Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: ircAFSda6O/OjoFis/nn7es4ULNktIomuHOySm63Bwg=
Subject key identifier: 60:47:4F:8E:EA:F1:0D:25:E5:C5:F5:63:0F:5C:24:28:E6:AD:92:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3409435704F6CB65EE6161D8130CFB23B272ED37
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Fri 11 Jul 2025 20:50:07 +0000
ROA not before: Fri 11 Jul 2025 20:50:07 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:09:43:57:04:f6:cb:65:ee:61:61:d8:13:0c:fb:23:b2:72:ed:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:07 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=30b6b9e595d2bc6dc8f07be5568386f6e62ff60389482682f993121e084f54fa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:21:5b:f9:09:70:bc:f4:42:66:1f:03:54:d5:
d8:75:a2:87:b3:7a:a6:9a:4e:9c:5e:02:e8:a1:6e:
4a:7c:fc:b5:99:56:05:7a:06:5c:77:4c:8c:f7:71:
f4:88:ad:1b:4d:6d:cc:59:cc:de:ac:36:d1:cb:f7:
8c:6b:82:a4:57:e5:8a:27:08:ec:dc:69:e3:c5:fc:
6b:dc:5b:41:c5:44:07:71:65:63:ab:c5:0e:4a:3f:
d3:9c:26:bc:28:0e:c6:94:c7:70:ea:5a:e0:f7:d9:
35:1e:de:30:89:01:d3:c3:4d:5d:1d:c0:c8:7d:ba:
84:4a:80:00:0a:7f:06:57:81:41:d8:4b:24:95:16:
76:74:00:a2:0b:b1:8a:64:49:08:94:eb:e8:b4:5c:
64:9a:8f:31:2a:19:f2:ab:b1:fe:ea:74:30:57:6f:
76:68:07:20:53:55:d2:84:a4:f9:42:27:7a:04:bd:
e5:4b:9c:f6:90:a5:e3:ba:95:20:b1:b4:78:dd:f3:
dd:02:7d:99:0a:74:d1:42:97:07:ad:16:11:54:f6:
9c:52:cf:c7:ba:0b:9d:1f:b0:37:9e:33:c5:71:7b:
0f:3b:be:8b:a0:d8:0e:7f:1c:c6:85:fe:40:32:11:
d2:a7:d7:20:fa:58:30:88:2b:0f:4c:40:ad:54:59:
8f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:47:4F:8E:EA:F1:0D:25:E5:C5:F5:63:0F:5C:24:28:E6:AD:92:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:c2:cc:34:13:56:8d:ce:0b:3b:d8:b7:bd:35:66:40:39:14:
1c:48:63:6b:e8:de:c7:02:ee:0f:d2:6a:d7:95:2f:a2:56:9b:
99:38:e2:46:73:8a:75:ad:72:89:76:6c:6b:88:4a:a4:05:64:
b7:a9:cf:8a:c9:b9:c5:a8:a6:b3:d6:2c:72:76:81:96:8a:a6:
a6:74:58:7a:ca:ed:ae:1e:26:58:ce:20:c0:e6:b9:4c:ae:0b:
4d:92:ce:eb:1d:09:97:4a:9e:ba:bf:d5:b8:c7:8c:bd:11:4f:
a5:4a:2a:42:dd:16:06:af:a9:1a:01:f0:88:37:95:d6:b6:b7:
c4:e2:b6:8e:c0:ee:fe:fb:34:b9:c6:aa:0d:07:0d:06:24:43:
4c:32:f8:00:2c:1b:8e:44:71:a4:6d:df:fe:dd:31:3c:f2:11:
f9:0c:35:9c:bc:27:30:cd:de:4e:5d:31:46:fe:ca:bd:43:13:
58:bb:74:12:74:84:bf:ee:c4:34:9d:53:94:f5:44:b2:c0:b2:
14:06:16:d0:43:f6:76:4e:93:4d:e7:e1:40:fe:51:7a:5a:ae:
34:ec:19:d1:25:cc:0f:c8:e0:37:43:34:ef:cf:fe:57:93:88:
2c:05:7f:de:85:1d:0d:45:a2:7a:2e:d2:d9:1d:ba:d3:67:5b:
58:db:1c:31
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNAlDVwT2y2XuYWHYEwz7I7Jy7TcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwYjZiOWU1OTVkMmJjNmRjOGYwN2JlNTU2ODM4NmY2ZTYyZmY2MDM4OTQ4
MjY4MmY5OTMxMjFlMDg0ZjU0ZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK0hW/kJcLz0QmYfA1TV2HWih7N6pppOnF4C6KFuSnz8tZlWBXoGXHdMjPdx
9IitG01tzFnM3qw20cv3jGuCpFfliicI7Nxp48X8a9xbQcVEB3FlY6vFDko/05wm
vCgOxpTHcOpa4PfZNR7eMIkB08NNXR3AyH26hEqAAAp/BleBQdhLJJUWdnQAogux
imRJCJTr6LRcZJqPMSoZ8qux/up0MFdvdmgHIFNV0oSk+UInegS95Uuc9pCl47qV
ILG0eN3z3QJ9mQp00UKXB60WEVT2nFLPx7oLnR+wN54zxXF7Dzu+i6DYDn8cxoX+
QDIR0qfXIPpYMIgrD0xArVRZj0ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRgR0+O
6vENJeXF9WMPXCQo5q2SjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQCZwsw0E1aNzgs72Le9NWZAORQcSGNr6N7HAu4P0mrX
lS+iVpuZOOJGc4p1rXKJdmxriEqkBWS3qc+KybnFqKaz1ixydoGWiqamdFh6yu2u
HiZYziDA5rlMrgtNks7rHQmXSp66v9W4x4y9EU+lSipC3RYGr6kaAfCIN5XWtrfE
4raOwO7++zS5xqoNBw0GJENMMvgALBuORHGkbd/+3TE88hH5DDWcvCcwzd5OXTFG
/sq9QxNYu3QSdIS/7sQ0nVOU9USywLIUBhbQQ/Z2TpNN5+FA/lF6Wq407BnRJcwP
yOA3QzTvz/5Xk4gsBX/ehR0NRaJ6LtLZHbrTZ1tY2xwx
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:30:40 2025 by rpki-client