Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: zPgSQ4LMQbxEYOzniiuMRxKcsfrEeVjdvc7jf1YxMOw=
Subject key identifier: F9:B0:8E:FD:C6:96:66:B9:AE:89:77:38:1B:ED:CF:E9:EB:ED:DF:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5FC4B48DF85B30154924A3DE81789204BB09F170
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Wed 25 Jun 2025 00:50:07 +0000
ROA not before: Wed 25 Jun 2025 00:50:07 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c4:b4:8d:f8:5b:30:15:49:24:a3:de:81:78:92:04:bb:09:f1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:07 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=92140c4d11f9ec2e3e797e09e18d83e201d77ab17461065b10d7eb9559c530e6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:19:d6:75:cf:a4:c3:fc:e1:2d:14:b9:37:7a:
9c:e2:ba:17:a7:c2:ef:64:e4:2d:47:34:c5:74:87:
20:1c:73:4f:8f:0f:b0:13:91:df:29:56:2c:88:53:
cf:81:35:38:48:ed:ee:6a:3c:ce:c7:d9:09:ef:0a:
08:bd:2c:5a:c1:64:9f:8f:1f:bb:f5:01:07:e0:e9:
a0:af:08:ef:50:f7:04:89:27:d3:5c:b4:6f:01:f3:
44:b9:d3:8a:65:71:ec:8e:79:b6:af:2d:bc:a1:ef:
42:dc:1b:3e:11:95:94:3f:80:74:36:08:e5:a8:a4:
3f:96:13:99:2e:e3:64:df:79:ab:5b:19:c8:41:a0:
ed:86:96:2e:10:05:de:cb:a7:11:c3:78:d8:35:f8:
2c:21:c2:aa:7e:05:f5:f0:31:57:fd:2e:76:7d:10:
10:6a:b8:f7:dc:75:0b:3c:bb:9b:84:44:53:e4:b4:
62:ed:36:77:70:66:20:8f:bc:8d:14:69:68:88:80:
ae:c1:2c:f2:8d:88:9b:65:20:18:56:f3:bc:36:14:
2b:22:98:d1:ec:c1:eb:42:5e:04:76:2f:42:a3:1f:
e5:20:55:4a:41:86:e8:4e:a3:c6:e7:65:f3:7d:c3:
9f:06:9d:b5:82:1a:af:c7:ae:4c:77:d1:ad:2d:88:
e8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B0:8E:FD:C6:96:66:B9:AE:89:77:38:1B:ED:CF:E9:EB:ED:DF:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:0d:e8:b5:c8:40:b7:b9:1d:72:08:b0:3e:73:0f:f3:49:64:
db:38:53:74:63:13:8c:31:50:28:dd:27:ed:b2:c1:dc:98:63:
77:b5:fa:13:ad:64:9a:ff:56:9c:9d:6c:2b:30:ae:d1:d1:e2:
0f:81:65:1f:bc:07:01:04:9a:8f:5c:f5:4b:20:02:c4:be:22:
0e:03:c7:55:95:00:58:67:62:0c:71:b2:4a:af:03:de:4a:32:
6b:1d:b1:cf:51:94:ea:e9:cf:f7:d8:8a:2b:7c:81:04:1e:c8:
51:90:47:ed:60:93:5a:34:a3:a0:67:94:18:f6:d5:2f:72:d5:
c6:ef:66:72:81:f5:25:ce:03:5d:cc:8a:21:4b:d0:65:45:ab:
74:8b:63:09:44:1a:31:0c:16:23:cf:eb:cc:77:4d:4b:cf:8b:
36:15:13:c5:36:4b:9c:c2:b6:2e:9f:93:4b:71:ab:04:94:37:
ea:28:b3:c4:9e:a4:10:c0:8d:67:fa:b3:24:87:05:e0:a9:bb:
b1:1b:2d:bd:34:01:a7:2d:97:79:09:a6:f1:ee:26:98:e5:71:
ad:f1:ab:74:61:77:b6:62:1f:fd:5b:2a:b4:1e:da:ce:48:cb:
f3:d4:a6:1f:af:ce:f7:d8:3d:98:84:0b:4c:f3:7a:d3:2a:1f:
02:5c:5e:5d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUX8S0jfhbMBVJJKPegXiSBLsJ8XAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMDdaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyMTQwYzRkMTFmOWVjMmUzZTc5N2UwOWUxOGQ4M2UyMDFkNzdhYjE3NDYx
MDY1YjEwZDdlYjk1NTljNTMwZTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsZ1nXPpMP84S0UuTd6nOK6F6fC72TkLUc0xXSHIBxzT48PsBOR3ylWLIhT
z4E1OEjt7mo8zsfZCe8KCL0sWsFkn48fu/UBB+DpoK8I71D3BIkn01y0bwHzRLnT
imVx7I55tq8tvKHvQtwbPhGVlD+AdDYI5aikP5YTmS7jZN95q1sZyEGg7YaWLhAF
3sunEcN42DX4LCHCqn4F9fAxV/0udn0QEGq499x1Czy7m4REU+S0Yu02d3BmII+8
jRRpaIiArsEs8o2Im2UgGFbzvDYUKyKY0ezB60JeBHYvQqMf5SBVSkGG6E6jxudl
833DnwadtYIar8euTHfRrS2I6A0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT5sI79
xpZmua6Jdzgb7c/p6+3f1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQCKDei1yEC3uR1yCLA+cw/zSWTbOFN0YxOMMVAo3Sft
ssHcmGN3tfoTrWSa/1acnWwrMK7R0eIPgWUfvAcBBJqPXPVLIALEviIOA8dVlQBY
Z2IMcbJKrwPeSjJrHbHPUZTq6c/32IorfIEEHshRkEftYJNaNKOgZ5QY9tUvctXG
72ZygfUlzgNdzIohS9BlRat0i2MJRBoxDBYjz+vMd01Lz4s2FRPFNkucwrYun5NL
casElDfqKLPEnqQQwI1n+rMkhwXgqbuxGy29NAGnLZd5Cabx7iaY5XGt8at0YXe2
Yh/9Wyq0HtrOSMvz1KYfr8732D2YhAtM83rTKh8CXF5d
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:36:58 2025 by rpki-client