Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: Go0nrK1vv0QMC/fPgoTn9UDSFuNvnHONVhJTRA01aF0=
Subject key identifier: C8:52:79:49:57:DB:0A:D1:8A:39:60:BD:12:6C:7B:6F:87:10:B3:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0909BC86E98EC66EB3DE0B68CC08A650DF60E171
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Tue 20 May 2025 20:41:24 +0000
ROA not before: Tue 20 May 2025 20:41:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:09:bc:86:e9:8e:c6:6e:b3:de:0b:68:cc:08:a6:50:df:60:e1:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 20 20:41:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=0da78504aa54210271eb33350436fcb2e48816199a3c510f617daabc74866e6f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:00:db:c7:5f:a2:0a:40:bd:5e:d7:6d:46:23:
b3:a8:29:0d:87:2d:c8:a0:6a:33:4c:d2:5e:dd:e8:
72:48:f7:7c:f5:43:df:a7:61:66:96:50:e1:aa:b1:
94:c2:6e:22:e9:8b:32:2f:a1:d3:f8:77:fe:94:0a:
36:53:77:23:98:44:1b:de:5a:83:be:e5:70:af:cb:
e1:c4:4e:e9:49:4c:5f:cc:89:87:60:a1:6a:3c:f6:
c4:e6:db:9a:3c:7c:39:08:de:ab:a8:b2:7d:c4:9c:
3f:63:55:b4:85:61:93:1f:5b:df:22:e7:d1:c7:37:
f1:29:e5:c3:71:e9:17:cb:58:de:d7:50:c3:e2:40:
b9:64:d2:6e:f4:28:3a:3d:5d:04:31:ca:be:a1:d6:
93:88:20:2e:d2:ab:06:fe:12:35:3a:44:26:6a:fe:
a8:a8:8c:98:cc:04:af:01:31:e3:3d:90:39:26:e3:
a1:96:6d:b7:db:e7:17:91:55:51:39:06:0f:0d:3d:
f0:d1:91:1a:7d:ac:27:69:c6:a8:41:a5:8f:df:e6:
20:95:8d:fb:ce:9e:a7:af:fd:89:48:7e:82:2b:9e:
38:9c:19:50:68:f2:cc:48:77:56:80:94:b1:84:b3:
bb:71:f3:c5:a5:a2:58:fe:a1:5d:2d:97:ce:0f:b7:
bb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:52:79:49:57:DB:0A:D1:8A:39:60:BD:12:6C:7B:6F:87:10:B3:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:4c:0e:37:24:e3:cd:43:91:07:81:31:a1:1c:9e:d5:ae:7f:
23:14:34:5a:d4:c1:db:66:7a:7c:d0:2e:e0:64:b7:44:a7:90:
c4:c9:91:90:65:4b:c1:95:03:16:42:c0:79:85:69:fa:ee:32:
6a:53:2b:c3:43:e4:8a:bd:a1:32:2b:8b:a5:6d:9c:d3:9d:2b:
85:2e:9d:9c:ec:fc:c7:7d:86:e6:d3:c6:b6:3d:08:dd:fb:a8:
74:35:87:4d:ec:d7:49:da:11:6c:31:ca:83:71:af:0d:93:56:
9f:1e:bb:ee:be:75:7e:18:ed:a2:8e:7a:38:ea:8a:8a:22:55:
0a:b6:87:c2:3e:f5:a6:af:e1:e3:96:c6:f5:57:d1:36:df:dd:
77:8e:1b:b6:b1:c6:1d:1b:ba:d7:9d:54:b4:1b:a3:0a:16:f0:
1c:ad:6c:5f:ef:98:be:82:06:b3:a1:f1:73:ae:c9:12:e1:7f:
79:19:9d:fb:4a:b2:c1:c4:a3:82:67:12:d5:57:a6:67:d5:44:
72:02:47:1d:6f:3a:9d:89:9e:e5:6b:e3:85:95:48:30:e5:4d:
06:08:a0:7b:98:fe:5a:0b:4f:7a:48:d2:d7:b4:e7:7d:24:da:
cf:1f:a0:48:8a:79:b5:31:b3:57:d0:9d:96:d5:3d:1d:b6:df:
7b:c9:18:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCQm8humOxm6z3gtozAimUN9g4XEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA1MjAyMDQxMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkYTc4NTA0YWE1NDIxMDI3MWViMzMzNTA0MzZmY2IyZTQ4ODE2MTk5YTNj
NTEwZjYxN2RhYWJjNzQ4NjZlNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkA28dfogpAvV7XbUYjs6gpDYctyKBqM0zSXt3ockj3fPVD36dhZpZQ4aqx
lMJuIumLMi+h0/h3/pQKNlN3I5hEG95ag77lcK/L4cRO6UlMX8yJh2Chajz2xObb
mjx8OQjeq6iyfcScP2NVtIVhkx9b3yLn0cc38Snlw3HpF8tY3tdQw+JAuWTSbvQo
Oj1dBDHKvqHWk4ggLtKrBv4SNTpEJmr+qKiMmMwErwEx4z2QOSbjoZZtt9vnF5FV
UTkGDw098NGRGn2sJ2nGqEGlj9/mIJWN+86ep6/9iUh+giueOJwZUGjyzEh3VoCU
sYSzu3HzxaWiWP6hXS2Xzg+3u+sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTIUnlJ
V9sK0Yo5YL0SbHtvhxCzSzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQA2TA43JOPNQ5EHgTGhHJ7Vrn8jFDRa1MHbZnp80C7g
ZLdEp5DEyZGQZUvBlQMWQsB5hWn67jJqUyvDQ+SKvaEyK4ulbZzTnSuFLp2c7PzH
fYbm08a2PQjd+6h0NYdN7NdJ2hFsMcqDca8Nk1afHrvuvnV+GO2ijno46oqKIlUK
tofCPvWmr+Hjlsb1V9E23913jhu2scYdG7rXnVS0G6MKFvAcrWxf75i+ggazofFz
rskS4X95GZ37SrLBxKOCZxLVV6Zn1URyAkcdbzqdiZ7la+OFlUgw5U0GCKB7mP5a
C096SNLXtOd9JNrPH6BIinm1MbNX0J2W1T0dtt97yRiC
-----END CERTIFICATE-----
Generated at Sat Jun 14 05:42:21 2025 by rpki-client