Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: /ktzduI15bAf7dwysR57rdeK8Bl/voL9xgsF35QHRLg=
Subject key identifier: 3D:54:F2:1A:A1:D3:9A:3C:C4:20:57:29:84:AA:1A:D0:9C:F0:AD:1D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4C0FFF39E43DF4F71E11505C17802D141B12C96A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Wed 25 Jun 2025 00:50:33 +0000
ROA not before: Wed 25 Jun 2025 00:50:33 +0000
ROA not after: Wed 30 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:0f:ff:39:e4:3d:f4:f7:1e:11:50:5c:17:80:2d:14:1b:12:c9:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 25 00:50:33 2025 GMT
Not After : Jul 30 23:59:59 2025 GMT
Subject: serialNumber=59b87e6757ab4fcbbe9cc839dd9898e5c6a35b4effcf6b3be40b814b1f80cd2d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0b:73:be:88:a8:ab:0e:19:b3:8a:80:bc:35:
ad:ff:1b:83:09:35:2f:dd:37:17:b6:25:ec:ed:7d:
3a:25:da:b0:a5:87:30:c2:e5:1b:74:b7:f6:67:31:
79:38:e1:a8:31:6c:83:4b:0d:f5:11:e5:01:e7:01:
02:74:ce:02:39:7c:77:46:28:8d:5e:ff:30:35:55:
99:9e:41:3f:a5:aa:62:34:ed:ac:ea:6d:36:07:de:
32:51:2a:84:7f:c3:e8:ef:a5:59:7d:38:84:9a:5f:
d8:a5:dd:a4:84:9d:15:c5:cb:59:e1:d3:ae:a6:01:
2d:cd:ea:6d:c8:4e:1d:e0:48:64:56:43:86:d3:2a:
97:a1:e3:38:c2:8f:cf:9e:cd:ee:e1:28:95:1e:14:
3e:da:bd:46:43:a2:f1:2d:01:81:4c:3c:8c:47:39:
b4:63:aa:ff:5b:5a:d8:01:66:50:86:95:26:f3:67:
f4:58:fd:a6:c0:4f:98:de:59:0c:ad:a6:ba:c3:40:
2f:a4:8c:5c:4a:b0:d3:a7:fa:bf:dc:3b:91:13:c8:
88:84:55:1e:c2:68:db:4e:6b:07:8c:ef:b4:b6:1c:
dd:cb:13:3c:f5:aa:8f:2c:cc:74:24:21:37:74:25:
c0:16:b1:6b:0b:f6:e7:3b:2e:20:07:78:28:b5:d3:
81:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:54:F2:1A:A1:D3:9A:3C:C4:20:57:29:84:AA:1A:D0:9C:F0:AD:1D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:f4:4e:2c:fc:08:cc:5d:5b:8b:7d:7c:b6:1d:88:95:75:f5:
e1:73:f3:57:0a:7a:3e:85:5a:7f:84:48:75:1b:db:05:32:8b:
37:d3:91:4d:c4:93:29:00:4e:52:71:61:99:ae:ae:18:a0:74:
08:af:31:fa:7f:f2:e8:28:34:21:40:7f:93:19:1b:da:0e:52:
60:56:17:bc:32:c9:62:28:03:54:45:3c:48:f5:e1:f1:10:96:
1e:8f:21:f1:ae:e2:ea:af:89:0e:06:33:e0:a9:12:c6:e8:3c:
3e:00:1b:b3:a4:b6:fa:a9:98:85:81:ee:a3:1d:3f:cd:3d:08:
ec:ef:9f:68:f7:11:cf:1b:33:8b:7e:26:56:83:c9:63:db:aa:
66:34:6a:e0:dc:19:d9:5e:0a:9e:00:7b:02:f6:29:13:81:7f:
ce:48:50:04:b4:a6:c7:be:63:7d:69:3e:5a:41:cd:87:58:64:
16:8e:a1:8b:27:40:d5:50:6b:e8:66:3a:cd:0a:66:4c:d4:1e:
cb:24:8a:6d:9e:00:00:e2:96:7a:ef:91:09:e2:02:89:a4:67:
67:5a:cc:d7:50:88:6b:0d:49:fb:97:b0:39:db:07:d1:00:68:
a0:60:8a:78:65:a7:62:32:55:93:26:b9:71:e8:f4:c6:4e:1c:
36:e7:b6:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTA//OeQ99PceEVBcF4AtFBsSyWowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MjUwMDUwMzNaFw0yNTA3MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5Yjg3ZTY3NTdhYjRmY2JiZTljYzgzOWRkOTg5OGU1YzZhMzViNGVmZmNm
NmIzYmU0MGI4MTRiMWY4MGNkMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJILc76IqKsOGbOKgLw1rf8bgwk1L903F7Yl7O19OiXasKWHMMLlG3S39mcx
eTjhqDFsg0sN9RHlAecBAnTOAjl8d0YojV7/MDVVmZ5BP6WqYjTtrOptNgfeMlEq
hH/D6O+lWX04hJpf2KXdpISdFcXLWeHTrqYBLc3qbchOHeBIZFZDhtMql6HjOMKP
z57N7uEolR4UPtq9RkOi8S0BgUw8jEc5tGOq/1ta2AFmUIaVJvNn9Fj9psBPmN5Z
DK2musNAL6SMXEqw06f6v9w7kRPIiIRVHsJo205rB4zvtLYc3csTPPWqjyzMdCQh
N3QlwBaxawv25zsuIAd4KLXTgVsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ9VPIa
odOaPMQgVymEqhrQnPCtHTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQAd9E4s/AjMXVuLfXy2HYiVdfXhc/NXCno+hVp/hEh1
G9sFMos305FNxJMpAE5ScWGZrq4YoHQIrzH6f/LoKDQhQH+TGRvaDlJgVhe8Msli
KANURTxI9eHxEJYejyHxruLqr4kOBjPgqRLG6Dw+ABuzpLb6qZiFge6jHT/NPQjs
759o9xHPGzOLfiZWg8lj26pmNGrg3BnZXgqeAHsC9ikTgX/OSFAEtKbHvmN9aT5a
Qc2HWGQWjqGLJ0DVUGvoZjrNCmZM1B7LJIptngAA4pZ675EJ4gKJpGdnWszXUIhr
DUn7l7A52wfRAGigYIp4ZadiMlWTJrlx6PTGThw257b/
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:58:44 2025 by rpki-client