Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: i3X1cTMFGUQcsgvhEJys/ijG/zejNLoKT4gv3/4S8pU=
Subject key identifier: 64:FB:FC:F0:3F:E9:27:63:6D:58:19:25:E1:B8:D6:5F:04:FE:B9:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 663F52D21D30E44FB52AF75374EC95DCF5A95FF2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Wed 25 Jun 2025 00:50:08 +0000
ROA not before: Wed 25 Jun 2025 00:50:08 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:3f:52:d2:1d:30:e4:4f:b5:2a:f7:53:74:ec:95:dc:f5:a9:5f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:08 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=0caf89d43e10cdde15d78d0cc7762291dc36c13c89c0aa380a02089a5ab4ae8e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:95:3b:5f:2c:64:23:63:fe:4f:fd:e7:ba:82:
32:c1:64:4a:df:c1:2d:e4:29:23:8f:c4:4f:f3:15:
5a:a2:12:26:1d:a0:38:14:3f:de:eb:22:d0:9c:cf:
c4:7f:79:6c:87:7c:33:b9:06:2b:8e:c8:07:2d:3e:
98:17:52:75:2a:1f:b5:da:10:05:dc:38:2e:57:38:
42:0e:10:95:f2:ca:4b:0c:4c:d0:cd:f1:8a:40:5f:
ed:07:63:00:61:48:84:56:bd:a7:2b:b9:2d:1a:8c:
be:47:64:1c:20:fc:a2:e0:71:46:e2:9a:92:51:0a:
71:1a:fc:32:a8:49:54:e4:f9:33:08:6d:46:8a:b1:
b1:f6:50:75:e9:81:ff:aa:31:a1:4a:18:f5:16:ec:
8c:6d:ed:f9:57:51:62:d3:dd:36:bf:49:55:0c:5a:
12:31:81:7b:ec:5c:df:3e:28:66:25:39:e2:2c:49:
c9:55:1d:7b:d7:bc:3a:b8:dc:9d:0d:2a:25:ae:2a:
ef:08:0b:b9:28:18:8b:28:18:2a:21:17:a1:36:c9:
0d:28:d6:a4:b0:36:f4:7a:98:e5:4f:8c:1d:31:ab:
d9:e1:89:af:00:7a:52:a0:ee:6f:6f:b1:ad:a4:ce:
98:3a:fa:30:b7:85:32:c1:ee:d4:32:29:92:a8:41:
0d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:FB:FC:F0:3F:E9:27:63:6D:58:19:25:E1:B8:D6:5F:04:FE:B9:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
80:8c:ac:23:34:a2:11:bb:67:2a:ef:29:80:66:9a:c3:eb:2f:
ab:c7:84:e8:b7:39:d9:6f:ca:61:db:13:f3:1d:82:e5:c1:4e:
a4:72:10:62:0a:e5:2e:e1:1e:fd:3b:1e:15:b7:ec:4c:d1:27:
5e:88:aa:4e:94:85:6c:84:89:19:2d:1e:89:5f:71:1a:38:02:
a7:09:34:2c:60:51:47:1d:ab:f3:f4:b2:ee:ac:33:43:15:c6:
8c:86:20:29:66:82:46:d5:a2:ac:81:5c:85:dd:82:cd:2d:1f:
03:33:fd:c8:d5:b2:f0:40:ad:50:87:e3:a8:4e:21:4a:d0:b9:
8f:eb:90:71:ad:25:64:7c:e9:67:ca:24:32:d2:ea:20:65:0b:
23:59:49:b6:10:89:b4:fe:6d:40:f9:0f:f6:0d:fd:62:d6:78:
53:a9:49:db:db:46:10:ac:27:30:76:d2:63:be:2e:c5:4b:ea:
67:ec:e5:c3:e9:35:6e:a9:5d:49:1b:7c:67:0f:e9:07:59:d2:
2e:96:d1:10:65:5e:4a:9c:fe:c5:31:b5:89:d0:ae:22:53:2f:
25:bb:ff:ab:c3:4b:b6:59:f7:55:a3:de:af:c1:10:21:d1:10:
86:df:c8:44:90:9a:fc:48:c6:cb:15:50:9e:e6:00:1a:7c:7f:
34:40:60:be
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZj9S0h0w5E+1KvdTdOyV3PWpX/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMDhaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjYWY4OWQ0M2UxMGNkZGUxNWQ3OGQwY2M3NzYyMjkxZGMzNmMxM2M4OWMw
YWEzODBhMDIwODlhNWFiNGFlOGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKeVO18sZCNj/k/957qCMsFkSt/BLeQpI4/ET/MVWqISJh2gOBQ/3usi0JzP
xH95bId8M7kGK47IBy0+mBdSdSoftdoQBdw4Llc4Qg4QlfLKSwxM0M3xikBf7Qdj
AGFIhFa9pyu5LRqMvkdkHCD8ouBxRuKaklEKcRr8MqhJVOT5MwhtRoqxsfZQdemB
/6oxoUoY9RbsjG3t+VdRYtPdNr9JVQxaEjGBe+xc3z4oZiU54ixJyVUde9e8Orjc
nQ0qJa4q7wgLuSgYiygYKiEXoTbJDSjWpLA29HqY5U+MHTGr2eGJrwB6UqDub2+x
raTOmDr6MLeFMsHu1DIpkqhBDeECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRk+/zw
P+knY21YGSXhuNZfBP65ajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAgIysIzSiEbtnKu8pgGaaw+svq8eE6Lc52W/KYdsT
8x2C5cFOpHIQYgrlLuEe/TseFbfsTNEnXoiqTpSFbISJGS0eiV9xGjgCpwk0LGBR
Rx2r8/Sy7qwzQxXGjIYgKWaCRtWirIFchd2CzS0fAzP9yNWy8ECtUIfjqE4hStC5
j+uQca0lZHzpZ8okMtLqIGULI1lJthCJtP5tQPkP9g39YtZ4U6lJ29tGEKwnMHbS
Y74uxUvqZ+zlw+k1bqldSRt8Zw/pB1nSLpbREGVeSpz+xTG1idCuIlMvJbv/q8NL
tln3VaPer8EQIdEQht/IRJCa/EjGyxVQnuYAGnx/NEBgvg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:56:42 2025 by rpki-client