Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: JKQqka0vlqzj7E37jYkAdInlPVUUBTion7gKRHaPLOI=
Subject key identifier: F5:DF:C8:64:CC:EA:04:5C:D6:14:00:4A:6D:93:1A:EF:23:45:20:13
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A0171221828CB799E6CCD6BE458EC07D9FA5B78
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Mon 16 Jun 2025 21:50:09 +0000
ROA not before: Mon 16 Jun 2025 21:50:09 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:01:71:22:18:28:cb:79:9e:6c:cd:6b:e4:58:ec:07:d9:fa:5b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:09 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=32b2e8518e14c644e65a36ddd6d5169f221b73d372fe2095117f89f20aeb259b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:61:c2:33:7e:1b:c0:ce:50:23:4b:ff:53:5f:
0d:5c:b7:6d:9c:43:3d:c8:8a:3f:25:23:58:dc:51:
2d:66:54:52:72:2a:b3:e3:0b:a2:6d:df:a3:d9:c8:
4c:22:1b:fd:35:12:73:79:45:8e:19:c9:47:10:1d:
17:c1:d1:f1:a3:b3:77:d5:71:51:dd:6c:e6:6c:1d:
d3:35:07:38:c1:86:d1:da:28:c8:59:2c:aa:92:8f:
21:5d:bf:ec:7d:c6:e5:6b:81:a0:33:b0:42:5e:12:
dc:10:06:ec:91:87:13:1e:99:01:d1:d2:43:20:6b:
3d:82:c5:fb:6e:ed:ca:b3:59:9a:29:9a:61:5a:2b:
a6:a9:38:3e:61:5e:5e:e8:de:a1:34:9c:45:7c:ac:
2e:87:36:b4:8e:e7:ba:91:55:41:99:21:04:ff:ad:
0e:f4:62:eb:f7:44:36:98:c5:5e:b3:c6:7c:44:7c:
fb:c0:f0:30:17:0d:46:e3:60:07:a0:66:fb:b9:1a:
c3:92:7c:a0:db:14:e6:ab:a9:ab:ae:53:b9:94:3a:
b0:97:e4:48:85:0a:cc:6b:a1:52:b5:e1:c3:20:90:
95:5d:da:d2:bf:bf:e5:37:ad:a4:81:de:e4:2c:d0:
06:80:d4:4c:1c:22:0c:87:db:83:4f:0a:c6:b8:b0:
ad:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:DF:C8:64:CC:EA:04:5C:D6:14:00:4A:6D:93:1A:EF:23:45:20:13
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d2:ff:6d:4d:c0:22:13:47:93:fc:62:7e:44:95:62:da:9c:62:
4c:3d:d3:3d:17:33:2b:09:e0:d5:a4:b8:da:67:c7:31:14:64:
eb:57:a0:d9:7a:d3:68:3d:bb:6c:e6:31:9d:98:0c:12:cd:c8:
2c:bb:94:11:13:c1:0d:6b:41:75:07:94:87:4f:f0:df:44:65:
1a:35:32:89:3c:80:ef:9b:a9:07:ae:43:e5:d5:60:7a:cc:b0:
04:91:f9:2c:47:af:94:f0:48:83:a3:40:51:83:36:fb:0c:19:
5c:2a:40:84:41:01:7a:74:d3:56:48:ba:bc:49:5c:34:0c:05:
a5:05:d3:cb:b6:0e:80:f1:de:33:1b:7d:56:25:12:57:61:c7:
1d:fc:00:e1:a6:8b:64:09:9b:ed:20:f9:72:80:0d:c4:6a:57:
ac:42:6d:80:61:dc:38:0b:e1:5e:3a:cb:57:9d:06:81:29:93:
34:5b:9c:e6:cb:26:bb:a1:c0:15:c3:50:74:09:29:77:50:e4:
23:51:e7:3c:44:01:1d:d1:38:b7:69:e0:ec:5e:91:30:dd:e7:
0d:99:eb:1c:b3:f9:bb:9b:5b:12:e9:3b:23:77:a8:52:f0:d0:
f4:9b:e1:8d:9c:74:53:e6:18:89:ef:af:97:ba:26:5a:dc:cc:
dc:37:28:9d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCgFxIhgoy3mebM1r5FjsB9n6W3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMyYjJlODUxOGUxNGM2NDRlNjVhMzZkZGQ2ZDUxNjlmMjIxYjczZDM3MmZl
MjA5NTExN2Y4OWYyMGFlYjI1OWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANthwjN+G8DOUCNL/1NfDVy3bZxDPciKPyUjWNxRLWZUUnIqs+MLom3fo9nI
TCIb/TUSc3lFjhnJRxAdF8HR8aOzd9VxUd1s5mwd0zUHOMGG0dooyFksqpKPIV2/
7H3G5WuBoDOwQl4S3BAG7JGHEx6ZAdHSQyBrPYLF+27tyrNZmimaYVorpqk4PmFe
XujeoTScRXysLoc2tI7nupFVQZkhBP+tDvRi6/dENpjFXrPGfER8+8DwMBcNRuNg
B6Bm+7kaw5J8oNsU5qupq65TuZQ6sJfkSIUKzGuhUrXhwyCQlV3a0r+/5TetpIHe
5CzQBoDUTBwiDIfbg08KxriwrTMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT138hk
zOoEXNYUAEptkxrvI0UgEzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQDS/21NwCITR5P8Yn5ElWLanGJMPdM9FzMrCeDVpLja
Z8cxFGTrV6DZetNoPbts5jGdmAwSzcgsu5QRE8ENa0F1B5SHT/DfRGUaNTKJPIDv
m6kHrkPl1WB6zLAEkfksR6+U8EiDo0BRgzb7DBlcKkCEQQF6dNNWSLq8SVw0DAWl
BdPLtg6A8d4zG31WJRJXYccd/ADhpotkCZvtIPlygA3EalesQm2AYdw4C+FeOstX
nQaBKZM0W5zmyya7ocAVw1B0CSl3UOQjUec8RAEd0Ti3aeDsXpEw3ecNmescs/m7
m1sS6Tsjd6hS8ND0m+GNnHRT5hiJ76+XuiZa3MzcNyid
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:17:39 2025 by rpki-client