Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
File: 695716ab-c4db-435d-95fe-4143be62030e.roa (raw, json)
Hash identifier: P+NlD1y+gTyNcUea1oo5nOJyYET6dG8b/rpxkJklB2M=
Subject key identifier: 69:A6:22:16:89:47:DB:9F:3A:C8:E6:4A:97:60:E6:7C:3F:2C:DF:7B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4A5894182A4B82C75B2ECAB805E141CCEE2EEA2B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
Signing time: Tue 17 Jun 2025 00:50:52 +0000
ROA not before: Tue 17 Jun 2025 00:50:52 +0000
ROA not after: Tue 22 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:58:94:18:2a:4b:82:c7:5b:2e:ca:b8:05:e1:41:cc:ee:2e:ea:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 17 00:50:52 2025 GMT
Not After : Jul 22 23:59:59 2025 GMT
Subject: serialNumber=b345b801a6515672db680dabadca32064cede4dc839744ca75a6438ef612e4c7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7f:2c:d5:dc:fd:b6:93:89:cd:76:33:29:ba:
fd:8b:e5:1b:2b:81:1e:8d:c7:ba:ef:84:db:fe:91:
2e:18:4f:0d:91:b0:de:10:a7:2d:95:3c:48:8b:39:
71:03:4f:e6:b2:0d:37:3f:c1:00:9b:be:f0:5b:72:
80:d3:26:df:76:6e:7a:2f:d5:52:97:66:5b:f3:61:
cd:6e:59:68:e0:61:b0:26:dd:b6:3b:ba:89:7a:a4:
4b:ae:77:cf:05:74:60:c3:84:d0:bd:ee:74:0e:5a:
31:8a:8a:3b:74:60:c9:ab:54:7e:be:dd:66:04:1b:
d3:26:ff:b4:b8:f1:c2:93:0f:75:3f:dd:ea:4b:de:
87:ae:b8:3a:b9:0b:db:ee:40:fc:7d:a6:a0:97:bd:
ac:64:51:e3:e7:8d:7f:d3:7f:9a:ab:08:f5:88:78:
56:20:91:b2:c0:a2:a3:0f:ba:e4:8c:b2:9d:ac:37:
fb:d0:cd:2b:ff:14:e4:48:27:62:38:28:ae:f4:3e:
24:1e:86:35:8a:86:30:e8:21:c4:5d:72:bc:48:7f:
84:74:a6:06:74:a3:72:7f:04:df:06:44:b7:40:57:
f4:60:2f:f7:44:fb:22:fe:b1:12:8e:b4:2f:62:ba:
8b:64:72:96:ee:05:b1:85:dc:5d:82:b7:ad:91:96:
87:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A6:22:16:89:47:DB:9F:3A:C8:E6:4A:97:60:E6:7C:3F:2C:DF:7B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
36:61:6e:86:22:9a:13:cc:4e:61:a7:3a:e5:b3:3a:83:f2:5f:
f6:da:51:40:d0:c9:61:67:7f:42:f4:20:6e:49:e0:26:73:51:
88:8e:45:15:f0:0b:e2:8d:df:a3:c3:c8:c2:1b:23:c7:38:25:
eb:2c:a6:da:24:82:ee:c1:fb:0e:f0:0c:68:34:6e:12:db:07:
30:41:16:79:b4:05:43:f6:e3:a3:8f:ee:91:fb:4e:c5:9a:ee:
ff:94:96:a4:97:28:15:a3:73:a2:55:0c:d1:ae:ec:a6:be:6e:
42:16:ec:7a:08:a1:13:77:76:ac:49:6c:0c:4e:87:e6:20:ab:
bc:65:bd:cb:f1:29:c8:80:49:df:5d:ee:be:fa:f9:a0:aa:3d:
9f:57:95:44:05:3f:6c:68:60:9f:09:db:11:71:86:8b:e2:a0:
81:27:d0:c7:b5:97:06:3f:16:37:bc:06:d4:fd:07:ac:ed:00:
bb:53:39:48:1f:e1:b2:27:e9:0c:8f:e8:7a:46:fd:ee:d2:ef:
da:ff:aa:bc:52:72:55:77:18:52:51:5f:c6:50:4e:15:32:8b:
25:7b:28:26:71:ef:ef:47:fa:05:cd:b8:f0:04:ee:91:f2:0d:
4d:b0:37:65:e8:d0:a2:b4:58:02:d1:9b:35:36:77:5b:08:cc:
36:06:e8:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSliUGCpLgsdbLsq4BeFBzO4u6iswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTcwMDUwNTJaFw0yNTA3MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNDViODAxYTY1MTU2NzJkYjY4MGRhYmFkY2EzMjA2NGNlZGU0ZGM4Mzk3
NDRjYTc1YTY0MzhlZjYxMmU0YzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN1/LNXc/baTic12Mym6/YvlGyuBHo3Huu+E2/6RLhhPDZGw3hCnLZU8SIs5
cQNP5rINNz/BAJu+8FtygNMm33Zuei/VUpdmW/NhzW5ZaOBhsCbdtju6iXqkS653
zwV0YMOE0L3udA5aMYqKO3RgyatUfr7dZgQb0yb/tLjxwpMPdT/d6kveh664OrkL
2+5A/H2moJe9rGRR4+eNf9N/mqsI9Yh4ViCRssCiow+65Iyynaw3+9DNK/8U5Egn
YjgorvQ+JB6GNYqGMOghxF1yvEh/hHSmBnSjcn8E3wZEt0BX9GAv90T7Iv6xEo60
L2K6i2Rylu4FsYXcXYK3rZGWhyECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRppiIW
iUfbnzrI5kqXYOZ8PyzfezAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk1NzE2YWItYzRkYi00MzVkLTk1ZmUtNDE0M2JlNjIwMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQA2YW6GIpoTzE5hpzrlszqD8l/22lFA0MlhZ39C9CBu
SeAmc1GIjkUV8Avijd+jw8jCGyPHOCXrLKbaJILuwfsO8AxoNG4S2wcwQRZ5tAVD
9uOjj+6R+07Fmu7/lJaklygVo3OiVQzRruymvm5CFux6CKETd3asSWwMTofmIKu8
Zb3L8SnIgEnfXe6++vmgqj2fV5VEBT9saGCfCdsRcYaL4qCBJ9DHtZcGPxY3vAbU
/Qes7QC7UzlIH+GyJ+kMj+h6Rv3u0u/a/6q8UnJVdxhSUV/GUE4VMosleygmce/v
R/oFzbjwBO6R8g1NsDdl6NCitFgC0Zs1NndbCMw2BugH
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:22:30 2025 by rpki-client