Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: u3gwrs4WBD7JetljHS2ntIEXmpSjT5ul/uDCfOO/DUs=
Subject key identifier: 78:93:FE:0F:80:28:22:90:A4:2F:81:9D:A2:A6:63:B2:9A:55:51:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5610DBB49AC4E1AEE5B0D5B0E6CB45A0A9EE5C75
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Tue 20 May 2025 20:41:22 +0000
ROA not before: Tue 20 May 2025 20:41:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:10:db:b4:9a:c4:e1:ae:e5:b0:d5:b0:e6:cb:45:a0:a9:ee:5c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=ddddba69d676083cc730c1c77a6f861911e3a3b3ab724d20df19663402ba7739, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:40:ee:ff:c4:88:5c:bd:c1:38:5b:24:3e:43:
54:61:c8:0e:40:c7:5c:1f:92:78:ce:eb:87:b6:49:
35:56:5e:1b:bb:f7:81:9e:6b:9f:2f:ee:17:7c:5a:
54:2f:05:47:46:1d:ab:ad:cd:e8:82:35:3c:3e:02:
3d:b1:94:e4:5c:8d:32:f6:ad:31:c5:4e:2e:89:61:
e8:ed:0b:1d:8d:d7:f8:4f:73:81:bb:e9:b9:87:84:
92:91:ca:77:be:fe:a7:ba:e1:5e:d9:ff:1a:8e:d8:
66:4c:f5:25:cb:f3:b8:08:52:af:ea:60:88:40:39:
a9:c2:1e:8e:4d:af:00:f8:68:2d:33:2a:b3:71:cd:
72:b7:e5:57:cb:ed:3b:7a:1a:4b:d3:98:07:00:25:
85:9b:48:41:57:8a:b7:15:a0:ff:5d:13:ce:56:1c:
ad:ba:a8:98:f7:31:db:db:b0:b9:ba:19:7f:ba:c2:
fb:65:38:f4:8d:7e:ea:5b:a0:9c:43:ef:f0:a4:15:
7b:62:90:6d:ce:41:08:06:75:37:9b:b5:9e:ff:9d:
b6:74:1e:48:13:b4:77:30:74:1e:71:69:c8:06:84:
fe:dc:bc:db:55:ed:24:6c:74:c8:9e:58:1d:40:ca:
c4:be:96:cb:ee:df:63:fd:10:61:5c:8b:89:2d:8c:
e3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:93:FE:0F:80:28:22:90:A4:2F:81:9D:A2:A6:63:B2:9A:55:51:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:96:2f:3d:c1:1f:19:50:ac:08:89:ea:ee:ab:f7:44:5f:c0:
e8:96:07:b0:98:92:bf:b7:eb:32:fe:2c:5f:fb:b1:8b:bc:ed:
d4:63:58:f8:64:8d:b9:e8:40:5f:63:25:5e:0a:d7:44:6a:82:
62:90:04:e2:20:f3:fc:0f:ad:e2:99:e7:cc:3c:c2:86:db:8c:
da:2b:53:99:ce:d5:8a:7e:93:94:01:43:76:81:dc:c3:28:d1:
08:f4:96:2e:72:2c:e5:a3:c2:64:d8:b8:c1:4c:70:cb:d3:d2:
e6:81:31:e9:e5:a9:72:d6:aa:db:13:57:9c:e3:53:a8:37:19:
d2:3c:16:a8:0d:93:88:fc:84:f4:7b:f5:2d:a1:7b:1c:c3:b6:
20:0a:8e:24:a1:e3:aa:a8:79:a5:38:b2:94:0b:cf:72:f7:59:
bb:8d:7c:9d:97:33:33:d6:d4:28:21:19:8b:41:54:06:85:43:
7d:10:b8:6f:c0:62:0c:eb:e6:b2:d2:e1:64:bd:59:0c:78:2d:
78:ec:11:77:56:06:98:7b:1e:d5:1a:54:1f:c8:82:3e:ad:52:
68:f7:73:a1:c8:db:56:44:f5:22:44:0e:24:ec:e9:fd:ae:b0:
44:48:e2:ab:05:1f:1b:0f:58:90:21:2d:ef:b5:79:35:15:5c:
26:9d:49:e3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVhDbtJrE4a7lsNWw5stFoKnuXHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjJaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZGRiYTY5ZDY3NjA4M2NjNzMwYzFjNzdhNmY4NjE5MTFlM2EzYjNhYjcy
NGQyMGRmMTk2NjM0MDJiYTc3MzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMFA7v/EiFy9wThbJD5DVGHIDkDHXB+SeM7rh7ZJNVZeG7v3gZ5rny/uF3xa
VC8FR0Ydq63N6II1PD4CPbGU5FyNMvatMcVOLolh6O0LHY3X+E9zgbvpuYeEkpHK
d77+p7rhXtn/Go7YZkz1JcvzuAhSr+pgiEA5qcIejk2vAPhoLTMqs3HNcrflV8vt
O3oaS9OYBwAlhZtIQVeKtxWg/10TzlYcrbqomPcx29uwuboZf7rC+2U49I1+6lug
nEPv8KQVe2KQbc5BCAZ1N5u1nv+dtnQeSBO0dzB0HnFpyAaE/ty821XtJGx0yJ5Y
HUDKxL6Wy+7fY/0QYVyLiS2M44ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR4k/4P
gCgikKQvgZ2ipmOymlVRgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQBhli89wR8ZUKwIieruq/dEX8DolgewmJK/t+sy/ixf
+7GLvO3UY1j4ZI256EBfYyVeCtdEaoJikATiIPP8D63imefMPMKG24zaK1OZztWK
fpOUAUN2gdzDKNEI9JYucizlo8Jk2LjBTHDL09LmgTHp5aly1qrbE1ec41OoNxnS
PBaoDZOI/IT0e/UtoXscw7YgCo4koeOqqHmlOLKUC89y91m7jXydlzMz1tQoIRmL
QVQGhUN9ELhvwGIM6+ay0uFkvVkMeC147BF3VgaYex7VGlQfyII+rVJo93OhyNtW
RPUiRA4k7On9rrBESOKrBR8bD1iQIS3vtXk1FVwmnUnj
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:01:01 2025 by rpki-client