Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
File: 383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa (raw, json)
Hash identifier: Z20Pl8fLQBhKyY7YaQ1+QUr8bPxbCZlkxCGl1ul0EpA=
Subject key identifier: 7A:2D:F9:21:1E:AF:11:DF:5A:0A:68:B7:65:92:96:49:DE:97:91:F6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05DA1C334BEA38098D8E92D7FEA6C5180AA2A77B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
Signing time: Fri 25 Apr 2025 20:31:26 +0000
ROA not before: Fri 25 Apr 2025 20:31:26 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.224.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:da:1c:33:4b:ea:38:09:8d:8e:92:d7:fe:a6:c5:18:0a:a2:a7:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:26 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=8bf04ffd7a80f4e90a07841f40fe0afef75b34d4bbeccbad56bddcf6901bc1ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2d:72:f6:76:e7:c9:51:56:53:52:2a:8f:40:
f2:59:03:45:b2:fb:4c:9f:63:08:75:8f:39:27:38:
26:6a:cf:68:6f:e4:56:ce:cf:6c:21:e7:22:8c:b3:
65:ca:2b:c2:cc:ae:97:92:33:f3:20:cc:95:8a:f1:
8d:27:21:b6:86:1d:c4:54:96:f9:05:dd:d1:2a:c0:
d6:14:0c:45:cf:ad:e0:ce:4f:b2:98:4a:c0:0c:ad:
75:bf:08:aa:6c:d4:28:e0:0b:35:a9:43:6e:c5:e1:
60:32:a6:bf:4f:23:a4:9a:95:a5:ab:e0:4e:7a:89:
c7:84:40:ea:04:34:f2:9a:82:60:94:7f:10:1f:26:
a5:2e:2b:df:3d:a8:21:6c:d9:71:3e:09:53:86:89:
ea:01:0d:4a:fc:b5:c3:cb:01:90:44:3f:2d:64:ff:
e4:0f:e0:dc:be:f2:13:87:22:64:73:bf:e2:6f:61:
77:e6:dd:4b:00:41:43:15:c6:47:93:55:03:b2:c3:
7b:3c:61:0b:9f:9e:40:90:93:80:d7:13:04:79:3a:
a5:03:a2:c8:38:fa:c5:b2:0e:fa:e8:fe:64:59:4b:
ce:70:a9:c5:61:3c:b1:c7:87:cc:82:72:5b:f6:f1:
1d:6e:7c:15:3a:a6:2e:0c:5b:4d:96:15:38:d6:8a:
8b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:2D:F9:21:1E:AF:11:DF:5A:0A:68:B7:65:92:96:49:DE:97:91:F6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/383c1f6d-4e0e-4e33-a2ce-f49386dcc1f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.224.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:f7:02:8a:8e:19:52:e7:1f:89:6b:e9:85:19:ed:65:f6:98:
d6:ac:55:08:c6:27:cd:84:f7:78:f0:7a:23:4c:d8:91:7d:eb:
21:f3:1c:3a:a2:cd:84:6f:28:22:16:85:6b:0c:27:38:10:66:
68:99:d5:24:0f:03:72:fe:ee:dd:bd:a9:c4:6a:48:e3:94:f9:
45:d9:d2:5e:97:4a:52:e9:44:c5:19:7c:f4:b4:54:8b:34:de:
17:c4:36:5c:ff:54:77:63:50:02:ec:ed:bc:01:24:2c:0a:4e:
04:10:4f:30:05:8e:d6:5d:e2:52:60:e0:9c:32:82:a4:6b:dc:
23:eb:9b:5a:11:61:a7:76:4a:26:d3:b1:54:d2:13:f1:90:60:
8b:3f:7b:4a:eb:05:c2:1f:35:5f:db:22:67:31:b9:95:c3:a4:
d1:96:28:48:eb:22:c2:da:dd:a5:62:3f:d3:7a:fa:70:e2:97:
a6:09:87:6d:7b:c0:97:57:c2:01:5e:76:8d:59:69:ae:bd:7b:
78:c6:8a:0c:49:5b:50:c9:be:c6:73:1c:84:74:30:fc:00:a5:
98:73:ac:29:b5:d1:37:6d:7f:c0:0e:70:b1:19:04:c1:32:a2:
a0:0b:0a:28:d4:82:66:bb:db:0d:50:25:d3:5b:30:6f:2a:ad:
38:93:a4:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBdocM0vqOAmNjpLX/qbFGAqip3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDhiZjA0ZmZkN2E4MGY0ZTkwYTA3ODQxZjQwZmUwYWZlZjc1YjM0ZDRiYmVj
Y2JhZDU2YmRkY2Y2OTAxYmMxZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJQtcvZ258lRVlNSKo9A8lkDRbL7TJ9jCHWPOSc4JmrPaG/kVs7PbCHnIoyz
Zcorwsyul5Iz8yDMlYrxjSchtoYdxFSW+QXd0SrA1hQMRc+t4M5PsphKwAytdb8I
qmzUKOALNalDbsXhYDKmv08jpJqVpavgTnqJx4RA6gQ08pqCYJR/EB8mpS4r3z2o
IWzZcT4JU4aJ6gENSvy1w8sBkEQ/LWT/5A/g3L7yE4ciZHO/4m9hd+bdSwBBQxXG
R5NVA7LDezxhC5+eQJCTgNcTBHk6pQOiyDj6xbIO+uj+ZFlLznCpxWE8sceHzIJy
W/bxHW58FTqmLgxbTZYVONaKi6MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR6Lfkh
Hq8R31oKaLdlkpZJ3peR9jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzgzYzFmNmQtNGUwZS00ZTMzLWEyY2UtZjQ5Mzg2ZGNjMWYxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjgMA0G
CSqGSIb3DQEBCwUAA4IBAQDM9wKKjhlS5x+Ja+mFGe1l9pjWrFUIxifNhPd48Hoj
TNiRfesh8xw6os2EbygiFoVrDCc4EGZomdUkDwNy/u7dvanEakjjlPlF2dJel0pS
6UTFGXz0tFSLNN4XxDZc/1R3Y1AC7O28ASQsCk4EEE8wBY7WXeJSYOCcMoKka9wj
65taEWGndkom07FU0hPxkGCLP3tK6wXCHzVf2yJnMbmVw6TRlihI6yLC2t2lYj/T
evpw4pemCYdte8CXV8IBXnaNWWmuvXt4xooMSVtQyb7GcxyEdDD8AKWYc6wptdE3
bX/ADnCxGQTBMqKgCwoo1IJmu9sNUCXTWzBvKq04k6RR
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:42:26 2025 by rpki-client