Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: 3AW01D2+KO5S+bEeIwo8RHoCioriv9SlySRqn7D2krk=
Subject key identifier: 70:49:47:C8:85:7A:B5:6F:87:0F:3C:58:FB:4C:B6:28:92:A0:B2:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23E0C2402BFC64DB6D7160B633FDADD53FF4BE13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Mon 16 Jun 2025 21:50:22 +0000
ROA not before: Mon 16 Jun 2025 21:50:22 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e0:c2:40:2b:fc:64:db:6d:71:60:b6:33:fd:ad:d5:3f:f4:be:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:22 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=0922d4a2f6afc9418d411642ace80299570f31b78d09892f22111f97ff59ed46, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fb:a8:f2:b9:65:3f:1b:2f:1c:2f:db:40:ec:
4c:86:55:17:b9:46:8e:58:63:c9:89:fa:31:36:00:
ef:63:6e:0f:8c:51:54:92:a3:4d:bf:07:ad:7d:98:
be:c9:26:ee:e4:6b:f9:fd:29:cc:bb:b3:5a:2f:02:
a7:25:99:4c:4e:43:65:d3:7f:09:7e:4c:e6:39:ad:
cf:31:c5:87:b6:c1:5e:ff:31:d0:9a:00:e5:ca:8b:
d5:9d:a5:a2:67:30:fe:cb:c3:45:30:38:36:f6:76:
50:8d:e5:e4:ab:5f:84:21:19:a8:28:f8:ea:82:32:
af:ab:62:33:93:ae:0a:1f:97:e6:fa:7e:68:4e:8e:
3b:0c:28:e3:8a:7c:af:d8:bc:70:ac:cd:ba:01:ed:
57:cc:f1:b9:99:4a:a9:e9:c3:65:e8:66:5b:3e:0d:
99:8c:82:23:42:b8:17:c1:23:10:20:3e:37:5c:81:
3e:94:de:82:f5:47:91:e4:b8:54:11:5c:f9:22:8d:
b7:44:6f:94:3c:b5:b7:ab:1c:80:91:57:1a:1b:03:
5a:03:9d:29:b1:7b:82:42:8a:0a:a0:f9:43:f8:b8:
b4:76:f1:d8:fe:fb:57:8d:80:96:26:5e:8c:d0:6f:
63:ec:82:12:7c:1f:03:18:12:2a:b1:9f:a8:78:aa:
a2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:49:47:C8:85:7A:B5:6F:87:0F:3C:58:FB:4C:B6:28:92:A0:B2:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:49:f7:91:8c:c5:3f:bf:ec:d3:5b:14:50:ee:96:5b:74:f1:
6a:b2:6e:53:d5:db:bd:57:9b:af:3b:37:c8:c4:dc:24:e8:f0:
d2:74:19:46:61:ea:53:85:95:08:98:cf:6d:b1:7c:ae:4f:87:
ab:c8:42:27:73:b3:ad:91:5f:25:03:2c:db:b6:92:a7:8f:ad:
cc:2b:fb:66:9b:cd:c4:3e:58:10:2d:06:66:55:74:db:50:69:
8c:a9:79:2a:d9:16:93:71:8d:96:78:20:18:18:80:95:80:a4:
15:d1:13:11:1a:4d:7b:0a:1f:be:de:ff:06:f1:b9:28:03:c9:
c8:f5:3f:dc:18:5b:a3:f7:71:7e:3b:88:11:a0:7d:20:68:2f:
ce:10:6e:27:33:bb:ca:25:72:07:09:ed:50:a0:fa:bd:0f:70:
41:87:50:97:3c:ef:b3:54:fb:01:04:68:02:1c:c1:ad:c7:b3:
fa:4d:d3:06:a2:9c:88:39:46:58:8a:b1:c0:35:08:1c:d1:9f:
6d:dc:52:92:60:fb:b7:07:66:a3:e7:2d:b0:1d:27:4f:e2:8f:
2d:d1:70:6d:cf:16:4b:cb:30:b9:6e:9c:8e:1b:b2:fe:a9:e3:
66:1e:99:09:e8:07:0e:e6:c3:f0:54:6a:dd:67:d0:61:a3:90:
37:1d:59:3a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI+DCQCv8ZNttcWC2M/2t1T/0vhMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMjJaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5MjJkNGEyZjZhZmM5NDE4ZDQxMTY0MmFjZTgwMjk5NTcwZjMxYjc4ZDA5
ODkyZjIyMTExZjk3ZmY1OWVkNDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr7qPK5ZT8bLxwv20DsTIZVF7lGjlhjyYn6MTYA72NuD4xRVJKjTb8HrX2Y
vskm7uRr+f0pzLuzWi8CpyWZTE5DZdN/CX5M5jmtzzHFh7bBXv8x0JoA5cqL1Z2l
omcw/svDRTA4NvZ2UI3l5KtfhCEZqCj46oIyr6tiM5OuCh+X5vp+aE6OOwwo44p8
r9i8cKzNugHtV8zxuZlKqenDZehmWz4NmYyCI0K4F8EjECA+N1yBPpTegvVHkeS4
VBFc+SKNt0RvlDy1t6scgJFXGhsDWgOdKbF7gkKKCqD5Q/i4tHbx2P77V42AliZe
jNBvY+yCEnwfAxgSKrGfqHiqorECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwSUfI
hXq1b4cPPFj7TLYokqCy1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQDDSfeRjMU/v+zTWxRQ7pZbdPFqsm5T1du9V5uvOzfI
xNwk6PDSdBlGYepThZUImM9tsXyuT4eryEInc7OtkV8lAyzbtpKnj63MK/tmm83E
PlgQLQZmVXTbUGmMqXkq2RaTcY2WeCAYGICVgKQV0RMRGk17Ch++3v8G8bkoA8nI
9T/cGFuj93F+O4gRoH0gaC/OEG4nM7vKJXIHCe1QoPq9D3BBh1CXPO+zVPsBBGgC
HMGtx7P6TdMGopyIOUZYirHANQgc0Z9t3FKSYPu3B2aj5y2wHSdP4o8t0XBtzxZL
yzC5bpyOG7L+qeNmHpkJ6AcO5sPwVGrdZ9Bho5A3HVk6
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:03:13 2025 by rpki-client