Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: 3BYAPmO7ucYJc3pDF8VFSgKLeC6aCblSgfDcAlWU3n0=
Subject key identifier: 8A:39:5D:F0:DF:D4:30:F2:D6:8A:86:A5:43:54:18:27:7D:E5:CF:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62BE0D8467E097C10AD3C985BF6AC70CA6248B0C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Wed 25 Jun 2025 00:50:08 +0000
ROA not before: Wed 25 Jun 2025 00:50:08 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:be:0d:84:67:e0:97:c1:0a:d3:c9:85:bf:6a:c7:0c:a6:24:8b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:08 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=afc85d747b08aa6b866ad2a9192d3b6ee51331721945b03a1b3c2a525af6219a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:99:05:98:23:2f:5a:e5:2e:b0:82:fb:01:
86:07:07:04:85:fb:52:25:fd:85:39:f0:48:92:64:
17:d3:71:d9:47:d7:e8:83:c3:68:83:76:9f:1e:b2:
98:eb:4d:08:13:2b:b3:d7:19:ed:94:ad:80:10:b7:
6d:97:a6:04:0f:b2:48:1b:cd:33:c3:52:d7:f9:e2:
16:3b:79:2c:10:fb:8d:d5:98:1a:c3:5f:81:c1:9c:
21:4a:6d:7a:56:44:c6:21:65:06:58:9a:98:cd:bf:
df:f8:ed:cf:2a:d3:ea:bf:a6:91:94:9e:0f:53:1b:
57:1b:97:f7:29:65:2f:c0:46:61:17:17:fb:21:91:
a8:6c:92:1b:19:f7:49:4b:6d:2d:76:be:86:34:6c:
41:75:1c:34:91:ec:8b:3c:c4:ff:43:64:82:5b:eb:
66:45:c2:a4:96:0f:b7:14:5c:d4:56:53:7d:44:4c:
ef:bb:1a:1c:40:6a:f2:20:00:9c:4f:55:60:0c:9d:
a2:a8:34:13:a0:82:1a:6f:e0:de:1e:08:0f:df:ef:
44:41:e6:48:0d:3f:69:50:82:b1:32:79:ca:fc:43:
6d:ed:68:37:59:0c:2c:cd:17:25:1a:f2:8a:f0:25:
80:24:c2:64:6d:11:18:8f:fd:ca:1f:20:16:5e:a2:
22:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:39:5D:F0:DF:D4:30:F2:D6:8A:86:A5:43:54:18:27:7D:E5:CF:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:aa:fb:b8:3e:38:c7:37:90:3e:fc:ef:31:8e:37:eb:d5:03:
46:4c:e0:02:de:2b:18:97:f5:b8:f4:11:ea:0e:7b:e3:99:75:
a9:cd:d8:6d:07:64:93:29:6e:1f:b5:ab:34:ef:7f:b1:28:52:
d6:66:6c:c6:62:da:7c:8b:a4:5e:96:30:15:3e:75:1e:eb:fd:
3a:43:2c:d7:f5:e5:d6:58:cc:09:75:f5:c0:01:3e:8a:b3:69:
2e:f1:f1:9c:8b:98:3a:92:5a:fe:37:90:79:0c:96:f3:14:8e:
3a:de:a4:93:db:3a:20:33:6a:2a:10:a9:ed:a3:aa:a2:63:72:
15:40:a5:1c:9e:08:82:e9:bf:22:75:14:64:be:de:af:a4:9c:
2e:6d:c8:b6:83:65:3e:42:fe:9f:0c:5f:f5:b5:64:66:c9:d9:
06:df:f0:5e:e2:79:fe:1e:ce:cd:bf:63:65:84:0a:3d:7a:8c:
c4:bf:7c:96:91:1d:13:c2:26:d8:d0:ac:d1:be:b0:1d:48:0c:
3f:c1:0f:50:e4:7b:18:c2:7a:bb:50:d4:3f:dc:24:ed:c5:f0:
19:3d:af:13:b7:5c:af:f7:25:85:e9:f0:1c:74:f3:58:23:ad:
13:19:dc:22:0e:ba:90:f1:8b:dc:09:f2:29:73:e6:7b:88:36:
d4:8c:e4:7c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYr4NhGfgl8EK08mFv2rHDKYkiwwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMDhaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmYzg1ZDc0N2IwOGFhNmI4NjZhZDJhOTE5MmQzYjZlZTUxMzMxNzIxOTQ1
YjAzYTFiM2MyYTUyNWFmNjIxOWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMlHmQWYIy9a5S6wgvsBhgcHBIX7UiX9hTnwSJJkF9Nx2UfX6IPDaIN2nx6y
mOtNCBMrs9cZ7ZStgBC3bZemBA+ySBvNM8NS1/niFjt5LBD7jdWYGsNfgcGcIUpt
elZExiFlBliamM2/3/jtzyrT6r+mkZSeD1MbVxuX9yllL8BGYRcX+yGRqGySGxn3
SUttLXa+hjRsQXUcNJHsizzE/0NkglvrZkXCpJYPtxRc1FZTfURM77saHEBq8iAA
nE9VYAydoqg0E6CCGm/g3h4ID9/vREHmSA0/aVCCsTJ5yvxDbe1oN1kMLM0XJRry
ivAlgCTCZG0RGI/9yh8gFl6iIicCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSKOV3w
39Qw8taKhqVDVBgnfeXPgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQCwqvu4PjjHN5A+/O8xjjfr1QNGTOAC3isYl/W49BHq
DnvjmXWpzdhtB2STKW4ftas073+xKFLWZmzGYtp8i6ReljAVPnUe6/06QyzX9eXW
WMwJdfXAAT6Ks2ku8fGci5g6klr+N5B5DJbzFI463qST2zogM2oqEKnto6qiY3IV
QKUcngiC6b8idRRkvt6vpJwubci2g2U+Qv6fDF/1tWRmydkG3/Be4nn+Hs7Nv2Nl
hAo9eozEv3yWkR0TwibY0KzRvrAdSAw/wQ9Q5HsYwnq7UNQ/3CTtxfAZPa8Tt1yv
9yWF6fAcdPNYI60TGdwiDrqQ8YvcCfIpc+Z7iDbUjOR8
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:21:09 2025 by rpki-client