Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: U0YtYsztFQ5lgjyoFjIOkc6gAVv9KTVGGYD9SaaOS8g=
Subject key identifier: 02:8A:33:75:B1:E0:1B:E4:A1:C3:9A:B4:FC:8C:58:76:A3:07:5B:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4384D582366A20F816DC34F727C15D712FBD619A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Wed 25 Jun 2025 00:50:20 +0000
ROA not before: Wed 25 Jun 2025 00:50:20 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:84:d5:82:36:6a:20:f8:16:dc:34:f7:27:c1:5d:71:2f:bd:61:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:20 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=49dc037e2422cb66f29d671cb96f7ba6432e262a2c8304badb8c986e1ef81df9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:fc:d9:31:4a:84:ee:18:20:af:0e:3d:af:18:
7b:52:22:85:1b:b1:a3:c1:c6:0e:78:1b:56:51:11:
2b:ff:72:2e:7d:31:1a:05:9f:5f:46:df:de:25:84:
f2:1b:f3:b5:68:0e:87:95:fa:1e:3e:5f:21:66:7d:
1d:d5:84:02:a9:a6:e7:88:18:8b:57:03:87:c6:eb:
f3:a1:a0:c8:9d:73:92:91:c0:c8:29:33:1e:11:16:
7f:17:93:fd:8f:63:82:ce:f4:68:3a:bb:eb:89:8d:
ec:e5:21:1d:8c:13:99:f5:eb:d0:e1:b6:41:66:31:
c4:8c:b1:a6:30:60:9a:17:8e:c9:ae:1e:80:6b:57:
a0:14:44:c7:71:7f:0d:d4:7a:9f:14:63:28:58:17:
89:4f:8e:f6:9b:3a:bd:1e:09:39:3f:03:b1:58:63:
24:79:57:05:83:bd:70:61:a1:bb:ba:d8:6d:7b:77:
af:57:fa:2a:69:7c:7b:8c:38:32:65:5f:1e:64:7e:
08:78:5e:27:db:5c:d3:d4:55:3f:26:94:17:3e:17:
7d:e2:6f:98:19:6c:ab:53:ee:61:a0:91:92:bd:05:
66:62:7b:f9:21:30:cf:94:f4:33:00:16:c0:1c:66:
5b:c9:2a:1d:c9:de:44:12:e3:17:f4:da:c4:d8:7d:
f3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:8A:33:75:B1:E0:1B:E4:A1:C3:9A:B4:FC:8C:58:76:A3:07:5B:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:f4:37:81:e8:2d:f2:08:77:77:35:08:4d:4f:04:c8:a9:f3:
ce:0d:28:43:80:3f:ed:e7:28:c9:f7:cd:a9:66:1c:6f:9f:09:
12:ae:ad:c2:4c:d8:b4:cc:63:9e:d1:2d:9d:3f:58:45:46:b1:
04:5c:84:77:3e:0a:86:e6:c5:9d:30:ac:84:b7:92:11:2f:ed:
a2:8d:94:8c:35:77:79:3c:d5:ae:58:2d:5f:73:60:b5:a3:cc:
87:8f:dd:f1:e5:3a:7f:00:6c:5a:01:16:26:dd:0c:a7:d9:d0:
11:f4:b5:f7:d1:cc:9d:74:38:08:3f:50:7a:a7:07:8b:43:cb:
52:15:fb:35:7f:87:1b:1b:43:6b:7e:da:9a:21:b2:18:4c:da:
cd:84:27:5c:16:7d:1d:f9:9d:5d:48:8e:2d:a7:95:6a:04:95:
d6:a8:54:a4:da:bc:f6:a2:79:df:32:c8:e5:a5:81:9f:88:0e:
19:a0:01:95:4d:e5:2c:bf:a3:f3:36:04:f7:4b:e4:66:b4:c3:
20:9c:84:da:d2:a1:8a:a6:c7:2a:28:32:87:5f:8d:2b:21:ae:
03:b5:6f:79:8f:ab:8f:9d:a4:80:c4:47:23:c1:5d:9e:24:f7:
f3:f7:fa:77:6e:bd:51:8a:56:9d:84:3a:ba:83:6f:08:be:49:
09:11:95:ea
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ4TVgjZqIPgW3DT3J8FdcS+9YZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjBaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5ZGMwMzdlMjQyMmNiNjZmMjlkNjcxY2I5NmY3YmE2NDMyZTI2MmEyYzgz
MDRiYWRiOGM5ODZlMWVmODFkZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOz82TFKhO4YIK8OPa8Ye1IihRuxo8HGDngbVlERK/9yLn0xGgWfX0bf3iWE
8hvztWgOh5X6Hj5fIWZ9HdWEAqmm54gYi1cDh8br86GgyJ1zkpHAyCkzHhEWfxeT
/Y9jgs70aDq764mN7OUhHYwTmfXr0OG2QWYxxIyxpjBgmheOya4egGtXoBREx3F/
DdR6nxRjKFgXiU+O9ps6vR4JOT8DsVhjJHlXBYO9cGGhu7rYbXt3r1f6Kml8e4w4
MmVfHmR+CHheJ9tc09RVPyaUFz4XfeJvmBlsq1PuYaCRkr0FZmJ7+SEwz5T0MwAW
wBxmW8kqHcneRBLjF/TaxNh982ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQCijN1
seAb5KHDmrT8jFh2owdbyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAsvQ3gegt8gh3dzUITU8EyKnzzg0oQ4A/7ecoyffN
qWYcb58JEq6twkzYtMxjntEtnT9YRUaxBFyEdz4KhubFnTCshLeSES/too2UjDV3
eTzVrlgtX3NgtaPMh4/d8eU6fwBsWgEWJt0Mp9nQEfS199HMnXQ4CD9QeqcHi0PL
UhX7NX+HGxtDa37amiGyGEzazYQnXBZ9HfmdXUiOLaeVagSV1qhUpNq89qJ53zLI
5aWBn4gOGaABlU3lLL+j8zYE90vkZrTDIJyE2tKhiqbHKigyh1+NKyGuA7VveY+r
j52kgMRHI8FdniT38/f6d269UYpWnYQ6uoNvCL5JCRGV6g==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:21:21 2025 by rpki-client