Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: LWKjWKk/DLGxth9wDX6gxhidC7DvHCvIG2B44gI8tvA=
Subject key identifier: 94:FF:6B:4F:34:CD:CF:B8:48:6B:02:3A:47:91:F1:CE:ED:9F:81:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4CE2FDC9D111DB1B820E366995A20C41944D0F61
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Wed 25 Jun 2025 00:50:34 +0000
ROA not before: Wed 25 Jun 2025 00:50:34 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:e2:fd:c9:d1:11:db:1b:82:0e:36:69:95:a2:0c:41:94:4d:0f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:34 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=e108b47b50ca7243dbd5381bf0455ec4cf622c240bd7a53016f290321e47f842, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2c:38:f5:61:8e:22:a7:c0:4b:1b:4c:65:e5:
3d:df:6c:bb:da:5d:c6:45:4b:c1:e9:78:2d:cc:80:
88:fd:bb:e7:1a:e1:65:db:50:89:81:de:cd:7f:44:
e3:8a:ad:f5:d9:b3:3e:ca:fa:3b:63:55:52:e8:dd:
ec:2b:21:54:06:bb:f2:9f:59:60:85:c7:98:91:29:
bb:88:fe:f1:82:f9:7b:4b:00:07:e3:b1:6f:19:6e:
21:f1:cd:68:6d:58:32:40:92:5e:84:fc:28:94:81:
6a:15:81:04:a0:0d:7f:26:79:07:cb:d4:ad:69:2e:
6f:bd:15:e3:34:22:5f:70:e1:01:a1:92:ab:0f:02:
77:d5:87:36:ca:58:89:3a:5f:53:9a:7c:9e:8b:95:
e0:b9:2a:36:45:76:b6:01:38:b3:69:5d:fe:e4:8c:
cf:aa:70:a2:56:57:68:7a:5c:12:ea:5b:76:46:d5:
d9:4e:eb:e0:0d:f2:cc:e4:af:7c:95:77:34:6c:a6:
13:88:13:cf:6c:50:1f:e2:a7:dc:25:51:0b:99:a6:
62:3e:32:55:29:a2:00:8b:a8:aa:b3:21:8d:f7:dc:
43:4f:f7:f8:cd:a8:a4:b8:b9:f9:0e:bd:f0:32:19:
3e:c0:bf:39:c8:bb:fd:e5:04:f4:9e:3a:26:5f:40:
5f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:FF:6B:4F:34:CD:CF:B8:48:6B:02:3A:47:91:F1:CE:ED:9F:81:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c2:61:de:3b:22:8d:67:54:0b:5f:0c:ca:4e:63:24:df:a1:cf:
f4:b1:31:41:37:16:ef:d5:10:e6:c4:00:8d:5d:6f:c9:30:f4:
dd:e8:a9:e3:2d:b5:ec:b6:75:47:7d:c4:72:42:1a:0b:39:7a:
4c:40:5a:e3:d9:de:41:92:a9:a3:37:94:c2:a4:01:d1:fd:cd:
4f:24:94:01:66:97:d8:a8:4e:3f:2f:2b:c4:95:3f:a0:3b:04:
18:04:71:6d:e8:07:3e:84:20:5f:ea:74:86:19:1d:bc:3b:f0:
f1:a4:f2:0e:01:3f:8b:4e:5d:5a:a1:49:47:aa:96:70:36:d2:
33:0a:78:03:f1:94:22:77:1e:2d:94:0f:2d:3f:72:25:14:06:
f2:51:ba:48:94:f1:aa:90:e4:c3:1e:ed:f0:51:50:b1:22:33:
c8:f7:56:ed:b9:ea:d0:9a:9a:9f:0e:65:f2:14:45:19:6a:f5:
d5:99:41:42:91:b5:ba:e0:4d:a1:08:55:bd:f4:5d:f3:6f:6c:
e1:70:0b:70:3b:dd:84:a7:3e:48:d8:f1:85:be:5e:97:3f:27:
f3:fd:8d:bd:c7:38:54:91:fe:49:9d:1d:e2:88:cb:72:14:4f:
4f:3a:03:3f:99:50:35:54:56:7d:bc:3f:0a:e7:66:a6:69:46:
f4:f7:7f:2b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTOL9ydER2xuCDjZplaIMQZRND2EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMzRaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMDhiNDdiNTBjYTcyNDNkYmQ1MzgxYmYwNDU1ZWM0Y2Y2MjJjMjQwYmQ3
YTUzMDE2ZjI5MDMyMWU0N2Y4NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJUsOPVhjiKnwEsbTGXlPd9su9pdxkVLwel4LcyAiP275xrhZdtQiYHezX9E
44qt9dmzPsr6O2NVUujd7CshVAa78p9ZYIXHmJEpu4j+8YL5e0sAB+OxbxluIfHN
aG1YMkCSXoT8KJSBahWBBKANfyZ5B8vUrWkub70V4zQiX3DhAaGSqw8Cd9WHNspY
iTpfU5p8nouV4LkqNkV2tgE4s2ld/uSMz6pwolZXaHpcEupbdkbV2U7r4A3yzOSv
fJV3NGymE4gTz2xQH+Kn3CVRC5mmYj4yVSmiAIuoqrMhjffcQ0/3+M2opLi5+Q69
8DIZPsC/Oci7/eUE9J46Jl9AXwkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSU/2tP
NM3PuEhrAjpHkfHO7Z+B8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAwmHeOyKNZ1QLXwzKTmMk36HP9LExQTcW79UQ5sQA
jV1vyTD03eip4y217LZ1R33EckIaCzl6TEBa49neQZKpozeUwqQB0f3NTySUAWaX
2KhOPy8rxJU/oDsEGARxbegHPoQgX+p0hhkdvDvw8aTyDgE/i05dWqFJR6qWcDbS
Mwp4A/GUInceLZQPLT9yJRQG8lG6SJTxqpDkwx7t8FFQsSIzyPdW7bnq0Jqanw5l
8hRFGWr11ZlBQpG1uuBNoQhVvfRd829s4XALcDvdhKc+SNjxhb5elz8n8/2Nvcc4
VJH+SZ0d4ojLchRPTzoDP5lQNVRWfbw/CudmpmlG9Pd/Kw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:58:30 2025 by rpki-client