Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: AnwCYFOOdPUpf5MVtOzdNc8NuA84ooOyBRjQ4FZxDnI=
Subject key identifier: 64:44:CA:CD:9D:99:47:8D:BC:0C:79:37:16:85:54:9C:79:42:63:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 52D77338E28D00740E167E3D211DFA82DDE55CA0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Mon 16 Jun 2025 21:50:13 +0000
ROA not before: Mon 16 Jun 2025 21:50:13 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d7:73:38:e2:8d:00:74:0e:16:7e:3d:21:1d:fa:82:dd:e5:5c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:13 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=2b9990541ac82f1986e6810811c26dfe737026e3caac4cfa348f3c8052cd23fb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4e:18:e1:94:1a:5f:53:7b:cc:f7:0e:15:bb:
67:de:c1:97:fa:2c:17:02:07:81:5e:8a:ac:54:c4:
3a:d7:5a:be:cb:31:dd:e3:5d:bb:d9:38:b3:32:5a:
20:70:5d:4e:82:8b:e2:d1:9d:ca:8a:00:4e:30:ea:
04:ac:8f:e3:fc:a9:b3:a6:14:a9:f9:0a:7b:22:43:
af:a1:ed:c8:b8:da:86:5d:da:04:18:1f:6f:5c:2e:
18:6c:6a:a5:58:96:2b:f4:3d:ef:82:17:65:03:23:
d8:ce:0f:f4:f1:bb:51:a6:49:32:a2:3c:0d:a3:84:
3d:27:29:21:d3:f0:df:a7:9a:88:41:02:59:37:92:
60:d3:2f:a8:45:10:e8:60:01:c0:fe:b0:ad:5e:46:
5d:df:23:b4:08:64:68:b3:43:0c:1b:ba:06:7b:a9:
29:49:fc:e2:ff:01:c7:a3:31:b3:8d:e2:7f:0a:db:
3a:ad:26:6f:4d:c9:ce:b9:90:96:f1:a8:ed:83:a3:
61:82:97:f9:d6:70:21:6d:25:78:33:02:61:64:dd:
58:69:2f:96:c9:a3:be:3f:05:2c:30:58:48:0d:e8:
39:22:00:64:d3:d3:15:87:49:ca:8f:86:f0:f7:6a:
d0:9f:1a:a8:a2:b1:45:1d:e1:78:5c:aa:35:4a:ef:
18:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:44:CA:CD:9D:99:47:8D:BC:0C:79:37:16:85:54:9C:79:42:63:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
87:33:b7:f3:4c:b8:55:a5:c8:02:af:c4:11:6b:33:11:99:42:
51:83:00:b9:c5:b6:9b:cf:62:fe:10:23:1d:7b:3c:6c:d7:d0:
fa:1a:0c:54:37:24:89:9e:2b:3f:51:03:8b:69:44:4e:26:ed:
6c:c4:b9:5c:2b:78:69:b5:07:f4:17:fc:59:7a:13:7f:30:c0:
2d:8d:07:83:21:9c:39:df:6a:35:c7:6e:ed:65:5d:9b:65:3d:
94:1d:f8:99:88:f9:35:13:68:f0:74:a6:ba:77:3a:15:e4:c0:
66:cd:a5:ec:a7:e2:bc:b7:60:e1:64:bf:32:17:9b:de:8c:33:
10:12:2c:94:c6:fb:aa:75:c6:6b:9d:a2:2e:c5:01:91:50:4b:
e6:6f:53:c7:98:1f:6c:ee:c2:f5:3b:cc:e1:26:93:76:d9:41:
6c:e9:c8:9b:e4:99:39:1e:12:d9:8e:80:7f:e8:6d:05:28:16:
3a:9d:1f:d9:ff:44:bb:04:36:d8:ef:1e:b0:59:fc:8b:57:50:
03:de:40:61:b9:42:5d:c9:c0:b8:84:c1:c3:f9:2a:76:91:8c:
0e:3c:1d:2c:60:6a:fd:9c:c9:38:77:e1:13:77:8b:5d:f2:09:
d0:69:19:c6:83:64:4e:01:27:34:07:1d:57:70:ee:63:8d:20:
99:9e:e8:ab
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUtdzOOKNAHQOFn49IR36gt3lXKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMTNaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiOTk5MDU0MWFjODJmMTk4NmU2ODEwODExYzI2ZGZlNzM3MDI2ZTNjYWFj
NGNmYTM0OGYzYzgwNTJjZDIzZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5OGOGUGl9Te8z3DhW7Z97Bl/osFwIHgV6KrFTEOtdavssx3eNdu9k4szJa
IHBdToKL4tGdyooATjDqBKyP4/yps6YUqfkKeyJDr6HtyLjahl3aBBgfb1wuGGxq
pViWK/Q974IXZQMj2M4P9PG7UaZJMqI8DaOEPScpIdPw36eaiEECWTeSYNMvqEUQ
6GABwP6wrV5GXd8jtAhkaLNDDBu6BnupKUn84v8Bx6Mxs43ifwrbOq0mb03JzrmQ
lvGo7YOjYYKX+dZwIW0leDMCYWTdWGkvlsmjvj8FLDBYSA3oOSIAZNPTFYdJyo+G
8Pdq0J8aqKKxRR3heFyqNUrvGF8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRkRMrN
nZlHjbwMeTcWhVSceUJjejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhzO380y4VaXIAq/EEWszEZlCUYMAucW2m89i/hAj
HXs8bNfQ+hoMVDckiZ4rP1EDi2lETibtbMS5XCt4abUH9Bf8WXoTfzDALY0HgyGc
Od9qNcdu7WVdm2U9lB34mYj5NRNo8HSmunc6FeTAZs2l7KfivLdg4WS/Mheb3owz
EBIslMb7qnXGa52iLsUBkVBL5m9Tx5gfbO7C9TvM4SaTdtlBbOnIm+SZOR4S2Y6A
f+htBSgWOp0f2f9EuwQ22O8esFn8i1dQA95AYblCXcnAuITBw/kqdpGMDjwdLGBq
/ZzJOHfhE3eLXfIJ0GkZxoNkTgEnNAcdV3DuY40gmZ7oqw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:08:56 2025 by rpki-client