Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: K8kFTDootMOuIG6CEk3KOE2x29CAqKRpfmFumIaOChU=
Subject key identifier: 0B:01:BA:A2:D0:F0:89:FA:CC:DF:C5:6A:7D:63:35:77:C8:44:76:70
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E608AC474C674798129B6FC9F1487F2590F521A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Mon 16 Jun 2025 21:50:10 +0000
ROA not before: Mon 16 Jun 2025 21:50:10 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:60:8a:c4:74:c6:74:79:81:29:b6:fc:9f:14:87:f2:59:0f:52:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:10 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0bb3432ed23f9b493b5058900aac204764a268c4a0e2eb445275ebc1f0725ce2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:88:e4:e0:c1:14:7c:0f:61:d6:9e:1b:7a:ea:
dc:c1:99:0b:61:4c:4f:a0:a1:08:dd:51:92:56:ba:
c6:f0:ee:d8:e8:79:08:4b:a0:f8:ab:91:a9:c4:03:
98:55:a6:f6:1f:09:ec:2f:ac:87:20:17:a0:85:7b:
7a:02:04:cd:1f:0a:f5:85:1e:cb:dc:4b:ea:a5:e7:
8a:e9:f5:5b:11:55:1d:2b:bf:4d:8d:43:ac:f7:5d:
75:d4:ff:b8:13:91:42:4f:36:4e:9e:fb:de:40:f1:
72:d8:83:f6:95:16:1e:cf:7e:6b:37:81:9a:16:15:
dd:55:5c:97:ea:01:9c:77:9b:ad:fc:aa:8d:14:21:
ce:2a:a1:05:3b:82:1f:21:0d:a5:3e:c7:2c:3b:a1:
81:98:67:86:36:81:11:04:8b:74:b1:99:fe:fd:74:
f5:60:2d:67:29:ac:34:36:53:f9:fe:08:c6:41:6c:
6e:0c:0b:16:cb:95:b4:c2:4d:5e:b5:d4:ff:8f:48:
d1:69:2a:91:c5:06:6b:68:69:16:b3:3f:da:ec:b4:
ef:ec:55:7e:8b:3f:b9:21:cc:97:4f:a8:fa:d4:20:
b6:ee:54:a8:67:46:94:ad:31:06:36:47:93:f0:80:
7c:78:af:79:c1:fb:f1:37:5c:7e:71:2a:9a:bf:e7:
18:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:01:BA:A2:D0:F0:89:FA:CC:DF:C5:6A:7D:63:35:77:C8:44:76:70
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:e7:ea:03:07:70:a6:d2:5e:e0:31:28:93:61:00:a8:86:e7:
82:c8:57:3f:95:3a:04:2f:c9:8f:ff:14:aa:aa:f4:5c:16:ff:
eb:ea:59:17:aa:de:39:db:f8:63:fc:0e:3b:8a:ce:14:7e:3b:
5c:23:36:10:aa:ce:69:08:bb:5f:f6:d2:0f:04:f2:a7:f6:a3:
62:09:a7:2b:9c:60:cc:c0:dd:1f:c2:00:84:a5:2f:44:82:cc:
59:7b:49:39:5d:00:e0:9e:9c:37:93:b0:3b:67:4c:8f:1b:d9:
23:7e:02:d6:3f:b3:18:67:5e:fd:43:de:5b:a6:9c:72:a2:4b:
1a:09:9f:10:56:60:b8:d1:f7:ae:8e:36:38:ea:2f:74:fe:59:
40:36:84:00:56:f9:45:27:1c:36:13:f3:2d:0e:5b:6e:3c:40:
3a:20:9d:65:d2:49:3a:4f:b7:40:14:2a:79:09:9e:04:3e:dc:
a5:fd:ac:8a:db:64:7c:eb:99:8b:37:02:7a:24:76:76:36:12:
90:d9:c9:62:66:d6:f7:7b:64:01:b6:45:27:c8:5e:a6:bd:b9:
90:46:93:9f:ed:2b:4e:b2:db:61:ca:6a:91:f5:f7:80:2c:34:
c5:82:86:cb:fe:38:de:00:78:3e:84:e8:6d:6b:0b:ac:3c:03:
a6:f1:4e:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDmCKxHTGdHmBKbb8nxSH8lkPUhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMTBaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBiYjM0MzJlZDIzZjliNDkzYjUwNTg5MDBhYWMyMDQ3NjRhMjY4YzRhMGUy
ZWI0NDUyNzVlYmMxZjA3MjVjZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOOI5ODBFHwPYdaeG3rq3MGZC2FMT6ChCN1Rkla6xvDu2Oh5CEug+KuRqcQD
mFWm9h8J7C+shyAXoIV7egIEzR8K9YUey9xL6qXniun1WxFVHSu/TY1DrPddddT/
uBORQk82Tp773kDxctiD9pUWHs9+azeBmhYV3VVcl+oBnHebrfyqjRQhziqhBTuC
HyENpT7HLDuhgZhnhjaBEQSLdLGZ/v109WAtZymsNDZT+f4IxkFsbgwLFsuVtMJN
XrXU/49I0WkqkcUGa2hpFrM/2uy07+xVfos/uSHMl0+o+tQgtu5UqGdGlK0xBjZH
k/CAfHivecH78TdcfnEqmr/nGL8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLAbqi
0PCJ+szfxWp9YzV3yER2cDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQAN5+oDB3Cm0l7gMSiTYQCohueCyFc/lToEL8mP/xSq
qvRcFv/r6lkXqt452/hj/A47is4UfjtcIzYQqs5pCLtf9tIPBPKn9qNiCacrnGDM
wN0fwgCEpS9EgsxZe0k5XQDgnpw3k7A7Z0yPG9kjfgLWP7MYZ179Q95bppxyoksa
CZ8QVmC40feujjY46i90/llANoQAVvlFJxw2E/MtDltuPEA6IJ1l0kk6T7dAFCp5
CZ4EPtyl/ayK22R865mLNwJ6JHZ2NhKQ2cliZtb3e2QBtkUnyF6mvbmQRpOf7StO
stthymqR9feALDTFgobL/jjeAHg+hOhtawusPAOm8U6i
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:58:45 2025 by rpki-client