Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: VncXhU2phsli3JsVXDO/ptK1VK+Q2ASIKG7L2NJ5J4o=
Subject key identifier: B8:5D:CE:52:10:51:6A:90:6C:6E:3C:01:62:63:85:80:77:BF:06:AA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D83982058EE6953AE589F4D4453537CB557A4CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Tue 20 May 2025 20:41:25 +0000
ROA not before: Tue 20 May 2025 20:41:25 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:83:98:20:58:ee:69:53:ae:58:9f:4d:44:53:53:7c:b5:57:a4:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:25 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=14934692703762366e824ccba9b7920b79f4bc447108b89c44aaa6f04479679f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:49:4c:f4:89:28:aa:53:51:8a:2c:50:a7:ef:
c3:b8:f8:6c:0f:90:14:e4:d2:a2:14:37:de:06:a5:
05:29:8b:9a:3c:e0:b1:5e:0a:db:93:f7:b2:8f:2a:
48:c2:ec:d8:fe:b9:7a:7a:2b:d2:eb:35:78:30:a1:
bb:a4:d0:80:d5:c0:37:98:d9:18:7e:d4:4a:d6:c5:
9c:e7:fc:71:00:f7:41:47:4b:ee:10:18:9e:58:99:
47:18:e4:7e:db:70:b9:e9:72:f6:bc:6a:c1:92:f6:
0c:e5:46:fa:c4:e1:a9:b2:df:46:59:aa:1a:8b:89:
46:0c:7b:d5:3e:39:ba:97:3c:50:a1:fb:ee:5c:99:
ba:24:24:f3:dd:ca:96:be:1e:3f:c2:78:64:b3:bb:
7f:16:69:9c:fa:4d:33:fb:23:a7:9a:27:85:02:ac:
ac:9c:24:d6:40:08:12:fb:74:6b:82:9f:1b:b3:c1:
31:ae:08:30:e7:a1:ab:2d:33:61:53:d5:4e:a3:dd:
b1:de:ce:92:be:bf:09:20:4c:ea:bc:6a:da:37:d8:
98:39:84:f1:2a:0b:e1:53:0c:a0:9a:95:b7:0e:0a:
52:7d:89:9f:a3:76:06:a0:88:5e:78:b5:00:44:f0:
2c:21:cc:ea:86:76:76:3c:00:b3:3f:f9:ed:95:c3:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5D:CE:52:10:51:6A:90:6C:6E:3C:01:62:63:85:80:77:BF:06:AA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c8:d5:d5:e3:49:7d:a9:c1:fc:fa:e0:0c:49:77:86:e2:7d:d1:
6e:77:d2:cc:fa:29:96:0d:3b:58:01:32:4a:12:c6:82:b8:16:
cb:2b:69:a9:c1:56:78:3b:b9:c5:e1:89:1c:11:31:5f:21:42:
35:29:77:b6:26:5b:46:71:37:ad:de:1a:ff:46:12:19:48:69:
b2:29:73:7e:32:e3:cc:78:f5:28:7d:db:16:16:0d:6b:ef:71:
af:30:3b:4a:d9:00:c1:2c:22:f2:25:b5:52:59:84:e0:9e:79:
a6:11:39:f0:72:e9:8e:e9:af:7a:d2:ec:36:50:a7:3e:eb:cd:
0b:f0:57:9e:a8:e3:bc:8f:f8:91:83:8b:e5:fc:97:23:c3:c8:
1e:60:46:8f:66:42:28:0f:ae:d8:30:7a:b0:a0:05:04:4c:be:
8d:4e:d9:0a:33:8d:99:57:f1:31:3b:0c:20:e8:2f:f6:61:71:
a6:2f:9c:fd:77:68:0f:1f:d0:2d:94:64:2b:0a:ca:35:97:da:
69:27:9c:6d:5e:fc:b1:d1:c0:bc:68:27:64:53:89:ee:cd:09:
e7:eb:b0:6f:bb:8e:c6:09:e3:ac:53:dd:93:bc:ac:6d:d4:2c:
0b:d4:98:ce:dc:16:a4:c1:ef:83:78:06:9c:83:07:d7:86:7f:
e3:d7:27:a9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTYOYIFjuaVOuWJ9NRFNTfLVXpMwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjVaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0OTM0NjkyNzAzNzYyMzY2ZTgyNGNjYmE5Yjc5MjBiNzlmNGJjNDQ3MTA4
Yjg5YzQ0YWFhNmYwNDQ3OTY3OWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlJTPSJKKpTUYosUKfvw7j4bA+QFOTSohQ33galBSmLmjzgsV4K25P3so8q
SMLs2P65enor0us1eDChu6TQgNXAN5jZGH7UStbFnOf8cQD3QUdL7hAYnliZRxjk
fttwuely9rxqwZL2DOVG+sThqbLfRlmqGouJRgx71T45upc8UKH77lyZuiQk893K
lr4eP8J4ZLO7fxZpnPpNM/sjp5onhQKsrJwk1kAIEvt0a4KfG7PBMa4IMOehqy0z
YVPVTqPdsd7Okr6/CSBM6rxq2jfYmDmE8SoL4VMMoJqVtw4KUn2Jn6N2BqCIXni1
AETwLCHM6oZ2djwAsz/57ZXDpI0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS4Xc5S
EFFqkGxuPAFiY4WAd78GqjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQDI1dXjSX2pwfz64AxJd4bifdFud9LM+imWDTtYATJK
EsaCuBbLK2mpwVZ4O7nF4YkcETFfIUI1KXe2JltGcTet3hr/RhIZSGmyKXN+MuPM
ePUofdsWFg1r73GvMDtK2QDBLCLyJbVSWYTgnnmmETnwcumO6a960uw2UKc+680L
8FeeqOO8j/iRg4vl/Jcjw8geYEaPZkIoD67YMHqwoAUETL6NTtkKM42ZV/ExOwwg
6C/2YXGmL5z9d2gPH9AtlGQrCso1l9ppJ5xtXvyx0cC8aCdkU4nuzQnn67Bvu47G
CeOsU92TvKxt1CwL1JjO3Bakwe+DeAacgwfXhn/j1yep
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:46:08 2025 by rpki-client