Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: FvNsyjIlsfW1RpPzChNTujTvIKhVpGODayqo7z6AJYE=
Subject key identifier: 19:A0:9B:92:63:14:05:E4:09:ED:56:63:11:85:92:AD:A3:7F:C1:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E96F43F09B61CC329409EEFCA05A3ECC775DEDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Mon 16 Jun 2025 21:50:04 +0000
ROA not before: Mon 16 Jun 2025 21:50:04 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:96:f4:3f:09:b6:1c:c3:29:40:9e:ef:ca:05:a3:ec:c7:75:de:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:04 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=15562c64d6678634762f69f7579aa1bee1b4b76072b779c41a95678975890e29, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1e:6d:aa:40:b3:34:55:3f:99:cb:be:db:ec:
28:e7:a4:8c:1a:bf:0b:02:23:b5:7b:d7:20:4c:4c:
26:84:51:74:7c:39:7e:2b:87:f7:61:52:38:90:30:
0f:ba:16:72:15:94:f4:33:a7:c9:ce:d7:44:bd:19:
bd:f6:2e:13:4a:d4:18:65:dd:9c:ce:22:28:00:cf:
88:38:e0:3d:68:e1:4b:b6:68:92:4c:9b:4d:07:7a:
3e:e9:5f:2f:22:0d:76:40:cc:8c:23:ab:34:8e:23:
3e:cc:f4:09:5b:7f:80:f5:ff:b3:d2:66:ae:b2:c8:
85:6c:38:26:7f:a4:3d:c0:ea:ec:67:e4:d1:ef:8d:
91:3a:f0:51:52:b6:51:5f:01:3c:56:b0:78:6c:d7:
a1:8a:e9:b2:b9:7c:93:f7:65:46:84:25:fa:d1:bd:
a9:e5:e1:10:bf:cb:b4:e9:02:ec:42:7b:5f:2c:98:
8f:d6:ea:a6:ca:3c:61:db:73:5a:9a:50:75:ab:98:
a0:63:3f:7b:2a:3e:1e:5f:41:16:36:85:5b:d1:a9:
76:88:0d:58:98:cd:1c:6d:b2:b1:6f:6b:1c:ae:c4:
0d:cc:4d:dd:e6:5e:64:e7:76:79:bb:e6:ab:44:17:
f1:b1:7e:86:cd:36:e0:fd:95:52:4b:d3:ef:f6:ec:
34:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A0:9B:92:63:14:05:E4:09:ED:56:63:11:85:92:AD:A3:7F:C1:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3f:3f:05:cd:71:40:09:1a:19:21:8c:c5:26:35:eb:d7:3f:03:
18:28:2e:6b:af:f1:39:ca:8f:66:78:cd:a0:ff:0a:81:b6:c5:
00:fb:20:d3:f9:0e:dd:1d:65:0d:19:7c:c2:3c:26:8c:66:91:
74:55:20:ee:7b:a2:d6:e0:a7:e4:2e:81:f6:82:36:d9:a7:71:
c8:13:65:8a:b9:e3:81:77:0a:ab:80:fd:31:2e:95:5e:a8:cd:
46:a0:15:69:57:6d:2b:f8:c0:7a:e0:8b:6b:06:f0:ea:47:29:
dd:09:81:1e:cb:07:ac:3f:bf:06:1c:e3:d9:f7:89:03:5b:98:
90:5a:64:92:82:70:bf:cb:5f:60:91:61:76:2b:4c:02:90:a3:
48:74:ff:16:46:24:92:db:1a:52:52:24:8c:55:ed:76:2a:52:
6b:cd:eb:8d:5d:f8:15:1a:75:05:16:09:75:48:c6:5e:db:93:
3b:cd:0a:2e:b6:40:85:e3:d0:28:21:da:b8:c1:c4:bd:b8:c9:
66:e5:d1:8a:71:55:e0:7f:bb:6b:3f:87:3c:1c:38:da:91:4d:
a6:d1:e2:68:38:52:40:92:08:ea:2a:b1:93:7f:4b:0f:4f:d9:
0d:93:f7:4f:db:bd:2a:56:83:55:0a:fb:78:ee:aa:fc:e3:45:
36:f0:b8:e5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULpb0Pwm2HMMpQJ7vygWj7Md13towDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE1NTYyYzY0ZDY2Nzg2MzQ3NjJmNjlmNzU3OWFhMWJlZTFiNGI3NjA3MmI3
NzljNDFhOTU2Nzg5NzU4OTBlMjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI8ebapAszRVP5nLvtvsKOekjBq/CwIjtXvXIExMJoRRdHw5fiuH92FSOJAw
D7oWchWU9DOnyc7XRL0ZvfYuE0rUGGXdnM4iKADPiDjgPWjhS7ZokkybTQd6Pulf
LyINdkDMjCOrNI4jPsz0CVt/gPX/s9JmrrLIhWw4Jn+kPcDq7Gfk0e+NkTrwUVK2
UV8BPFaweGzXoYrpsrl8k/dlRoQl+tG9qeXhEL/LtOkC7EJ7XyyYj9bqpso8Ydtz
WppQdauYoGM/eyo+Hl9BFjaFW9GpdogNWJjNHG2ysW9rHK7EDcxN3eZeZOd2ebvm
q0QX8bF+hs024P2VUkvT7/bsNGkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQZoJuS
YxQF5AntVmMRhZKto3/BtjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAPz8FzXFACRoZIYzFJjXr1z8DGCgua6/xOcqPZnjN
oP8KgbbFAPsg0/kO3R1lDRl8wjwmjGaRdFUg7nui1uCn5C6B9oI22adxyBNlirnj
gXcKq4D9MS6VXqjNRqAVaVdtK/jAeuCLawbw6kcp3QmBHssHrD+/Bhzj2feJA1uY
kFpkkoJwv8tfYJFhditMApCjSHT/FkYkktsaUlIkjFXtdipSa83rjV34FRp1BRYJ
dUjGXtuTO80KLrZAhePQKCHauMHEvbjJZuXRinFV4H+7az+HPBw42pFNptHiaDhS
QJII6iqxk39LD0/ZDZP3T9u9KlaDVQr7eO6q/ONFNvC45Q==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:18:42 2025 by rpki-client