Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: dJt1LHfxNal2H0ubmjY2nNLvKv5yqP1TuLD5ulUEiLQ=
Subject key identifier: C9:DF:FB:87:4A:06:9C:09:05:5B:4D:BB:04:D8:DD:93:80:86:2E:7B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31323BD567B9A28A745FD690060B0F67FEF15240
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Mon 16 Jun 2025 21:50:07 +0000
ROA not before: Mon 16 Jun 2025 21:50:07 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:32:3b:d5:67:b9:a2:8a:74:5f:d6:90:06:0b:0f:67:fe:f1:52:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:07 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=e567d23007b96330f86d3fd088ebe15fe40d5c7d8476629aafc45a019cb29d08, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:04:c2:99:72:d6:83:24:cc:23:28:d5:f8:a4:
20:f8:00:51:c5:ff:e3:9d:92:67:56:d7:f5:8c:3d:
0e:9c:e9:c4:88:07:b3:c4:f7:57:52:1c:b4:bf:b0:
41:f7:79:b1:b6:e6:d6:16:34:ed:bc:04:1c:e3:ae:
90:37:2d:02:41:cd:55:30:5c:6a:b6:cd:e8:6d:39:
69:8e:d3:5c:20:51:3c:5d:72:da:76:1c:5a:e0:22:
cd:02:cc:03:df:d0:c8:6b:69:0b:c9:5d:cc:f6:e1:
66:65:4e:17:17:5e:3b:b4:d6:cb:25:3a:85:ca:0c:
71:4c:49:62:d1:31:0b:9e:62:26:3e:4a:cc:6c:a3:
45:fa:e3:6e:99:83:56:f4:6b:ba:80:d2:37:aa:6e:
8e:24:9c:7a:e0:e1:f2:c3:74:93:d4:46:10:60:5b:
2e:a6:06:8b:95:d0:8f:6f:2f:1a:58:cf:55:4d:af:
d8:5c:91:33:05:c6:48:b6:51:b7:cc:ab:5d:dc:e5:
2a:67:ad:fd:41:82:b2:9a:77:10:80:dc:52:31:ca:
ba:43:7f:6a:78:f8:28:02:6b:3f:35:fd:26:83:40:
70:8a:9d:a7:e8:3d:89:30:4e:83:12:a0:be:9f:46:
5e:2d:0c:2b:4d:c8:29:a1:f3:2e:89:45:8d:64:5a:
73:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:DF:FB:87:4A:06:9C:09:05:5B:4D:BB:04:D8:DD:93:80:86:2E:7B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:9e:a6:bb:21:06:0d:4f:d6:5a:b9:0f:fe:c8:b2:4e:50:e4:
40:98:5f:00:60:2b:f0:66:f9:bf:fa:16:df:7b:11:b6:c4:3a:
13:21:63:85:19:8f:4b:5b:53:1e:95:13:37:ad:bd:b3:97:92:
90:0e:00:b3:f7:fc:19:d7:5d:64:a4:bd:78:e1:38:33:58:e9:
0f:9e:da:4d:e9:26:68:2f:09:2c:ed:62:20:5c:14:90:74:40:
60:b6:a2:82:ec:33:b4:72:ea:64:da:28:9e:94:e8:cd:bd:0e:
98:65:9d:46:eb:3f:8f:d9:e0:58:db:53:16:df:2b:96:ed:c8:
0f:01:5e:50:a4:cb:78:a7:65:2f:54:a4:37:e5:69:c1:77:58:
54:c7:6d:0f:b8:2d:ba:0e:97:93:b7:d9:cd:0f:44:3c:2f:c5:
19:d2:4f:1a:23:10:50:a2:75:32:c0:8b:61:70:2a:be:c9:6d:
d2:93:b9:59:e8:54:2a:4e:b2:c5:42:a5:c0:de:17:32:c6:9a:
31:9a:0f:77:bb:cf:ce:99:2a:f8:7f:fb:cd:9e:22:b1:eb:62:
f7:08:08:66:63:74:6b:d2:12:ac:a6:ec:bf:d0:63:80:5c:dd:
54:d4:34:e0:84:e0:d2:a3:25:e9:2b:a2:0e:28:0c:fc:9f:60:
d9:f9:78:99
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMTI71We5oop0X9aQBgsPZ/7xUkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMDdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1NjdkMjMwMDdiOTYzMzBmODZkM2ZkMDg4ZWJlMTVmZTQwZDVjN2Q4NDc2
NjI5YWFmYzQ1YTAxOWNiMjlkMDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL0Ewply1oMkzCMo1fikIPgAUcX/452SZ1bX9Yw9DpzpxIgHs8T3V1IctL+w
Qfd5sbbm1hY07bwEHOOukDctAkHNVTBcarbN6G05aY7TXCBRPF1y2nYcWuAizQLM
A9/QyGtpC8ldzPbhZmVOFxdeO7TWyyU6hcoMcUxJYtExC55iJj5KzGyjRfrjbpmD
VvRruoDSN6pujiSceuDh8sN0k9RGEGBbLqYGi5XQj28vGljPVU2v2FyRMwXGSLZR
t8yrXdzlKmet/UGCspp3EIDcUjHKukN/anj4KAJrPzX9JoNAcIqdp+g9iTBOgxKg
vp9GXi0MK03IKaHzLolFjWRac1cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTJ3/uH
SgacCQVbTbsE2N2TgIYuezAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQAUnqa7IQYNT9ZauQ/+yLJOUORAmF8AYCvwZvm/+hbf
exG2xDoTIWOFGY9LW1MelRM3rb2zl5KQDgCz9/wZ111kpL144TgzWOkPntpN6SZo
Lwks7WIgXBSQdEBgtqKC7DO0cupk2iielOjNvQ6YZZ1G6z+P2eBY21MW3yuW7cgP
AV5QpMt4p2UvVKQ35WnBd1hUx20PuC26DpeTt9nND0Q8L8UZ0k8aIxBQonUywIth
cCq+yW3Sk7lZ6FQqTrLFQqXA3hcyxpoxmg93u8/OmSr4f/vNniKx62L3CAhmY3Rr
0hKspuy/0GOAXN1U1DTghODSoyXpK6IOKAz8n2DZ+XiZ
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:54:29 2025 by rpki-client