Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: 4NDMqnwsQr04a03pz3u2RwbfoYFASpwJwjrSMlYR7IA=
Subject key identifier: 1C:AC:B6:38:1C:3E:DC:D0:31:B0:1D:BB:20:99:6E:A8:F0:7C:08:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 67719CC36F6F6A50955F98220116D31D80F0EFF7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Mon 16 Jun 2025 21:50:17 +0000
ROA not before: Mon 16 Jun 2025 21:50:17 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:71:9c:c3:6f:6f:6a:50:95:5f:98:22:01:16:d3:1d:80:f0:ef:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:17 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f3d94f2846eedbc1459c8cce09727e6e0c84360bd48830637bc75d8be3e0b17b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:52:e2:4c:ea:21:12:d9:93:b2:83:61:48:00:
87:4b:97:13:33:92:76:c6:d2:d4:94:fb:85:f0:bd:
65:31:c5:1c:80:aa:b6:ae:35:00:d9:5f:3d:ab:c3:
f6:cc:88:25:b9:cd:56:0b:d8:54:31:21:85:30:db:
2e:28:54:dd:9c:ea:12:61:d8:b1:5e:42:d3:e6:e6:
69:38:ae:2e:52:e2:9c:73:a2:10:ea:86:95:75:cc:
a2:ec:92:a0:1e:2e:8b:99:64:59:07:34:08:e4:cd:
d8:f1:d5:65:18:4f:ae:55:13:ef:54:45:0a:82:73:
44:20:91:1a:68:74:71:d4:e0:9a:f2:ce:a6:ac:2a:
ad:d8:57:37:02:ae:cb:de:e5:67:de:44:05:62:ba:
cd:74:7f:47:7f:61:ca:6f:84:be:61:aa:17:5b:b0:
f6:d6:76:18:8b:3b:8d:fc:a7:8b:d8:6e:a7:d7:9a:
b8:48:e1:af:22:aa:80:3b:02:63:7a:39:6a:0c:ba:
a4:d5:af:90:82:ad:89:be:38:d6:db:1e:ee:6f:ff:
74:21:25:59:a9:04:cd:c9:f8:64:98:37:83:33:60:
43:ba:d5:5a:1c:ab:78:d9:b4:5e:c7:7c:5b:af:83:
f9:62:36:d8:cd:25:55:1a:cb:9a:d5:8d:dd:71:6b:
aa:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AC:B6:38:1C:3E:DC:D0:31:B0:1D:BB:20:99:6E:A8:F0:7C:08:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:34:54:d7:6a:84:02:20:40:9e:8a:f9:bd:e3:07:52:82:69:
d1:3f:d5:13:11:9b:ff:b4:b9:d9:12:c1:e5:7b:ed:fe:c8:9b:
01:fd:12:b1:80:8d:8a:bd:b3:c0:d4:d5:58:83:0f:ee:e0:80:
90:5c:50:77:2f:31:a9:d5:de:60:60:cb:d3:22:42:8b:a9:14:
1a:79:9e:e0:bf:73:b7:75:44:4c:1c:72:4e:cc:e1:6b:d8:8f:
b7:34:fb:ad:bc:c4:fa:79:81:e3:a4:5b:f5:11:81:6e:45:c1:
6e:2e:cc:20:de:22:d4:19:5c:48:0c:79:b0:76:1f:95:91:53:
22:ab:fa:98:b9:23:65:1a:c7:e5:48:91:72:4f:4a:f9:01:bf:
f1:66:12:cf:84:fa:19:89:8d:54:0d:65:06:3f:c0:83:ec:62:
7b:82:b7:2b:43:48:f8:46:82:ba:75:d6:d1:1e:cc:13:df:3a:
28:a8:15:b3:6a:8b:c2:d5:49:10:73:df:f1:3c:f3:72:81:ec:
db:c7:fb:d8:b3:ea:09:0a:b4:5e:27:bd:ca:62:4b:a0:0c:dc:
9c:e1:7e:40:f3:b9:e0:12:65:12:42:e4:0e:a2:9e:ba:04:41:
90:e8:da:26:49:72:7b:94:a8:80:69:cf:4c:8a:cd:cf:ae:7e:
20:b1:f7:c2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ3Gcw29valCVX5giARbTHYDw7/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMTdaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzZDk0ZjI4NDZlZWRiYzE0NTljOGNjZTA5NzI3ZTZlMGM4NDM2MGJkNDg4
MzA2MzdiYzc1ZDhiZTNlMGIxN2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVS4kzqIRLZk7KDYUgAh0uXEzOSdsbS1JT7hfC9ZTHFHICqtq41ANlfPavD
9syIJbnNVgvYVDEhhTDbLihU3ZzqEmHYsV5C0+bmaTiuLlLinHOiEOqGlXXMouyS
oB4ui5lkWQc0COTN2PHVZRhPrlUT71RFCoJzRCCRGmh0cdTgmvLOpqwqrdhXNwKu
y97lZ95EBWK6zXR/R39hym+EvmGqF1uw9tZ2GIs7jfyni9hup9eauEjhryKqgDsC
Y3o5agy6pNWvkIKtib441tse7m//dCElWakEzcn4ZJg3gzNgQ7rVWhyreNm0Xsd8
W6+D+WI22M0lVRrLmtWN3XFrqqcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQcrLY4
HD7c0DGwHbsgmW6o8HwI8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAsDRU12qEAiBAnor5veMHUoJp0T/VExGb/7S52RLB
5Xvt/sibAf0SsYCNir2zwNTVWIMP7uCAkFxQdy8xqdXeYGDL0yJCi6kUGnme4L9z
t3VETBxyTszha9iPtzT7rbzE+nmB46Rb9RGBbkXBbi7MIN4i1BlcSAx5sHYflZFT
Iqv6mLkjZRrH5UiRck9K+QG/8WYSz4T6GYmNVA1lBj/Ag+xie4K3K0NI+EaCunXW
0R7ME986KKgVs2qLwtVJEHPf8TzzcoHs28f72LPqCQq0Xie9ymJLoAzcnOF+QPO5
4BJlEkLkDqKeugRBkOjaJklye5SogGnPTIrNz65+ILH3wg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:17:58 2025 by rpki-client