Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: ESy20QuELroYs4t6R0Vtb4eVioPzUhP8ly+dXO6KVhw=
Subject key identifier: 26:13:B7:FA:EA:B8:FF:2C:DB:78:6D:46:83:86:34:EA:A8:72:9F:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 436C1291FB7FF335B32B176F16C951E0DAABD7E9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Tue 20 May 2025 20:41:22 +0000
ROA not before: Tue 20 May 2025 20:41:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:6c:12:91:fb:7f:f3:35:b3:2b:17:6f:16:c9:51:e0:da:ab:d7:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=b19d484bd06183bf386fb4408934b2d49df5d22b96da4fa5edabfec763dd2758, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:80:f4:52:4b:6a:df:d4:04:7a:0a:8f:84:1f:
2f:76:e4:25:04:50:8b:4e:aa:ca:32:f9:df:83:20:
04:5b:55:87:a8:ef:bc:ad:b7:d5:e3:96:ae:8e:f1:
b3:87:44:ba:46:4d:3a:b3:05:02:0a:7f:07:78:01:
52:ec:bd:31:48:73:07:16:a7:13:03:8f:5e:61:82:
7e:75:61:0b:c9:e3:0f:02:29:f5:12:c3:75:bb:32:
2c:67:20:87:a9:65:af:00:e1:63:07:10:d3:e0:87:
0c:38:bf:11:fa:63:61:6a:f5:9b:44:c5:2f:9f:6e:
f7:39:6e:5b:b9:4a:80:76:a7:76:05:b9:34:de:c4:
40:d8:2d:ef:4c:78:42:66:86:1a:19:be:bf:6d:28:
6d:e1:7f:99:24:5e:9d:51:7d:71:f6:8a:05:da:ff:
f4:c4:f4:d7:85:0b:36:7c:46:b2:60:9a:51:b2:bd:
d3:e4:0c:31:19:8f:1c:02:45:0c:d1:c1:d9:a8:d4:
ef:0a:85:28:20:f3:1e:c8:99:0c:01:e0:bb:4a:46:
59:2f:c0:b9:42:79:6c:da:8a:1c:20:77:3d:96:35:
8e:46:55:da:16:1a:2e:ac:49:2a:54:22:02:67:f3:
36:f0:f2:51:e3:c7:4e:de:9b:49:5f:7d:53:21:20:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:13:B7:FA:EA:B8:FF:2C:DB:78:6D:46:83:86:34:EA:A8:72:9F:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:bb:17:45:e8:fb:88:2d:ad:00:b6:c7:85:84:c7:73:32:9f:
3e:c1:96:d2:c9:2a:d7:94:02:ff:97:93:81:1e:16:9f:7b:46:
7b:53:36:33:3f:17:3b:16:98:f2:bb:c3:49:27:69:ab:a5:68:
a7:cc:d9:bc:92:6a:23:a2:51:ec:15:62:8d:fc:80:af:05:7f:
43:a5:e7:c1:da:5e:0c:90:85:17:9b:59:fa:bf:e8:dd:5b:9f:
9c:13:18:51:24:01:cc:86:a9:7a:d8:eb:e4:aa:e2:9d:a3:ce:
9a:7a:30:c1:f6:05:b2:c3:41:64:78:8b:7d:de:bc:42:a2:92:
33:40:e0:62:c8:ba:6f:bb:04:06:8d:a0:16:83:af:b7:03:e5:
e4:88:1e:96:f9:80:a4:95:79:36:64:86:b1:20:14:d3:15:ea:
8d:a7:6b:c2:96:55:16:ec:2f:97:fc:92:04:1a:f8:3d:2c:db:
84:7a:19:0e:e5:b4:3f:36:63:80:94:7b:f8:33:be:1f:50:1c:
db:e3:32:82:89:55:b8:b5:3a:1d:c8:f7:d7:c7:fb:0e:74:2d:
9b:fd:b1:8e:24:59:5e:8c:5f:2a:dd:48:2b:2b:96:51:12:9f:
cc:83:39:8c:39:d5:06:93:59:82:b9:db:fc:35:38:fc:ba:5e:
c2:77:62:46
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ2wSkft/8zWzKxdvFslR4Nqr1+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxOWQ0ODRiZDA2MTgzYmYzODZmYjQ0MDg5MzRiMmQ0OWRmNWQyMmI5NmRh
NGZhNWVkYWJmZWM3NjNkZDI3NTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMyA9FJLat/UBHoKj4QfL3bkJQRQi06qyjL534MgBFtVh6jvvK231eOWro7x
s4dEukZNOrMFAgp/B3gBUuy9MUhzBxanEwOPXmGCfnVhC8njDwIp9RLDdbsyLGcg
h6llrwDhYwcQ0+CHDDi/EfpjYWr1m0TFL59u9zluW7lKgHandgW5NN7EQNgt70x4
QmaGGhm+v20obeF/mSRenVF9cfaKBdr/9MT014ULNnxGsmCaUbK90+QMMRmPHAJF
DNHB2ajU7wqFKCDzHsiZDAHgu0pGWS/AuUJ5bNqKHCB3PZY1jkZV2hYaLqxJKlQi
AmfzNvDyUePHTt6bSV99UyEgtoMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQmE7f6
6rj/LNt4bUaDhjTqqHKfMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQCxuxdF6PuILa0AtseFhMdzMp8+wZbSySrXlAL/l5OB
Hhafe0Z7UzYzPxc7Fpjyu8NJJ2mrpWinzNm8kmojolHsFWKN/ICvBX9DpefB2l4M
kIUXm1n6v+jdW5+cExhRJAHMhql62OvkquKdo86aejDB9gWyw0FkeIt93rxCopIz
QOBiyLpvuwQGjaAWg6+3A+XkiB6W+YCklXk2ZIaxIBTTFeqNp2vCllUW7C+X/JIE
Gvg9LNuEehkO5bQ/NmOAlHv4M74fUBzb4zKCiVW4tTodyPfXx/sOdC2b/bGOJFle
jF8q3UgrK5ZREp/MgzmMOdUGk1mCudv8NTj8ul7Cd2JG
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:19:19 2025 by rpki-client