Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: fAkBLwDL0t+6Pt2brm9Or8s0XZ4ZAg1dMl7RgMoxXe8=
Subject key identifier: A4:90:2E:86:C4:D5:3B:C5:7B:09:25:85:E7:9B:19:0E:EE:34:EF:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44361BA763665DD9993547D30624E9E83249659C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Mon 16 Jun 2025 22:00:49 +0000
ROA not before: Mon 16 Jun 2025 22:00:49 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:36:1b:a7:63:66:5d:d9:99:35:47:d3:06:24:e9:e8:32:49:65:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 22:00:49 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=f3fca3ba32779d3bed5fb157212d14b1f8353fce4bb2f20d518eb63e40de57cc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d7:01:e4:18:41:60:f5:7d:43:d3:18:c4:f0:
14:4d:48:49:9b:ca:24:91:fc:ce:78:fe:b1:b8:23:
10:99:12:45:db:c4:ea:a7:b4:8d:5e:8c:b4:96:71:
f5:66:50:87:1f:ac:1e:33:03:08:dc:df:05:89:17:
ba:46:cb:7e:4d:92:ef:21:c9:ca:12:5b:72:58:36:
93:37:73:04:69:2d:17:c0:95:55:09:ce:42:bc:53:
3b:f9:2a:e0:72:5c:41:de:7f:3b:11:fe:b2:04:76:
82:27:cd:1d:85:ad:6b:50:96:25:7b:ea:96:0a:16:
f6:6b:6f:11:00:5c:cc:a6:e9:5b:a8:01:f8:9b:1d:
d0:00:f9:88:9e:f7:2c:fd:85:00:33:db:03:b0:ba:
f2:cc:48:7e:96:35:a1:e1:07:cd:82:c1:3a:ef:00:
1f:b9:53:f9:08:86:34:fe:5e:c2:a7:ba:d3:aa:d4:
58:3b:6c:87:22:ff:38:67:9e:f4:8e:6b:bc:e7:06:
22:a5:38:60:a0:ee:3d:f7:52:5f:fb:96:4d:e5:a4:
4d:2b:a6:dc:5c:69:46:e5:8e:9d:c3:cb:6d:95:aa:
6f:7c:01:39:0d:eb:e1:03:9d:62:76:2f:3f:f2:de:
b0:ef:36:31:43:89:62:5a:32:54:78:23:77:4e:2b:
78:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:90:2E:86:C4:D5:3B:C5:7B:09:25:85:E7:9B:19:0E:EE:34:EF:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:37:b2:60:11:bd:6b:1a:cf:fe:19:03:ef:c2:ca:aa:db:18:
f8:48:58:1e:77:6b:f4:79:bd:df:6f:fe:26:bc:1e:bc:25:8f:
b9:5f:89:35:ab:10:04:9e:a6:5f:c7:d2:bf:bb:8d:2e:0b:eb:
63:ed:56:6a:08:fa:e0:14:c2:47:9b:2c:80:40:68:9b:ba:cc:
a4:4f:d3:89:98:aa:a1:06:60:45:f3:9c:9d:64:f4:a4:4c:65:
52:4d:65:3a:62:40:a0:a0:ac:e3:e2:95:77:73:0d:7a:41:30:
a5:a8:7e:2a:69:79:6b:6b:93:cb:14:ec:da:12:21:fb:78:32:
cc:01:11:cf:2a:c5:2e:27:aa:73:28:65:f3:df:ec:fd:d3:42:
ef:a6:f6:48:7f:2f:54:57:bf:c6:81:70:47:c8:79:97:15:4f:
9a:10:72:6a:2b:38:17:85:0e:f1:6a:46:bd:a7:ad:4f:05:7a:
42:f8:d4:26:e8:18:69:1e:04:00:1f:9a:9f:8b:f4:7b:d8:26:
2c:47:32:c8:18:c4:6e:2d:a9:7b:59:c4:b4:6e:1a:05:cd:9d:
07:40:74:0b:1e:5c:9c:f5:f8:cd:7e:f3:46:88:65:f1:c4:f5:
e3:46:5b:99:01:14:1d:cb:e9:da:4e:4a:60:48:80:a5:e9:1d:
1f:0f:2c:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURDYbp2NmXdmZNUfTBiTp6DJJZZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMjAwNDlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzZmNhM2JhMzI3NzlkM2JlZDVmYjE1NzIxMmQxNGIxZjgzNTNmY2U0YmIy
ZjIwZDUxOGViNjNlNDBkZTU3Y2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTXAeQYQWD1fUPTGMTwFE1ISZvKJJH8znj+sbgjEJkSRdvE6qe0jV6MtJZx
9WZQhx+sHjMDCNzfBYkXukbLfk2S7yHJyhJbclg2kzdzBGktF8CVVQnOQrxTO/kq
4HJcQd5/OxH+sgR2gifNHYWta1CWJXvqlgoW9mtvEQBczKbpW6gB+Jsd0AD5iJ73
LP2FADPbA7C68sxIfpY1oeEHzYLBOu8AH7lT+QiGNP5ewqe606rUWDtshyL/OGee
9I5rvOcGIqU4YKDuPfdSX/uWTeWkTSum3FxpRuWOncPLbZWqb3wBOQ3r4QOdYnYv
P/LesO82MUOJYloyVHgjd04reG0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSkkC6G
xNU7xXsJJYXnmxkO7jTvbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQBzN7JgEb1rGs/+GQPvwsqq2xj4SFged2v0eb3fb/4m
vB68JY+5X4k1qxAEnqZfx9K/u40uC+tj7VZqCPrgFMJHmyyAQGibusykT9OJmKqh
BmBF85ydZPSkTGVSTWU6YkCgoKzj4pV3cw16QTClqH4qaXlra5PLFOzaEiH7eDLM
ARHPKsUuJ6pzKGXz3+z900LvpvZIfy9UV7/GgXBHyHmXFU+aEHJqKzgXhQ7xaka9
p61PBXpC+NQm6BhpHgQAH5qfi/R72CYsRzLIGMRuLal7WcS0bhoFzZ0HQHQLHlyc
9fjNfvNGiGXxxPXjRluZARQdy+naTkpgSICl6R0fDyzO
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:37:49 2025 by rpki-client