Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: oBskndHwA3vXQYXqKBcXFOYI8kQcMnNsG/ZSFtn2Opo=
Subject key identifier: 08:90:66:F9:88:CD:DB:6A:43:96:2F:17:9B:39:9A:92:36:40:78:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5629B7DD413A26BE257D2F920E732A9454048AF3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Tue 05 Aug 2025 20:20:50 +0000
ROA not before: Tue 05 Aug 2025 20:20:50 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:29:b7:dd:41:3a:26:be:25:7d:2f:92:0e:73:2a:94:54:04:8a:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:50 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=456465cfe92d8c9b4ab9649c12ee9f809b312d25f50f41cf242aec44457eb47f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c2:8a:93:b8:fc:38:11:31:b5:45:8c:23:d1:
86:9e:6c:a4:4c:7e:b3:da:ec:c0:1e:1f:6e:8c:e4:
7f:29:78:ec:c7:92:a9:0c:38:58:f1:09:8b:c8:f2:
f8:2e:12:52:d6:60:48:49:d0:82:71:22:60:db:42:
8d:d1:84:be:ee:06:71:c8:c4:93:83:d2:ef:11:8b:
3b:d8:ff:4f:ef:6e:55:40:58:dd:61:68:b4:48:bb:
0b:63:40:97:3e:c3:0c:9a:46:2c:74:e7:aa:31:be:
c4:7e:d8:4f:69:bd:26:e8:fb:94:a9:81:96:1e:56:
ce:44:3e:05:df:31:47:8e:22:e9:0f:62:cf:ad:91:
d7:9d:15:cf:03:4f:32:62:1a:0b:32:e2:c6:29:9f:
2d:b2:f4:85:c2:a8:96:71:9c:98:d4:4f:49:2a:ea:
f7:b8:c1:e2:cc:21:32:59:28:72:2e:8c:19:51:5b:
ef:49:2b:60:b0:0b:73:e9:84:ab:d3:a9:07:05:e6:
14:50:a1:9d:71:b7:ac:c6:34:af:4f:60:cd:85:c4:
37:69:75:12:99:62:ad:bd:27:79:88:2a:ab:50:f0:
cd:8a:bf:52:15:de:a8:fb:12:10:62:17:84:f4:82:
29:95:bf:61:a5:37:4c:80:23:f4:be:49:55:bc:88:
97:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:90:66:F9:88:CD:DB:6A:43:96:2F:17:9B:39:9A:92:36:40:78:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:f8:98:3c:ee:aa:8a:e1:14:10:a7:af:32:0a:35:5c:c9:30:
08:f2:c8:42:17:87:7b:dc:b3:c0:22:47:2f:32:49:93:98:34:
1a:ef:4e:bd:28:05:09:bb:9e:89:c1:66:5e:9e:97:18:a0:95:
16:49:c7:31:f4:d4:c8:95:8e:07:e7:9f:57:78:2e:41:62:a5:
54:0f:0c:58:f5:9f:1d:74:f3:c0:e0:b5:3a:dd:57:c2:19:35:
7c:c2:51:7e:6a:83:59:c9:8d:99:e9:a1:54:dd:c5:74:fe:28:
6f:ee:f9:3d:d3:e7:87:88:d4:7f:b0:41:ee:79:a5:1b:cc:79:
c1:69:cc:b8:94:ce:39:7a:ce:9e:60:07:c7:b9:66:cf:dd:6e:
d4:d9:f1:04:00:7f:22:ab:d7:7d:8b:cd:68:bf:3f:e9:20:f7:
a3:6d:6a:4d:45:ec:a8:3d:7a:32:81:82:13:f0:ec:45:e5:77:
10:89:55:20:ae:5f:95:fe:8d:cb:31:01:98:01:05:4a:3c:37:
ee:77:3a:cd:68:80:78:ec:ad:f4:04:fc:53:83:af:7d:8e:2d:
43:69:15:27:28:0c:f4:d9:78:fd:85:8f:83:18:e7:19:83:fb:
ce:0e:07:e5:3f:48:8b:1f:8a:72:0b:34:af:ac:1a:95:18:a1:
bc:26:33:f8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVim33UE6Jr4lfS+SDnMqlFQEivMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNTBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1NjQ2NWNmZTkyZDhjOWI0YWI5NjQ5YzEyZWU5ZjgwOWIzMTJkMjVmNTBm
NDFjZjI0MmFlYzQ0NDU3ZWI0N2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKnCipO4/DgRMbVFjCPRhp5spEx+s9rswB4fbozkfyl47MeSqQw4WPEJi8jy
+C4SUtZgSEnQgnEiYNtCjdGEvu4GccjEk4PS7xGLO9j/T+9uVUBY3WFotEi7C2NA
lz7DDJpGLHTnqjG+xH7YT2m9Juj7lKmBlh5WzkQ+Bd8xR44i6Q9iz62R150VzwNP
MmIaCzLiximfLbL0hcKolnGcmNRPSSrq97jB4swhMlkoci6MGVFb70krYLALc+mE
q9OpBwXmFFChnXG3rMY0r09gzYXEN2l1Eplirb0neYgqq1DwzYq/UhXeqPsSEGIX
hPSCKZW/YaU3TIAj9L5JVbyIl9ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQIkGb5
iM3bakOWLxebOZqSNkB4YTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQA6+Jg87qqK4RQQp68yCjVcyTAI8shCF4d73LPAIkcv
MkmTmDQa7069KAUJu56JwWZenpcYoJUWSccx9NTIlY4H559XeC5BYqVUDwxY9Z8d
dPPA4LU63VfCGTV8wlF+aoNZyY2Z6aFU3cV0/ihv7vk90+eHiNR/sEHueaUbzHnB
acy4lM45es6eYAfHuWbP3W7U2fEEAH8iq9d9i81ovz/pIPejbWpNReyoPXoygYIT
8OxF5XcQiVUgrl+V/o3LMQGYAQVKPDfudzrNaIB47K30BPxTg699ji1DaRUnKAz0
2Xj9hY+DGOcZg/vODgflP0iLH4pyCzSvrBqVGKG8JjP4
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:45 2025 by rpki-client