Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: g8JTaHnd7sFi9QEhpivRHW9W7GDKJ+6DeHSx63rA93s=
Subject key identifier: F8:F3:FA:F2:21:26:15:C6:4F:41:03:18:DC:48:5C:F8:EA:E0:31:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59DCAA1D587E92425D74DC097CA68D8A801F83E8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Wed 25 Jun 2025 00:50:21 +0000
ROA not before: Wed 25 Jun 2025 00:50:21 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:dc:aa:1d:58:7e:92:42:5d:74:dc:09:7c:a6:8d:8a:80:1f:83:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:21 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=f405f6c3063d0676e8f13e1baf68e16f745602895f66cbdebd226ed953d1e33a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f7:ed:41:c7:a0:35:4d:b1:a5:0d:00:3e:ce:
b7:29:5f:54:88:f5:17:39:9f:ef:d1:fa:e5:6f:42:
d1:34:10:90:fb:c1:5c:c5:7f:ea:b0:3d:0b:9e:45:
55:1b:71:fe:97:2d:ca:38:8f:f1:9a:91:29:23:a9:
29:d3:14:8c:d8:9b:a9:38:8f:9a:f6:c0:fa:b0:85:
83:6b:d5:dc:6e:b3:82:03:4f:40:ac:d7:ba:20:11:
c2:84:51:96:c5:91:4c:7e:05:5f:ad:3d:c3:74:bf:
6f:9a:7f:34:cf:14:9b:39:fb:8c:21:f5:12:f5:ca:
21:01:09:84:19:b4:3a:10:58:df:40:bb:64:4d:2e:
6e:40:80:5d:5c:af:83:a8:8e:d7:aa:37:3f:5b:04:
b7:78:9d:35:f3:18:d4:83:22:c7:da:db:71:a9:65:
94:7f:5a:28:b3:1b:b3:a1:51:c1:e4:be:b4:de:18:
2b:1b:a9:b5:47:d9:53:68:6c:5a:4e:25:ce:95:7e:
d1:01:d9:94:fd:91:6c:24:35:90:7b:05:92:3c:0a:
f0:84:40:47:eb:2d:22:63:93:66:a9:15:e1:8c:a1:
86:f7:1c:88:5b:8f:bc:52:13:b0:e2:7a:ef:12:c8:
e6:9e:fb:0e:38:ba:f7:45:2e:52:94:f3:b8:d0:47:
cf:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:F3:FA:F2:21:26:15:C6:4F:41:03:18:DC:48:5C:F8:EA:E0:31:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
aa:68:8a:35:3f:1e:0c:03:9e:63:93:ec:4f:ff:00:14:d0:c2:
f4:28:5b:a4:f7:82:84:17:26:4f:05:87:aa:fa:4e:cb:42:e6:
6a:76:1b:5c:e8:aa:c4:70:75:dc:e8:1b:94:28:66:3f:31:98:
c3:2f:83:1b:ee:6b:1f:e4:5f:0a:0a:51:57:0d:de:91:2f:f9:
04:47:c8:a5:8b:20:7d:02:ea:a6:1d:55:bc:9e:23:36:fc:4a:
73:1e:14:a4:21:a6:f7:90:62:8f:94:29:fc:ac:c3:65:89:d2:
6e:80:fe:5e:b1:5a:ae:9d:ff:fa:c2:91:ae:d6:49:02:5d:c2:
d8:e9:16:71:40:93:6e:f3:f2:1c:8e:8b:26:f2:aa:c0:76:f6:
39:3c:2e:5f:25:12:3f:b8:eb:8d:0c:db:e2:54:22:d6:20:2a:
92:87:af:e7:74:74:9e:bd:01:00:ff:81:bd:c3:d1:57:a7:fe:
ba:f8:c5:6c:5a:33:b0:a4:db:57:49:21:cb:e4:01:db:57:7f:
bb:3e:ed:f4:ec:d6:33:50:9a:dd:6a:6b:53:9a:29:7d:7e:93:
dd:6b:46:77:13:2a:f1:9d:e5:98:2a:f0:4c:15:13:76:5c:9e:
07:b1:17:ca:15:60:2f:23:3f:c4:6e:b8:7b:d7:c7:eb:cc:59:
e9:a5:c6:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWdyqHVh+kkJddNwJfKaNioAfg+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjFaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0MDVmNmMzMDYzZDA2NzZlOGYxM2UxYmFmNjhlMTZmNzQ1NjAyODk1ZjY2
Y2JkZWJkMjI2ZWQ5NTNkMWUzM2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAND37UHHoDVNsaUNAD7OtylfVIj1Fzmf79H65W9C0TQQkPvBXMV/6rA9C55F
VRtx/pctyjiP8ZqRKSOpKdMUjNibqTiPmvbA+rCFg2vV3G6zggNPQKzXuiARwoRR
lsWRTH4FX609w3S/b5p/NM8Umzn7jCH1EvXKIQEJhBm0OhBY30C7ZE0ubkCAXVyv
g6iO16o3P1sEt3idNfMY1IMix9rbcalllH9aKLMbs6FRweS+tN4YKxuptUfZU2hs
Wk4lzpV+0QHZlP2RbCQ1kHsFkjwK8IRAR+stImOTZqkV4YyhhvcciFuPvFITsOJ6
7xLI5p77Dji690UuUpTzuNBHz3UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT48/ry
ISYVxk9BAxjcSFz46uAx7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQCqaIo1Px4MA55jk+xP/wAU0ML0KFuk94KEFyZPBYeq
+k7LQuZqdhtc6KrEcHXc6BuUKGY/MZjDL4Mb7msf5F8KClFXDd6RL/kER8iliyB9
AuqmHVW8niM2/EpzHhSkIab3kGKPlCn8rMNlidJugP5esVqunf/6wpGu1kkCXcLY
6RZxQJNu8/Icjosm8qrAdvY5PC5fJRI/uOuNDNviVCLWICqSh6/ndHSevQEA/4G9
w9FXp/66+MVsWjOwpNtXSSHL5AHbV3+7Pu307NYzUJrdamtTmil9fpPda0Z3Eyrx
neWYKvBMFRN2XJ4HsRfKFWAvIz/Ebrh718frzFnppcaC
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:48:22 2025 by rpki-client