Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: eRVRKm7DsSiJ4DH+rqzvurRBv0xvHHSBDrMm0ejTVks=
Subject key identifier: 34:DD:11:EE:2D:5A:A5:2A:8D:E7:25:A2:8B:15:94:2C:6D:25:76:01
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 766070DB4F19410FF95FC2E14E5C4B355B7F086B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Tue 17 Jun 2025 00:50:53 +0000
ROA not before: Tue 17 Jun 2025 00:50:53 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:60:70:db:4f:19:41:0f:f9:5f:c2:e1:4e:5c:4b:35:5b:7f:08:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:53 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=77299a10d43c3c38ed61a06fa9bb969c31954db0394496a906701f90f0af71fc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:78:b2:6e:87:66:9c:b6:12:3f:b6:35:9e:f2:
ce:bb:c9:4b:72:33:aa:a3:c3:3f:c9:25:ba:6c:c4:
67:8f:f7:45:ec:3d:1b:a6:9c:52:41:41:3d:ee:38:
3f:c0:6b:3d:f1:6f:ca:35:4a:5e:64:c8:e2:6c:9b:
0a:a3:3c:d2:04:d4:7d:2b:04:22:2e:b3:ee:66:38:
ce:3e:e4:27:27:f8:57:44:8c:3d:38:ee:b1:8b:25:
19:da:8d:7c:74:bb:b7:c6:af:54:3b:db:1a:47:e0:
0b:42:0d:d6:b8:ab:6c:c4:c3:e3:84:a0:47:68:c6:
0c:6f:10:de:a1:8a:89:25:90:8f:1c:f7:5e:5d:d8:
3e:bc:49:9b:77:a8:77:ec:c4:f9:a9:d8:b2:e8:5c:
a1:be:b5:b6:a6:e4:84:82:df:62:fb:a7:c3:e0:43:
1c:fe:e1:2e:35:32:5b:04:4e:cb:0c:f1:c8:16:71:
53:32:f8:61:cd:88:f4:0d:33:da:81:7b:81:76:00:
d8:94:ed:e9:2e:c0:1c:77:9b:0c:b1:73:66:5b:10:
24:d5:92:2e:f0:c8:82:5b:e2:71:54:31:f6:55:4d:
2a:3f:fd:f4:f0:43:54:a1:76:df:96:96:13:cc:58:
cb:28:4e:1b:c4:09:a3:ec:8a:a8:1b:1c:98:ca:17:
a2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:DD:11:EE:2D:5A:A5:2A:8D:E7:25:A2:8B:15:94:2C:6D:25:76:01
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
25:eb:45:c0:4d:3e:de:fc:81:f6:80:0d:91:3c:91:07:bf:b3:
15:bc:9e:99:18:82:b4:f8:40:77:57:f3:73:30:d2:d1:39:26:
da:13:53:bc:7f:ab:a1:38:0f:67:b8:44:f7:7c:48:81:ac:81:
ad:41:37:dd:0a:56:11:6d:ea:82:50:3f:aa:1d:78:15:47:28:
e2:33:1a:ea:6a:c0:17:a8:b6:39:1c:17:e3:56:c1:be:85:83:
04:3b:4c:43:b0:3c:98:23:35:64:c5:fe:4b:f2:e9:ce:21:a2:
75:20:5e:95:8a:2d:9d:c5:36:d4:14:5a:39:92:31:50:53:3d:
1c:36:33:43:47:5f:b4:c2:31:50:97:51:c8:87:fd:bb:95:6e:
e1:3e:62:48:17:c6:a6:a8:97:8a:7c:ea:84:73:2b:ba:82:68:
7d:24:0a:ab:f2:d5:cc:28:f8:e0:da:e0:c9:8d:f3:9e:ab:70:
dd:ac:f8:64:22:9c:49:65:c3:89:42:4d:63:cf:17:8e:26:a2:
c9:d6:f7:cd:22:c2:8d:ea:4f:bc:83:2f:1c:6a:0b:1e:a5:1b:
4b:6d:9f:d7:b8:94:4a:31:5a:82:0b:dd:f7:d4:df:71:5d:2d:
5c:0d:15:f2:7a:a9:43:84:57:40:6b:34:a7:83:31:89:07:16:
fd:ce:11:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdmBw208ZQQ/5X8LhTlxLNVt/CGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwNTNaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3Mjk5YTEwZDQzYzNjMzhlZDYxYTA2ZmE5YmI5NjljMzE5NTRkYjAzOTQ0
OTZhOTA2NzAxZjkwZjBhZjcxZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZ4sm6HZpy2Ej+2NZ7yzrvJS3IzqqPDP8klumzEZ4/3Rew9G6acUkFBPe44
P8BrPfFvyjVKXmTI4mybCqM80gTUfSsEIi6z7mY4zj7kJyf4V0SMPTjusYslGdqN
fHS7t8avVDvbGkfgC0IN1rirbMTD44SgR2jGDG8Q3qGKiSWQjxz3Xl3YPrxJm3eo
d+zE+anYsuhcob61tqbkhILfYvunw+BDHP7hLjUyWwROywzxyBZxUzL4Yc2I9A0z
2oF7gXYA2JTt6S7AHHebDLFzZlsQJNWSLvDIglvicVQx9lVNKj/99PBDVKF235aW
E8xYyyhOG8QJo+yKqBscmMoXojECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ03RHu
LVqlKo3nJaKLFZQsbSV2ATAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAJetFwE0+3vyB9oANkTyRB7+zFbyemRiCtPhAd1fz
czDS0Tkm2hNTvH+roTgPZ7hE93xIgayBrUE33QpWEW3qglA/qh14FUco4jMa6mrA
F6i2ORwX41bBvoWDBDtMQ7A8mCM1ZMX+S/LpziGidSBelYotncU21BRaOZIxUFM9
HDYzQ0dftMIxUJdRyIf9u5Vu4T5iSBfGpqiXinzqhHMruoJofSQKq/LVzCj44Nrg
yY3znqtw3az4ZCKcSWXDiUJNY88Xjiaiydb3zSLCjepPvIMvHGoLHqUbS22f17iU
SjFaggvd99TfcV0tXA0V8nqpQ4RXQGs0p4MxiQcW/c4Rcg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:59:10 2025 by rpki-client