Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
File: fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa (raw, json)
Hash identifier: VL3cQURWj5jzqU+e0fuFFrH128W6GyVUeza4E0l8dJA=
Subject key identifier: 9A:C3:3D:7E:A6:52:B4:62:E3:B4:BF:B3:A6:09:A3:45:7B:CA:10:57
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7946B2D52D9FA5EE1D73B71B4114728035E0ADBB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
Signing time: Fri 25 Apr 2025 20:31:26 +0000
ROA not before: Fri 25 Apr 2025 20:31:26 +0000
ROA not after: Fri 30 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.167.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:46:b2:d5:2d:9f:a5:ee:1d:73:b7:1b:41:14:72:80:35:e0:ad:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 25 20:31:26 2025 GMT
Not After : May 30 23:59:59 2025 GMT
Subject: serialNumber=08537482d63f233083f207ccf2496332af43ccc74fbad2ccd1d031af8bf5367e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:92:89:f7:99:81:21:9c:96:4b:6f:14:9a:4e:
b5:5b:20:58:8d:cf:f7:ca:8f:f4:7a:9c:b4:e9:14:
0a:0d:84:db:bb:54:58:47:34:06:54:b6:7d:5e:6c:
82:ba:72:df:fe:ea:30:90:7d:72:0d:c1:69:01:e6:
1c:f5:ce:e2:20:2c:ba:5e:ae:c5:ec:49:c9:73:e5:
e4:45:5e:6b:6a:96:6b:e2:f4:df:55:b6:82:36:d1:
6c:a1:5b:82:ae:50:26:fd:86:b6:95:ce:77:21:69:
7f:41:04:6d:19:09:89:80:b2:77:17:d2:e4:4b:dc:
99:ee:72:79:cc:51:e1:a4:46:7f:4c:54:fc:4d:be:
9c:22:da:47:13:4e:5e:2b:bc:9f:70:14:87:fb:c6:
96:06:87:fe:fa:67:27:b8:24:ea:f4:01:69:bb:f9:
1d:3c:2b:31:d1:2c:be:b6:35:6a:5a:20:df:39:9f:
2f:80:85:bc:3d:14:33:8d:a2:89:b7:10:f3:9d:67:
2c:2f:dc:dd:3f:42:25:98:22:c7:c3:14:4b:dd:c3:
6b:8a:6c:83:8d:2e:b5:90:69:cc:cc:9d:6b:95:bc:
e9:0a:a0:fd:46:98:ff:82:34:c0:23:03:18:00:c5:
0b:8c:ba:50:4c:dc:0e:d6:c7:e1:4c:ed:38:49:b5:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C3:3D:7E:A6:52:B4:62:E3:B4:BF:B3:A6:09:A3:45:7B:CA:10:57
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fb2bc1bb-cbbe-4f6c-8ef3-eabfdb4fa7b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.167.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:9e:ae:1d:70:7e:3d:74:ff:65:62:f6:c5:b4:71:04:48:bf:
05:dd:48:5b:b4:b1:c1:a0:57:8b:91:05:98:f8:55:84:ae:45:
24:61:90:fe:80:8c:8b:c2:5e:a6:db:88:34:2e:72:2c:4c:6b:
79:39:87:d2:f6:5b:51:06:79:b2:8d:8c:3e:5c:d7:3e:97:20:
c6:0b:d0:5f:b3:cd:79:97:5f:21:44:77:d7:5b:14:7f:9a:0b:
19:d9:1a:88:b8:06:fa:39:a3:4f:7c:12:5d:4c:d1:b2:20:79:
0a:78:f0:f2:46:ed:e7:44:5c:4b:e6:2a:06:81:c7:73:3f:c8:
ad:1a:bc:d5:b2:86:c0:d3:62:9d:72:31:59:fb:7c:15:f1:40:
c8:f5:3d:bc:42:c7:25:c3:16:25:ac:4a:97:79:c3:41:9b:03:
71:87:d8:25:05:a0:28:b9:bc:ee:03:45:97:e7:ec:2f:4d:e3:
23:79:04:3b:e9:db:de:32:15:a0:20:a6:e4:a1:ea:ea:17:95:
25:3d:bc:e8:7d:8a:b2:c2:86:ad:9b:f7:39:03:32:d7:5b:cf:
f1:41:e7:01:5f:dc:75:27:63:91:98:eb:2b:7f:7b:9d:70:85:
93:15:be:b5:bf:8a:c2:a8:88:4a:fc:34:fa:a5:f0:e5:8a:14:
6f:43:3f:d3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeUay1S2fpe4dc7cbQRRygDXgrbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA0MjUyMDMxMjZaFw0yNTA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDA4NTM3NDgyZDYzZjIzMzA4M2YyMDdjY2YyNDk2MzMyYWY0M2NjYzc0ZmJh
ZDJjY2QxZDAzMWFmOGJmNTM2N2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiSifeZgSGclktvFJpOtVsgWI3P98qP9HqctOkUCg2E27tUWEc0BlS2fV5s
grpy3/7qMJB9cg3BaQHmHPXO4iAsul6uxexJyXPl5EVea2qWa+L031W2gjbRbKFb
gq5QJv2GtpXOdyFpf0EEbRkJiYCydxfS5Evcme5yecxR4aRGf0xU/E2+nCLaRxNO
Xiu8n3AUh/vGlgaH/vpnJ7gk6vQBabv5HTwrMdEsvrY1alog3zmfL4CFvD0UM42i
ibcQ851nLC/c3T9CJZgix8MUS93Da4psg40utZBpzMyda5W86Qqg/UaY/4I0wCMD
GADFC4y6UEzcDtbH4UztOEm1pDUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSawz1+
plK0YuO0v7OmCaNFe8oQVzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmIyYmMxYmItY2JiZS00ZjZjLThlZjMtZWFiZmRiNGZhN2I5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANSnMA0G
CSqGSIb3DQEBCwUAA4IBAQAgnq4dcH49dP9lYvbFtHEESL8F3UhbtLHBoFeLkQWY
+FWErkUkYZD+gIyLwl6m24g0LnIsTGt5OYfS9ltRBnmyjYw+XNc+lyDGC9Bfs815
l18hRHfXWxR/mgsZ2RqIuAb6OaNPfBJdTNGyIHkKePDyRu3nRFxL5ioGgcdzP8it
GrzVsobA02KdcjFZ+3wV8UDI9T28QsclwxYlrEqXecNBmwNxh9glBaAoubzuA0WX
5+wvTeMjeQQ76dveMhWgIKbkoerqF5UlPbzofYqywoatm/c5AzLXW8/xQecBX9x1
J2ORmOsrf3udcIWTFb61v4rCqIhK/DT6pfDlihRvQz/T
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:15 2025 by rpki-client