Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: tlaeAqlYf2lc5xPl5K1kv8ilUSA0qAW8HONcsuXi/Hs=
Subject key identifier: 34:2F:B6:A1:7A:05:A6:2A:50:B7:BA:72:EF:0E:CC:9F:C7:1A:81:94
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D5ABEF601F775BF4077D527DFA0E15AD58ABE57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Mon 16 Jun 2025 21:50:45 +0000
ROA not before: Mon 16 Jun 2025 21:50:45 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:5a:be:f6:01:f7:75:bf:40:77:d5:27:df:a0:e1:5a:d5:8a:be:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:45 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=21b3c129ea6277d02583da884d0cd05aa143bae61976ec3075993b770fba1b6f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:50:49:bf:da:0e:92:19:0a:8d:26:0a:72:87:
a3:a1:98:0c:2c:64:0f:9f:46:2e:ef:f9:4a:58:c6:
e0:9d:cb:51:32:88:65:02:e3:d9:b9:36:df:1b:68:
e6:b7:b9:ca:cb:2f:9b:a3:64:9d:5f:58:c6:05:58:
78:1d:2b:33:16:df:a1:7a:d0:32:56:8c:80:af:b2:
c5:37:be:b6:ba:74:92:69:68:02:77:dc:da:ab:b5:
7d:f2:0c:ee:2c:f5:27:7e:93:40:a0:a5:5a:a3:e5:
8d:9f:de:05:c2:4f:9f:aa:3f:95:90:bf:1b:37:3a:
cc:70:d3:a2:a4:f7:87:53:d7:d9:a1:6e:ab:0b:95:
2a:65:c7:3c:92:5b:b0:93:22:65:d3:4a:fa:86:2c:
a5:c8:c6:3b:db:fe:21:2b:d2:38:a4:5f:c7:ea:11:
79:66:ee:8b:0d:22:f5:84:57:58:21:51:4b:8c:2e:
e6:77:cc:1b:38:38:9b:b3:02:cd:1c:fd:86:d9:87:
1f:20:45:a7:46:5a:08:6e:d4:ab:40:c1:d8:cb:e8:
fc:32:2e:98:bb:2d:8a:bd:08:55:fa:bf:bb:b3:c0:
dc:54:91:50:fd:c1:ac:8a:aa:0a:17:b2:a9:78:04:
ec:15:8a:97:c9:60:14:90:29:c8:ef:05:cb:4a:d2:
ed:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:2F:B6:A1:7A:05:A6:2A:50:B7:BA:72:EF:0E:CC:9F:C7:1A:81:94
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
cd:b5:6a:d9:8c:6a:76:3e:63:2b:77:69:50:8d:ee:6c:53:47:
08:44:28:dd:0f:12:47:33:d8:29:b4:1f:fb:37:a0:84:7d:26:
bb:6f:6e:2d:79:0d:9b:e7:0b:d1:c2:ab:5c:43:fb:de:34:93:
95:f8:c3:a4:8a:96:ba:28:b5:83:86:6d:92:d4:7a:64:86:2d:
ee:b8:8a:ec:5b:2f:2e:e9:a8:da:16:f5:27:0b:78:3c:97:cc:
61:69:a0:c4:23:dc:eb:06:4c:0c:05:21:17:10:1b:08:0d:33:
e0:db:68:a2:e8:09:fc:7a:a8:e2:87:cf:7c:0f:a8:3c:27:e3:
c1:ea:00:77:98:37:6c:84:a7:40:55:81:6d:c3:30:e6:e0:6b:
2c:57:97:59:04:29:b6:c8:e0:8e:41:c2:d8:c7:ed:b8:b0:dd:
7c:9b:20:77:0c:23:fa:7b:ff:f5:c8:82:25:d8:4c:ac:26:24:
93:40:64:43:25:f8:02:20:46:38:2e:51:b1:39:72:95:4f:e0:
3f:9c:3c:d0:e6:5b:d9:84:a3:5f:09:bc:57:da:bc:55:08:c7:
15:55:c6:fb:19:01:f3:16:5c:9e:4a:75:e5:36:fd:45:77:c7:
d2:0b:4f:ba:7b:d7:82:5c:5b:01:55:62:9a:12:8c:8a:69:c3:
e0:3c:97:0b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULVq+9gH3db9Ad9Un36DhWtWKvlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNDVaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDIxYjNjMTI5ZWE2Mjc3ZDAyNTgzZGE4ODRkMGNkMDVhYTE0M2JhZTYxOTc2
ZWMzMDc1OTkzYjc3MGZiYTFiNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOZQSb/aDpIZCo0mCnKHo6GYDCxkD59GLu/5SljG4J3LUTKIZQLj2bk23xto
5re5yssvm6NknV9YxgVYeB0rMxbfoXrQMlaMgK+yxTe+trp0kmloAnfc2qu1ffIM
7iz1J36TQKClWqPljZ/eBcJPn6o/lZC/Gzc6zHDToqT3h1PX2aFuqwuVKmXHPJJb
sJMiZdNK+oYspcjGO9v+ISvSOKRfx+oReWbuiw0i9YRXWCFRS4wu5nfMGzg4m7MC
zRz9htmHHyBFp0ZaCG7Uq0DB2Mvo/DIumLstir0IVfq/u7PA3FSRUP3BrIqqChey
qXgE7BWKl8lgFJApyO8Fy0rS7X0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ0L7ah
egWmKlC3unLvDsyfxxqBlDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAzbVq2Yxqdj5jK3dpUI3ubFNHCEQo3Q8SRzPYKbQf
+zeghH0mu29uLXkNm+cL0cKrXEP73jSTlfjDpIqWuii1g4ZtktR6ZIYt7riK7Fsv
Lumo2hb1Jwt4PJfMYWmgxCPc6wZMDAUhFxAbCA0z4NtoougJ/Hqo4ofPfA+oPCfj
weoAd5g3bISnQFWBbcMw5uBrLFeXWQQptsjgjkHC2MftuLDdfJsgdwwj+nv/9ciC
JdhMrCYkk0BkQyX4AiBGOC5RsTlylU/gP5w80OZb2YSjXwm8V9q8VQjHFVXG+xkB
8xZcnkp15Tb9RXfH0gtPunvXglxbAVVimhKMimnD4DyXCw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:19:55 2025 by rpki-client