Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
File: dc5d2309-ce0f-4816-b8d0-260ce079f694.roa (raw, json)
Hash identifier: 654ZaX1uVYcEYMJQCzL32M0hJHBdeofZ+s3eu+YCdCo=
Subject key identifier: F9:52:D2:F4:4D:F0:8C:E1:BD:63:BA:05:7E:DA:F1:5C:4B:98:67:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 699A380BC0A589136AC514A9CF76ECA994B17B7A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
Signing time: Fri 11 Jul 2025 20:50:08 +0000
ROA not before: Fri 11 Jul 2025 20:50:08 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.255.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:9a:38:0b:c0:a5:89:13:6a:c5:14:a9:cf:76:ec:a9:94:b1:7b:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:08 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=33c324770e9c0248fbe95ada49808333125dc509f2daafbf1a783c2f295ec97d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a5:13:3d:4f:a5:2a:8c:47:3f:07:cd:b8:3c:
16:2c:21:46:57:0f:18:9a:9e:f7:0b:3c:77:be:be:
19:a3:d2:d7:56:a1:6e:79:bf:a8:f5:a8:49:2c:e6:
7b:c5:d0:4a:c9:d8:24:2f:94:49:3e:5f:d1:b7:f8:
75:82:d6:34:5d:bc:00:4f:a1:bc:fa:53:73:fe:16:
87:af:e6:31:dd:49:a7:02:5f:f5:97:93:7c:2e:df:
62:16:67:df:26:2f:34:03:23:0d:86:1d:9b:5f:b3:
f6:4c:64:06:bf:1c:70:f6:2c:ce:84:3b:c7:7a:db:
b9:f0:90:5b:86:7e:56:da:b7:ce:ab:31:00:ed:36:
3d:10:a9:16:8e:a7:0f:48:b7:1e:0e:66:e3:a9:2a:
0a:27:7c:5c:d9:9b:86:e4:87:3b:9c:4a:f3:98:10:
2f:ab:e2:5f:7a:67:2e:94:2b:68:5d:c1:6a:fe:d4:
d9:4a:03:8d:a9:81:ff:c9:23:db:e9:e5:52:c4:2b:
00:8d:76:7a:26:7a:f2:e1:00:5d:53:3a:11:5c:7c:
26:b9:db:72:cf:5f:7a:c1:8e:9f:23:15:c8:46:f6:
2a:0c:ee:e4:c0:57:64:6f:d4:cd:df:dd:55:cf:a4:
57:fb:2a:8f:c0:c6:2c:72:3c:c4:b7:4f:74:9e:b3:
9d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:52:D2:F4:4D:F0:8C:E1:BD:63:BA:05:7E:DA:F1:5C:4B:98:67:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc5d2309-ce0f-4816-b8d0-260ce079f694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.255.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b7:26:46:ec:5e:24:a7:0f:57:e7:3c:1e:48:b0:3a:97:8b:69:
42:0e:5c:2f:de:fb:39:87:55:0b:5b:c6:25:a8:8c:54:32:4e:
46:4c:29:05:80:9b:34:b3:e5:3b:03:3d:06:ef:13:5b:65:a1:
a4:45:0a:46:d5:45:ad:ec:1d:f7:88:15:47:c4:bd:72:c0:60:
46:d9:78:60:be:32:ce:38:bd:92:19:e3:8f:ae:38:b2:47:c1:
86:f5:7e:59:e7:b2:c2:6a:34:08:49:30:96:93:d0:75:11:d8:
b0:02:19:de:d8:f6:b7:6b:6b:4e:c1:01:1a:73:3a:f2:cc:c5:
ab:af:56:76:1a:62:e5:cd:ab:e3:bc:98:09:20:bb:f4:a7:ca:
bd:66:b6:a2:af:28:29:62:b3:f7:14:6b:20:6c:33:ea:85:27:
d6:5d:b8:a9:2a:93:68:b4:91:d0:56:8d:be:47:58:93:75:c7:
89:a3:d8:1d:58:21:f1:11:9b:fc:1a:c3:52:04:e6:22:4b:93:
b7:e8:2a:81:22:cf:ad:98:0c:8c:43:2f:d8:31:09:d6:74:1a:
60:3f:ac:05:ff:64:71:5d:11:5e:5e:9a:d5:a7:07:45:67:97:
18:1e:43:cf:ba:17:3a:4d:05:9e:0c:fa:30:27:69:a5:9b:fb:
2f:b8:97:e0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaZo4C8CliRNqxRSpz3bsqZSxe3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMDhaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzYzMyNDc3MGU5YzAyNDhmYmU5NWFkYTQ5ODA4MzMzMTI1ZGM1MDlmMmRh
YWZiZjFhNzgzYzJmMjk1ZWM5N2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMalEz1PpSqMRz8Hzbg8FiwhRlcPGJqe9ws8d76+GaPS11ahbnm/qPWoSSzm
e8XQSsnYJC+UST5f0bf4dYLWNF28AE+hvPpTc/4Wh6/mMd1JpwJf9ZeTfC7fYhZn
3yYvNAMjDYYdm1+z9kxkBr8ccPYszoQ7x3rbufCQW4Z+Vtq3zqsxAO02PRCpFo6n
D0i3Hg5m46kqCid8XNmbhuSHO5xK85gQL6viX3pnLpQraF3Bav7U2UoDjamB/8kj
2+nlUsQrAI12eiZ68uEAXVM6EVx8Jrnbcs9fesGOnyMVyEb2Kgzu5MBXZG/Uzd/d
Vc+kV/sqj8DGLHI8xLdPdJ6znW0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT5UtL0
TfCM4b1jugV+2vFcS5hnQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM1ZDIzMDktY2UwZi00ODE2LWI4ZDAtMjYwY2UwNzlmNjk0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANT/MA0G
CSqGSIb3DQEBCwUAA4IBAQC3JkbsXiSnD1fnPB5IsDqXi2lCDlwv3vs5h1ULW8Yl
qIxUMk5GTCkFgJs0s+U7Az0G7xNbZaGkRQpG1UWt7B33iBVHxL1ywGBG2XhgvjLO
OL2SGeOPrjiyR8GG9X5Z57LCajQISTCWk9B1EdiwAhne2Pa3a2tOwQEaczryzMWr
r1Z2GmLlzavjvJgJILv0p8q9ZrairygpYrP3FGsgbDPqhSfWXbipKpNotJHQVo2+
R1iTdceJo9gdWCHxEZv8GsNSBOYiS5O36CqBIs+tmAyMQy/YMQnWdBpgP6wF/2Rx
XRFeXprVpwdFZ5cYHkPPuhc6TQWeDPowJ2mlm/svuJfg
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:16:08 2025 by rpki-client