Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: UAnQLtdo0Uo7W4pEHF60/RweUb1rAY6M/BZs7jyQifI=
Subject key identifier: 09:4D:CE:3C:EE:AC:63:76:38:FD:93:A7:A4:D7:E2:D3:0F:EF:39:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2791C61E333A85C7F68718EA60A594AD52AECA1B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Mon 16 Jun 2025 21:50:22 +0000
ROA not before: Mon 16 Jun 2025 21:50:22 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:91:c6:1e:33:3a:85:c7:f6:87:18:ea:60:a5:94:ad:52:ae:ca:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:22 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=82549dbc58f28123e08c77b894b9ad4b77b00af092c51381e2354c6c420d88cf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:64:64:01:55:77:8e:77:1a:b6:cf:f8:32:
82:34:66:ce:26:9e:c2:5e:3c:b3:e4:33:93:58:64:
98:49:46:9d:75:81:44:23:16:eb:40:a1:28:c0:a8:
78:af:0b:95:2c:4b:15:cc:30:66:f8:b6:89:51:9c:
6b:35:f4:b7:6e:bd:f0:4d:7c:e2:59:02:77:e0:df:
03:47:77:21:14:08:32:3a:83:96:6e:ce:20:6b:2e:
6a:44:cb:df:70:fa:51:b1:b8:ec:97:d5:8e:ed:6b:
75:fe:60:53:8a:7f:8b:21:78:00:5e:c3:f4:da:2d:
a1:3a:74:bd:5c:d8:90:ad:ff:0f:c2:dc:2d:34:f8:
0a:81:f5:4a:9e:dd:3f:df:0a:8c:1a:95:bc:1a:9c:
1a:33:85:11:a4:96:cc:38:d1:28:7d:48:fc:6a:ef:
a3:e9:8f:2d:30:65:f7:82:92:99:ae:93:d5:c4:40:
46:c5:56:fd:c2:c7:1d:6b:57:09:7e:42:7b:36:63:
44:2e:9b:16:ef:df:79:e1:49:5c:b2:13:4f:28:a7:
1f:10:00:dc:11:d6:a8:1f:1b:5b:68:03:35:30:a9:
e1:3e:0a:bd:38:ec:48:d9:66:d7:b1:c6:74:46:dd:
c4:7c:05:9b:c1:20:2d:7a:3d:3a:f4:54:aa:94:94:
77:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4D:CE:3C:EE:AC:63:76:38:FD:93:A7:A4:D7:E2:D3:0F:EF:39:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
8d:ff:e7:e9:8d:c6:7b:56:55:8c:5e:48:b0:9b:ee:97:b5:ab:
ed:c1:7a:3d:f2:28:cb:c9:c5:d2:1e:90:21:46:30:e4:02:0c:
b4:9a:56:cd:cb:97:7b:04:0f:66:b0:1b:78:4e:8e:19:71:f6:
db:89:a2:20:44:82:b8:a1:b7:fb:67:a0:14:91:c4:2c:54:10:
99:c0:b9:0e:49:10:f3:5e:e3:90:60:74:92:03:7b:13:fd:41:
de:5b:5b:cb:7b:58:65:8b:6a:4e:3c:22:4b:ec:84:4b:c3:34:
25:6a:42:2c:4e:e6:b8:4d:70:e5:03:a0:88:41:01:95:1f:1f:
73:71:54:1e:5a:ae:16:3b:d7:91:9e:b6:d7:6c:3e:e2:c9:20:
33:e8:73:7c:d2:8b:9a:25:60:b9:e2:c7:8b:5e:2b:76:08:52:
56:98:12:4f:6e:93:4c:a1:46:f7:14:22:5d:5a:bd:74:65:66:
dd:d4:19:5e:2d:2f:23:1f:09:d9:d0:fb:42:c1:4b:32:a8:1d:
f5:46:2d:7e:09:a0:7a:96:3a:91:bc:db:5b:c7:35:30:71:53:
5b:71:b4:6d:be:51:3d:ff:53:e7:5c:96:85:40:22:15:12:46:
fb:f4:aa:38:fb:4f:24:d7:c5:6b:0c:52:2b:36:27:fa:8d:2c:
34:a9:00:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJ5HGHjM6hcf2hxjqYKWUrVKuyhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMjJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyNTQ5ZGJjNThmMjgxMjNlMDhjNzdiODk0YjlhZDRiNzdiMDBhZjA5MmM1
MTM4MWUyMzU0YzZjNDIwZDg4Y2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjXZGQBVXeOdxq2z/gygjRmziaewl48s+Qzk1hkmElGnXWBRCMW60ChKMCo
eK8LlSxLFcwwZvi2iVGcazX0t2698E184lkCd+DfA0d3IRQIMjqDlm7OIGsuakTL
33D6UbG47JfVju1rdf5gU4p/iyF4AF7D9NotoTp0vVzYkK3/D8LcLTT4CoH1Sp7d
P98KjBqVvBqcGjOFEaSWzDjRKH1I/Grvo+mPLTBl94KSma6T1cRARsVW/cLHHWtX
CX5CezZjRC6bFu/feeFJXLITTyinHxAA3BHWqB8bW2gDNTCp4T4KvTjsSNlm17HG
dEbdxHwFm8EgLXo9OvRUqpSUdyMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQJTc48
7qxjdjj9k6ek1+LTD+85NTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQCN/+fpjcZ7VlWMXkiwm+6XtavtwXo98ijLycXSHpAh
RjDkAgy0mlbNy5d7BA9msBt4To4ZcfbbiaIgRIK4obf7Z6AUkcQsVBCZwLkOSRDz
XuOQYHSSA3sT/UHeW1vLe1hli2pOPCJL7IRLwzQlakIsTua4TXDlA6CIQQGVHx9z
cVQeWq4WO9eRnrbXbD7iySAz6HN80ouaJWC54seLXit2CFJWmBJPbpNMoUb3FCJd
Wr10ZWbd1BleLS8jHwnZ0PtCwUsyqB31Ri1+CaB6ljqRvNtbxzUwcVNbcbRtvlE9
/1PnXJaFQCIVEkb79Ko4+08k18VrDFIrNif6jSw0qQAj
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:01:19 2025 by rpki-client