Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: SWPlNuv79zKRUahppuFZQ/fxK+EDYp1PKrZhlMaTWFs=
Subject key identifier: EB:8C:32:4B:BC:04:16:A1:9E:BE:AB:CB:0D:A0:15:46:E9:0C:B4:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 54913EF38DD5CF6FD5029174C6CE56BF5E35F9AC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Wed 25 Jun 2025 00:50:17 +0000
ROA not before: Wed 25 Jun 2025 00:50:17 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:91:3e:f3:8d:d5:cf:6f:d5:02:91:74:c6:ce:56:bf:5e:35:f9:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:17 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=600b38dd75b69cc7c157adf820166a70e0228447e8011e8366244c50027c3aeb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ec:f5:7f:ea:74:2d:56:e5:ff:ef:ee:a1:dc:
a1:aa:96:84:19:78:c1:dd:0e:f5:4c:d3:60:dd:04:
56:26:f4:b0:5e:da:ba:66:f6:05:a4:87:50:a7:49:
a5:3e:aa:d5:a2:2f:75:9a:b7:50:98:22:2d:44:58:
87:78:a3:6a:42:eb:64:0c:95:1b:6e:bf:b9:3e:1b:
6e:2b:48:d7:16:6d:10:75:0a:fd:14:e6:20:12:9e:
11:af:df:c4:b0:9d:a1:9e:7c:17:7c:3a:8e:c5:57:
5c:3b:5d:1c:ab:84:93:d3:9d:20:3a:3c:d6:80:56:
a3:fc:ea:c4:22:9d:8a:da:2c:0b:ed:b4:a5:37:18:
ad:6e:5f:07:96:04:bd:eb:36:fd:f9:d1:98:cf:74:
91:9a:89:c4:24:2d:0a:91:94:f9:bf:f8:62:8e:61:
32:22:23:df:a6:2d:34:9a:24:46:08:37:f5:ff:38:
30:9b:2a:2a:58:8d:71:31:06:c9:91:4f:02:22:c6:
54:56:6f:a3:af:46:23:5d:dc:2a:6b:63:d9:05:ef:
35:b3:a4:80:fa:4e:c2:bb:1a:81:91:77:ef:13:c9:
59:91:a0:cf:3d:fc:4c:79:03:24:b5:99:dd:69:50:
b1:b9:5f:e5:51:1b:b7:55:d7:5b:32:7b:49:8f:1a:
4a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:8C:32:4B:BC:04:16:A1:9E:BE:AB:CB:0D:A0:15:46:E9:0C:B4:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
33:81:37:6c:2a:b6:08:e6:b5:95:b6:33:c2:ef:bb:b2:1e:f2:
01:8b:bd:15:52:1f:c8:57:36:da:7e:44:b8:70:9e:4b:a8:52:
e7:79:2f:4e:2a:bd:4c:be:1c:06:4a:69:8f:18:b9:6a:27:a0:
ba:b1:44:43:cb:df:6a:84:46:87:38:8e:3e:23:1f:02:4b:de:
d3:7e:41:ab:dd:1f:93:a1:a5:ae:fa:ad:df:18:cb:f0:c6:84:
7d:58:e0:0b:1d:74:70:7d:84:b8:fd:4c:47:f1:2c:32:9a:a5:
89:a4:bd:67:f2:f9:7d:8e:09:d7:2a:ae:99:cb:0a:32:ca:32:
a2:cc:c8:8b:aa:4d:f4:df:0b:6a:97:28:95:f9:6f:6f:e7:66:
32:1c:52:f5:d0:e6:8e:c5:ba:7a:65:30:ab:21:6e:e6:d8:10:
0b:cb:9f:52:87:b8:51:f6:38:d4:82:b3:2c:41:30:26:5a:eb:
73:30:04:d9:63:8d:24:46:71:6b:b2:a1:a1:fa:26:68:9d:b2:
d6:a3:4f:c5:b0:cd:a8:04:50:c4:db:2f:97:33:d8:50:b6:00:
77:bd:a4:63:93:ad:6d:1b:b6:3e:57:86:83:a9:59:36:af:d0:
5b:34:7a:50:18:a9:a1:2a:5a:df:5d:c6:fa:db:10:9d:29:08:
01:c9:e2:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVJE+843Vz2/VApF0xs5Wv141+awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMTdaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMGIzOGRkNzViNjljYzdjMTU3YWRmODIwMTY2YTcwZTAyMjg0NDdlODAx
MWU4MzY2MjQ0YzUwMDI3YzNhZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPs9X/qdC1W5f/v7qHcoaqWhBl4wd0O9UzTYN0EVib0sF7aumb2BaSHUKdJ
pT6q1aIvdZq3UJgiLURYh3ijakLrZAyVG26/uT4bbitI1xZtEHUK/RTmIBKeEa/f
xLCdoZ58F3w6jsVXXDtdHKuEk9OdIDo81oBWo/zqxCKditosC+20pTcYrW5fB5YE
ves2/fnRmM90kZqJxCQtCpGU+b/4Yo5hMiIj36YtNJokRgg39f84MJsqKliNcTEG
yZFPAiLGVFZvo69GI13cKmtj2QXvNbOkgPpOwrsagZF37xPJWZGgzz38THkDJLWZ
3WlQsblf5VEbt1XXWzJ7SY8aSu8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTrjDJL
vAQWoZ6+q8sNoBVG6Qy0xDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQAzgTdsKrYI5rWVtjPC77uyHvIBi70VUh/IVzbafkS4
cJ5LqFLneS9OKr1MvhwGSmmPGLlqJ6C6sURDy99qhEaHOI4+Ix8CS97TfkGr3R+T
oaWu+q3fGMvwxoR9WOALHXRwfYS4/UxH8SwymqWJpL1n8vl9jgnXKq6ZywoyyjKi
zMiLqk303wtqlyiV+W9v52YyHFL10OaOxbp6ZTCrIW7m2BALy59Sh7hR9jjUgrMs
QTAmWutzMATZY40kRnFrsqGh+iZonbLWo0/FsM2oBFDE2y+XM9hQtgB3vaRjk61t
G7Y+V4aDqVk2r9BbNHpQGKmhKlrfXcb62xCdKQgByeJr
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:37:28 2025 by rpki-client