Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: h8Sm2E3GKXUeGnjHtESyZOU/SWrbfm65SgJWxHgSi7I=
Subject key identifier: C7:A9:EF:CB:A2:9B:EC:5E:8B:7B:74:A9:B4:A6:8E:C7:F2:A6:FF:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31063377E127273FA5B89AC5D87B1A94F36C687D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Mon 16 Jun 2025 21:50:06 +0000
ROA not before: Mon 16 Jun 2025 21:50:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:06:33:77:e1:27:27:3f:a5:b8:9a:c5:d8:7b:1a:94:f3:6c:68:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=81a586f60450773595bd24321e679770174e3fbbaffcf98d314acbdf7cdbfba6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d4:23:bb:02:b1:eb:a2:92:8d:85:75:f4:f0:
fd:d9:a6:96:f7:9e:f2:0b:e9:1c:cb:24:fe:71:83:
06:2c:99:7c:f6:91:be:ba:71:9a:f4:c6:68:1c:13:
67:c7:d6:c6:15:d0:5d:66:3a:da:cb:0e:3e:27:37:
b8:87:a0:2e:76:b6:4e:32:e8:3e:a0:3b:2d:7e:23:
da:e5:82:7a:68:13:73:57:82:61:ed:15:06:ec:b6:
79:ec:fb:0e:00:93:9c:b0:0f:79:88:54:fe:47:f2:
72:b1:88:ad:0e:8d:13:5a:56:5f:31:ea:82:94:e3:
32:91:65:2c:12:df:73:b9:d7:b6:64:67:19:23:99:
4f:5f:6c:03:73:ba:90:57:d1:a4:a8:7e:af:1a:4d:
d4:5d:e5:ac:e2:3a:ae:61:55:4a:8d:d5:22:76:e6:
c6:3e:f2:7d:16:78:f8:f9:cc:97:9f:d0:7d:b4:5b:
9c:3e:97:dd:1c:1c:fe:a1:98:d4:b3:b0:74:81:71:
12:cb:4e:b2:53:5f:87:c8:4e:f6:b9:b5:94:7e:2a:
56:6d:d7:ca:7d:3e:51:e5:b2:31:0e:c3:e8:e0:ec:
7f:93:5f:76:e4:16:58:5d:6d:56:19:ff:1c:a6:91:
c5:fd:e2:54:2f:99:93:17:7d:22:70:c4:4c:d6:75:
82:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:A9:EF:CB:A2:9B:EC:5E:8B:7B:74:A9:B4:A6:8E:C7:F2:A6:FF:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:8b:64:6f:a2:ba:f2:53:ef:ab:d7:36:18:72:2b:24:98:24:
23:8c:9a:cc:99:e0:d6:67:f0:f2:3a:9f:70:1b:cc:7b:c2:fc:
50:69:da:f6:b3:0c:54:9d:82:e8:db:c7:30:67:67:b0:ba:31:
ce:68:bc:83:49:18:b5:27:86:54:b0:ec:21:49:4a:7a:4d:f8:
67:2b:53:ae:07:9a:f4:23:b9:17:98:db:8b:6f:00:76:6a:30:
a2:e8:1e:c5:8e:01:3c:16:28:18:6d:0a:c5:89:77:17:f3:0c:
d3:65:70:78:93:a4:f1:7f:ce:b8:c0:9e:94:a3:2c:4c:48:28:
c4:9b:ef:1b:58:1c:78:4f:a0:9c:76:07:1f:b9:67:3f:56:fa:
0f:88:d1:6b:15:b5:ef:d5:4a:e3:47:d3:23:e7:b2:36:d3:f0:
8d:b7:f1:ed:f5:bd:44:4e:d1:d5:0c:d2:8b:9e:84:d8:8b:e4:
6e:bd:1b:c9:69:00:a2:93:57:7a:c6:7c:40:5d:43:ee:a8:8d:
1a:d1:4f:b7:f0:14:b2:40:dd:03:dc:ac:b5:f7:d6:73:c3:46:
e8:ad:86:67:da:cc:05:48:6e:c5:82:04:4a:f7:c0:35:e8:95:
d9:30:e8:19:0a:83:6d:ad:e7:15:92:80:68:22:cd:fc:66:17:
2d:bb:07:fd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMQYzd+EnJz+luJrF2HsalPNsaH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxYTU4NmY2MDQ1MDc3MzU5NWJkMjQzMjFlNjc5NzcwMTc0ZTNmYmJhZmZj
Zjk4ZDMxNGFjYmRmN2NkYmZiYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMXUI7sCseuiko2FdfTw/dmmlvee8gvpHMsk/nGDBiyZfPaRvrpxmvTGaBwT
Z8fWxhXQXWY62ssOPic3uIegLna2TjLoPqA7LX4j2uWCemgTc1eCYe0VBuy2eez7
DgCTnLAPeYhU/kfycrGIrQ6NE1pWXzHqgpTjMpFlLBLfc7nXtmRnGSOZT19sA3O6
kFfRpKh+rxpN1F3lrOI6rmFVSo3VInbmxj7yfRZ4+PnMl5/QfbRbnD6X3Rwc/qGY
1LOwdIFxEstOslNfh8hO9rm1lH4qVm3Xyn0+UeWyMQ7D6ODsf5NfduQWWF1tVhn/
HKaRxf3iVC+Zkxd9InDETNZ1gr8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHqe/L
opvsXot7dKm0po7H8qb/SzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQBWi2RvorryU++r1zYYciskmCQjjJrMmeDWZ/DyOp9w
G8x7wvxQadr2swxUnYLo28cwZ2ewujHOaLyDSRi1J4ZUsOwhSUp6TfhnK1OuB5r0
I7kXmNuLbwB2ajCi6B7FjgE8FigYbQrFiXcX8wzTZXB4k6Txf864wJ6UoyxMSCjE
m+8bWBx4T6CcdgcfuWc/VvoPiNFrFbXv1UrjR9Mj57I20/CNt/Ht9b1ETtHVDNKL
noTYi+RuvRvJaQCik1d6xnxAXUPuqI0a0U+38BSyQN0D3Ky199Zzw0borYZn2swF
SG7FggRK98A16JXZMOgZCoNtrecVkoBoIs38Zhctuwf9
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:22 2025 by rpki-client