Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: 7hIOpUsfOH0kqE2CctAUrlmM4k5mWUw9XI9yUWszpq4=
Subject key identifier: 5E:04:BE:91:56:19:9B:9C:F8:80:75:77:4A:75:B7:F2:72:7A:09:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CCA24E1C400CE34D1D780918725887FB826C3BC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Wed 25 Jun 2025 00:50:23 +0000
ROA not before: Wed 25 Jun 2025 00:50:23 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:ca:24:e1:c4:00:ce:34:d1:d7:80:91:87:25:88:7f:b8:26:c3:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:23 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=25a36552d8f4474f385b4918e655cea9d1a623a14d7650bf75fb7222bc82c116, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:3a:43:3b:7b:43:19:3d:e7:df:28:c0:b0:
c2:60:48:25:6b:ce:1b:65:49:2f:d4:4b:78:1b:5c:
dd:15:aa:54:91:e5:38:46:ce:d6:83:4f:c1:59:49:
0a:52:e6:3b:9c:23:85:71:e4:c1:6c:31:e6:d4:76:
77:36:e9:a3:0f:70:f6:5d:b2:4d:10:bc:f5:91:83:
b2:a2:c5:cd:b2:46:49:61:72:8e:6f:56:15:e2:38:
bb:16:dd:f1:7e:13:39:d6:4c:1f:03:76:a7:22:54:
70:af:cb:53:03:f6:52:54:ef:b1:19:f3:10:00:2e:
2c:9f:5d:04:7a:5e:c4:7d:f1:f2:bf:ab:e1:52:53:
68:b8:04:a1:1a:dc:4a:cd:fc:8c:5c:20:63:bd:6f:
e0:a2:8a:96:c8:f8:9b:da:7d:9d:e8:10:ea:1b:12:
7a:60:af:c0:18:5f:42:2d:a1:f0:64:3a:22:64:8c:
cd:67:19:53:17:13:6b:62:81:52:d6:b5:0e:68:6e:
38:6e:35:fa:3a:91:16:ca:61:ff:80:78:8c:c2:d6:
de:2a:72:cf:0a:ca:b2:1f:87:cf:a6:e1:16:55:5c:
b8:c8:8f:23:f3:93:97:10:9d:17:06:ca:6d:4d:78:
63:c4:c6:1f:0f:ad:0c:71:ea:29:c5:80:65:0a:79:
fc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:04:BE:91:56:19:9B:9C:F8:80:75:77:4A:75:B7:F2:72:7A:09:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
0d:67:43:5e:6d:da:a8:fb:22:39:0c:dd:9e:2d:b5:ef:8f:91:
98:1a:c0:56:ef:9c:7f:93:3b:d4:28:0f:14:ac:4d:a6:bd:96:
10:23:7c:e9:37:89:64:3f:9b:77:4f:ae:e0:93:b3:bd:44:e1:
b5:5d:82:93:6e:44:e3:4e:85:d0:66:6e:c4:cc:a5:9b:d2:f7:
67:52:87:59:ec:a1:ad:3d:86:c9:0d:01:33:16:28:0f:d8:14:
65:4d:7f:01:3f:53:69:0e:19:ef:06:95:c9:f3:97:b1:da:4b:
b6:82:f6:64:3a:72:ee:8f:cc:bb:16:96:ef:7c:ec:60:98:51:
e2:03:d8:6c:ca:86:52:f9:2c:85:5d:b3:f7:46:f0:ae:59:34:
df:e5:7f:e3:59:ca:8a:c2:e9:87:50:db:83:54:4b:0f:f4:04:
6b:c4:14:14:ba:28:17:58:a5:61:e9:78:3c:ee:e3:eb:b3:07:
7f:01:57:f4:f4:2e:bc:67:6c:ad:71:4c:66:dc:35:b9:91:75:
a9:9c:de:15:01:eb:86:25:10:2c:77:ff:68:bd:7b:7e:ac:95:
8d:9e:7b:43:25:bb:e0:26:32:eb:a5:4a:eb:fc:0d:f4:1e:cc:
5f:5e:21:52:a2:a6:3f:2b:b4:63:43:34:3e:1f:84:0f:9b:55:
66:1c:22:76
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHMok4cQAzjTR14CRhyWIf7gmw7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMjNaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI1YTM2NTUyZDhmNDQ3NGYzODViNDkxOGU2NTVjZWE5ZDFhNjIzYTE0ZDc2
NTBiZjc1ZmI3MjIyYmM4MmMxMTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMilOkM7e0MZPeffKMCwwmBIJWvOG2VJL9RLeBtc3RWqVJHlOEbO1oNPwVlJ
ClLmO5wjhXHkwWwx5tR2dzbpow9w9l2yTRC89ZGDsqLFzbJGSWFyjm9WFeI4uxbd
8X4TOdZMHwN2pyJUcK/LUwP2UlTvsRnzEAAuLJ9dBHpexH3x8r+r4VJTaLgEoRrc
Ss38jFwgY71v4KKKlsj4m9p9negQ6hsSemCvwBhfQi2h8GQ6ImSMzWcZUxcTa2KB
Uta1DmhuOG41+jqRFsph/4B4jMLW3ipyzwrKsh+Hz6bhFlVcuMiPI/OTlxCdFwbK
bU14Y8TGHw+tDHHqKcWAZQp5/HsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBReBL6R
VhmbnPiAdXdKdbfycnoJUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEADWdDXm3aqPsiOQzdni2174+RmBrAVu+cf5M7
1CgPFKxNpr2WECN86TeJZD+bd0+u4JOzvUThtV2Ck25E406F0GZuxMylm9L3Z1KH
WeyhrT2GyQ0BMxYoD9gUZU1/AT9TaQ4Z7waVyfOXsdpLtoL2ZDpy7o/MuxaW73zs
YJhR4gPYbMqGUvkshV2z90bwrlk03+V/41nKisLph1Dbg1RLD/QEa8QUFLooF1il
Yel4PO7j67MHfwFX9PQuvGdsrXFMZtw1uZF1qZzeFQHrhiUQLHf/aL17fqyVjZ57
QyW74CYy66VK6/wN9B7MX14hUqKmPyu0Y0M0Ph+ED5tVZhwidg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:08:19 2025 by rpki-client