Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: 0gz/UhS0kiWdiUHs6kDMqJFIFRZkOEAY+U75865rpQk=
Subject key identifier: DB:D9:DE:F1:A1:F3:DD:5B:3E:39:AD:9B:FA:37:CD:E7:21:DF:BF:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 590C72540149BC2ABCEA48D7DD91267D1C6BCF8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Fri 25 Apr 2025 20:31:27 +0000
ROA not before: Fri 25 Apr 2025 20:31:27 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:0c:72:54:01:49:bc:2a:bc:ea:48:d7:dd:91:26:7d:1c:6b:cf:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:27 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=a16fd822b1de52bcb9faee65af2ed08ae055d299a3050c69c947da45c421ff4a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:60:66:bf:d5:a6:1d:ca:29:9e:d7:5c:69:6c:
04:d5:7f:bb:36:81:f3:e1:18:88:e6:a5:7c:7e:e7:
a9:41:44:8a:63:9b:86:1e:ee:1b:73:03:01:3f:38:
94:7c:d0:8b:4e:4a:a8:54:f2:e1:9a:fe:52:00:17:
4d:66:21:a0:20:bc:5f:31:29:60:7f:6b:2f:d3:3a:
a5:d7:ca:ca:3e:d8:0e:02:97:6c:34:d5:5f:76:7e:
40:c7:9d:c8:51:31:18:20:fa:cc:43:67:b8:2a:93:
b2:04:b9:83:87:84:4a:ad:26:c1:28:84:d5:5e:62:
f4:a3:21:0f:ef:32:1c:1c:33:55:9d:1f:65:e1:c3:
43:b6:ae:32:83:52:6e:2a:cf:40:f3:6c:16:c4:53:
fc:3a:e5:ed:94:3e:68:3e:31:40:26:54:47:8f:0b:
10:8f:e8:b9:65:f7:f5:23:0f:fb:27:f1:4b:36:e0:
ac:38:a1:b5:e7:89:6b:09:85:1b:cf:49:fa:5b:2c:
02:de:7e:16:3d:d0:a3:1e:aa:83:71:86:7b:f5:dd:
d2:a5:9b:43:e4:ff:cb:d6:e2:1d:6e:6a:57:3e:d6:
36:c0:b6:98:3e:36:6e:e3:11:78:46:b1:e8:73:7c:
3a:f8:7a:64:5d:a9:ba:53:39:e7:8b:1f:1e:c6:26:
8f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D9:DE:F1:A1:F3:DD:5B:3E:39:AD:9B:FA:37:CD:E7:21:DF:BF:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:6b:3b:6c:dd:4c:e8:e3:bc:d0:fc:48:03:46:0a:44:64:b6:
e0:49:1e:4a:a7:a4:d9:1e:39:55:75:17:e7:e5:b4:f4:4f:d7:
8b:1c:2f:5f:4c:cd:3c:9f:1b:65:2e:e2:a8:97:40:18:91:47:
d8:9a:31:97:e0:ca:b6:15:a3:ff:84:0a:74:94:a4:2c:de:e8:
ab:b0:6b:37:1c:54:70:13:27:ce:9a:41:78:b1:d4:5c:72:05:
6c:2c:43:1a:9d:40:70:99:89:69:43:f2:98:09:c8:85:55:d3:
81:3d:b0:1d:cf:00:83:2f:db:24:70:b6:a5:1a:c7:98:c6:db:
06:c9:88:eb:18:21:54:d1:ef:cd:76:a6:78:23:89:a4:8b:07:
f2:fb:8c:d7:27:af:76:48:0e:21:6b:f2:16:ff:91:92:74:59:
6b:d9:11:1b:a5:d7:6e:9f:96:17:21:bb:ed:df:39:d0:ba:ec:
94:90:03:22:49:57:54:30:f3:95:39:89:b9:fa:28:5d:2e:8c:
cf:32:8b:ae:9a:28:06:94:f3:e4:cf:bd:dd:9a:d0:39:b8:f5:
1e:82:f4:a0:34:85:c5:9f:80:1f:39:5d:6b:d8:77:80:b7:a6:
2e:a7:a6:2e:0c:75:99:57:39:22:df:a7:03:7f:8a:21:77:83:
e8:2c:6f:4b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWQxyVAFJvCq86kjX3ZEmfRxrz44wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjdaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGExNmZkODIyYjFkZTUyYmNiOWZhZWU2NWFmMmVkMDhhZTA1NWQyOTlhMzA1
MGM2OWM5NDdkYTQ1YzQyMWZmNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOhgZr/Vph3KKZ7XXGlsBNV/uzaB8+EYiOalfH7nqUFEimObhh7uG3MDAT84
lHzQi05KqFTy4Zr+UgAXTWYhoCC8XzEpYH9rL9M6pdfKyj7YDgKXbDTVX3Z+QMed
yFExGCD6zENnuCqTsgS5g4eESq0mwSiE1V5i9KMhD+8yHBwzVZ0fZeHDQ7auMoNS
birPQPNsFsRT/Drl7ZQ+aD4xQCZUR48LEI/ouWX39SMP+yfxSzbgrDihteeJawmF
G89J+lssAt5+Fj3Qox6qg3GGe/Xd0qWbQ+T/y9biHW5qVz7WNsC2mD42buMReEax
6HN8Ovh6ZF2pulM554sfHsYmj4MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTb2d7x
ofPdWz45rZv6N83nId+/LDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQB9azts3Uzo47zQ/EgDRgpEZLbgSR5Kp6TZHjlVdRfn
5bT0T9eLHC9fTM08nxtlLuKol0AYkUfYmjGX4Mq2FaP/hAp0lKQs3uirsGs3HFRw
EyfOmkF4sdRccgVsLEManUBwmYlpQ/KYCciFVdOBPbAdzwCDL9skcLalGseYxtsG
yYjrGCFU0e/NdqZ4I4mkiwfy+4zXJ692SA4ha/IW/5GSdFlr2REbpddun5YXIbvt
3znQuuyUkAMiSVdUMPOVOYm5+ihdLozPMouumigGlPPkz73dmtA5uPUegvSgNIXF
n4AfOV1r2HeAt6Yup6YuDHWZVzki36cDf4ohd4PoLG9L
-----END CERTIFICATE-----
Generated at Sun Apr 27 03:00:05 2025 by rpki-client