:28:b3:e5:b6:cc:72:7c:66:ac:2c:09:
65:52:b4:24:08:e8:60:0b:f5:6f:a3:f7:be:61:e9:
e0:5f:27:c3:e3:5b:13:c8:22:22:e1:dd:74:87:64:
c5:c2:29:3e:bc:d0:87:5a:72:63:7d:1a:da:58:ae:
72:f2:2d:6c:ad:9a:99:b6:e5:c6:5a:cf:df:c5:80:
97:44:61:44:fb:38:8a:ad:fd:ef:c3:9b:3b:8b:a7:
ae:3a:d0:72:20:bf:1b:0a:bb:d4:e4:59:80:8e:69:
d4:58:2e:63:b6:2b:a2:6f:c9:9f:c4:20:e6:55:c4:
dd:08:5e:60:c3:36:0c:b2:cf:f7:bd:48:80:0f:06:
76:f2:61:1e:1f:a3:36:12:0c:c5:11:8d:df:7c:66:
2c:f4:f4:30:48:7b:04:13:a1:f7:d7:cb:b9:a7:8c:
44:b6:3d:15:d8:5b:3e:31:e8:aa:a3:9f:13:9b:f6:
4f:96:8c:3b:49:5c:47:fa:a4:37:cf:10:1a:70:10:
8f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:99:55:34:44:36:CB:C2:43:9A:9D:56:A7:3B:E2:58:1D:19:94:1A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
2f:99:a3:05:7c:78:ea:fd:5c:d3:2d:8e:5d:a7:03:51:ff:77:
27:fb:bd:20:10:f3:92:67:ab:3a:32:14:2a:77:41:9e:9e:d2:
45:a3:24:b6:d1:4d:19:3f:9e:31:f8:01:59:6a:0d:95:e9:62:
a8:be:2a:5c:77:c5:b7:84:79:94:a5:5d:b7:0e:86:0e:0b:02:
e9:14:97:0b:b0:60:79:bd:7b:aa:d3:e6:af:fb:bd:cf:6f:bd:
9e:4d:c1:3b:c3:ad:4a:dc:f3:be:a5:5a:50:76:2d:63:f0:9b:
05:d9:e0:f1:04:15:6f:2c:1e:6c:ec:66:8a:3b:3e:e1:75:8f:
04:f0:9e:f4:1b:b6:2d:b9:75:3d:0b:c3:b9:99:c4:48:0a:08:
04:a7:8c:66:44:c5:6f:70:a9:bc:38:a9:05:d2:99:41:80:64:
6f:6b:0c:1d:b4:ed:55:7c:53:c3:78:54:ad:c6:bb:48:5f:92:
ee:91:9b:87:8d:58:2b:18:16:7c:90:29:08:bd:36:f6:a2:f5:
bb:3b:67:0d:eb:39:a6:e6:4a:63:88:ad:ac:06:d4:cc:b8:1e:
4c:87:24:99:06:1a:65:4e:17:fc:50:70:e1:fb:fa:83:91:56:
e5:4e:ba:fc:0e:fd:13:6c:6a:da:0f:54:8a:04:c7:67:29:5a:
64:db:10:be
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXE0lJyTVET4ZgLRniKXaC6tlYeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjFaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDA0NzgxNTM3YWY1NGQ1NTFhYTFhYjJmODRmZGZkNThlNDllMTIyOGU5MGU3
NThlNDMzZWM4ZWQ4ZmZjN2RiNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxXJvjgQgMBjoxtC71STSq73xsMY2wmwlhWfr4IGSwGVjbs3gj5WA5403EA
5Y2enyYVBYN46C9K/4KSD4GQoSiz5bbMcnxmrCwJZVK0JAjoYAv1b6P3vmHp4F8n
w+NbE8giIuHddIdkxcIpPrzQh1pyY30a2liucvItbK2ambblxlrP38WAl0RhRPs4
iq3978ObO4unrjrQciC/Gwq71ORZgI5p1FguY7Yrom/Jn8Qg5lXE3QheYMM2DLLP
971IgA8GdvJhHh+jNhIMxRGN33xmLPT0MEh7BBOh99fLuaeMRLY9FdhbPjHoqqOf
E5v2T5aMO0lcR/qkN88QGnAQj+8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQRmVU0
RDbLwkOanVanO+JYHRmUGjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAL5mjBXx46v1c0y2OXacDUf93J/u9IBDzkmerOjIU
KndBnp7SRaMkttFNGT+eMfgBWWoNleliqL4qXHfFt4R5lKVdtw6GDgsC6RSXC7Bg
eb17qtPmr/u9z2+9nk3BO8OtStzzvqVaUHYtY/CbBdng8QQVbywebOxmijs+4XWP
BPCe9Bu2Lbl1PQvDuZnESAoIBKeMZkTFb3CpvDipBdKZQYBkb2sMHbTtVXxTw3hU
rca7SF+S7pGbh41YKxgWfJApCL029qL1uztnDes5puZKY4itrAbUzLgeTIckmQYa
ZU4X/FBw4fv6g5FW5U66/A79E2xq2g9UigTHZylaZNsQvg==
-----END CERTIFICATE-----
Generated at Mon Jun 2 16:29:03 2025 by rpki-client