Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: BcTwf2knXUbAr6yddgNM1GM3M72EhVXRGsD6Cp+Fs/o=
Subject key identifier: 02:7D:58:1F:4D:F2:24:C8:17:D4:D2:7A:59:63:BB:C0:F3:EA:D9:F8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 26ADFDABF5498D8427616EEF57671DF8A3D8534D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Mon 16 Jun 2025 21:50:48 +0000
ROA not before: Mon 16 Jun 2025 21:50:48 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:ad:fd:ab:f5:49:8d:84:27:61:6e:ef:57:67:1d:f8:a3:d8:53:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:48 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e26ae3abf8d2b2451bc2a10ec14c551e8e714bb0dae1fb85ac640cef35e33425, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:36:e0:d9:30:b6:f7:b5:f3:6a:16:92:a1:ba:
fa:be:93:1a:99:bf:d8:da:fa:7b:24:cb:fb:56:db:
83:8c:45:00:39:a0:b7:85:42:54:69:0d:41:e3:fa:
a6:13:90:a9:0e:94:43:3a:84:2b:9a:d0:76:60:2d:
8f:3d:63:8b:a1:03:62:45:01:ae:c5:1a:a4:04:bb:
28:74:8a:66:87:46:77:91:71:68:e2:75:a4:ee:6e:
f4:19:b7:2b:16:4c:7a:91:d6:84:6e:7a:9b:78:1e:
44:03:ab:a5:7d:45:e6:f6:4d:00:8d:29:9d:ba:dd:
0c:fe:d1:0f:8d:b8:89:72:27:e5:67:6a:8e:ea:59:
50:be:49:d9:96:c6:cd:1b:9a:89:93:ad:74:c9:ce:
0f:22:ee:65:c7:a4:e6:e2:bd:65:c6:7b:81:09:46:
bd:26:a7:27:99:74:d6:5d:0b:58:dd:f2:f2:df:c1:
97:46:21:94:e7:96:3c:02:69:85:4c:47:e8:74:b6:
2a:e2:57:1c:11:4a:ae:f9:fa:a0:84:ab:73:26:18:
6e:0c:ce:f2:7c:65:16:00:0e:98:99:99:22:4b:fb:
52:d3:90:84:e2:b9:d7:08:2d:c7:db:96:19:8b:ba:
ff:9a:ec:58:fb:b9:86:f3:90:81:0b:e6:65:0d:a5:
d5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:7D:58:1F:4D:F2:24:C8:17:D4:D2:7A:59:63:BB:C0:F3:EA:D9:F8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:74:f5:e6:53:de:f4:9a:2f:d9:dd:fa:2f:ea:34:9c:fe:65:
dc:e1:ce:cd:ae:40:48:a3:5f:dc:31:89:ef:eb:3b:da:04:61:
5b:89:b1:a2:93:ab:52:fd:c8:c8:a7:f7:27:7f:22:8e:a2:42:
d8:78:b1:04:47:df:2e:a4:05:0b:21:62:37:98:b2:42:69:c7:
a0:b7:a1:f8:01:b3:31:f4:1c:c1:35:2d:17:0e:04:3f:3f:52:
4f:fe:5b:21:fb:7a:8a:5f:67:01:32:19:26:e0:22:e7:75:f3:
67:c8:03:37:7f:22:19:cf:69:e3:0e:38:e2:c8:5a:a6:ab:36:
a0:36:59:86:82:60:77:74:3c:63:d5:39:86:e8:cd:93:d6:56:
41:90:ff:69:20:ef:c3:c3:bc:fb:37:94:6c:8b:14:4f:85:10:
a2:ca:32:0e:38:55:db:37:5d:f1:8d:0c:e8:65:27:0f:6a:62:
f7:03:7f:ed:b1:1f:24:0f:b6:c5:33:3f:7c:67:3d:88:63:92:
c9:49:93:a6:a8:af:ee:e6:b4:84:12:41:09:4d:5a:e9:15:48:
80:6c:fe:19:a7:e8:5d:19:8e:33:be:ec:d6:66:33:74:40:f1:
d4:4a:30:a0:02:72:ee:1f:62:0f:0d:13:66:02:2b:aa:33:23:
8f:e6:09:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJq39q/VJjYQnYW7vV2cd+KPYU00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNDhaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyNmFlM2FiZjhkMmIyNDUxYmMyYTEwZWMxNGM1NTFlOGU3MTRiYjBkYWUx
ZmI4NWFjNjQwY2VmMzVlMzM0MjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALo24Nkwtve182oWkqG6+r6TGpm/2Nr6eyTL+1bbg4xFADmgt4VCVGkNQeP6
phOQqQ6UQzqEK5rQdmAtjz1ji6EDYkUBrsUapAS7KHSKZodGd5FxaOJ1pO5u9Bm3
KxZMepHWhG56m3geRAOrpX1F5vZNAI0pnbrdDP7RD424iXIn5WdqjupZUL5J2ZbG
zRuaiZOtdMnODyLuZcek5uK9ZcZ7gQlGvSanJ5l01l0LWN3y8t/Bl0YhlOeWPAJp
hUxH6HS2KuJXHBFKrvn6oISrcyYYbgzO8nxlFgAOmJmZIkv7UtOQhOK51wgtx9uW
GYu6/5rsWPu5hvOQgQvmZQ2l1asCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQCfVgf
TfIkyBfU0npZY7vA8+rZ+DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQCxdPXmU970mi/Z3fov6jSc/mXc4c7NrkBIo1/cMYnv
6zvaBGFbibGik6tS/cjIp/cnfyKOokLYeLEER98upAULIWI3mLJCacegt6H4AbMx
9BzBNS0XDgQ/P1JP/lsh+3qKX2cBMhkm4CLndfNnyAM3fyIZz2njDjjiyFqmqzag
NlmGgmB3dDxj1TmG6M2T1lZBkP9pIO/Dw7z7N5RsixRPhRCiyjIOOFXbN13xjQzo
ZScPamL3A3/tsR8kD7bFMz98Zz2IY5LJSZOmqK/u5rSEEkEJTVrpFUiAbP4Zp+hd
GY4zvuzWZjN0QPHUSjCgAnLuH2IPDRNmAiuqMyOP5gno
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:18:21 2025 by rpki-client