Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: LDELXKtU8lNjajGlIrRu8zumX4YI/PHrSG+zsFEquE4=
Subject key identifier: 08:DF:C5:00:5E:20:9B:96:DB:87:DC:98:71:3C:53:C3:B8:F8:BD:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 06BFC37CE030FB786114E10CDA6ED871F022F40C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Mon 16 Jun 2025 21:50:44 +0000
ROA not before: Mon 16 Jun 2025 21:50:44 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:bf:c3:7c:e0:30:fb:78:61:14:e1:0c:da:6e:d8:71:f0:22:f4:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:44 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=07249007505a9c412391416fffb6aa390585cf04adaa09fec3be7a737bec3fa1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4b:72:3b:23:8a:e9:e3:b8:bb:44:ff:49:4f:
cc:2c:22:a6:15:b1:a0:a9:1e:46:8e:79:7d:ef:7e:
b6:9d:fb:3e:f8:e1:7b:ce:60:6a:d2:ba:1b:50:e2:
8b:6d:d8:87:b7:5a:06:03:8f:eb:d4:74:2b:fa:2b:
3d:f4:08:ef:04:e5:5f:14:76:50:3e:2c:b4:80:7b:
33:62:26:4a:61:31:a4:44:91:6f:f4:fa:41:15:94:
c6:8d:81:3f:ec:0c:c4:48:ed:f3:95:8b:19:a9:cc:
ed:33:2c:e2:8b:e7:e8:8b:99:d4:c4:fe:ac:ce:27:
42:c3:29:41:84:66:e2:9b:a1:14:ea:ae:5e:e1:79:
f1:59:3d:b2:4b:ec:cf:4a:c1:8f:35:f3:b7:f2:ab:
cf:ac:d7:bb:f7:40:53:03:56:8e:ed:8a:5a:ff:98:
af:c0:ea:5c:00:bd:a2:69:4d:e4:fd:3b:ff:f7:b5:
e8:6e:37:ef:8e:19:e5:eb:7c:6a:51:71:ed:53:44:
f2:49:9b:bb:42:85:68:d2:68:2f:d1:8f:3e:4f:e5:
8e:4e:b0:51:33:e9:53:a5:9b:ff:e8:0e:25:28:f0:
08:0f:3d:7d:33:28:73:6a:1e:2d:83:31:f5:72:c4:
85:4a:4c:64:bb:c2:60:44:15:ca:05:71:98:2a:d5:
5d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DF:C5:00:5E:20:9B:96:DB:87:DC:98:71:3C:53:C3:B8:F8:BD:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
47:17:36:a1:e1:48:f2:26:5c:f7:b2:3c:aa:a8:0f:67:5d:ff:
93:0d:53:97:f5:01:85:c3:42:7a:e6:51:83:ef:e1:4e:a4:8a:
35:40:96:11:63:ee:e3:6f:d3:c9:00:a4:b4:b6:b2:6b:8b:ab:
57:f6:50:ec:99:cc:57:ac:52:8f:c9:34:91:07:2b:e7:03:37:
0b:7b:fb:8f:e8:e9:61:70:54:62:fe:61:f4:87:ad:8b:31:80:
c5:57:24:de:39:09:cc:3c:4e:e7:07:e8:52:94:01:57:13:ca:
dc:3f:a1:21:d9:45:b8:c2:01:49:d3:08:5d:e3:77:ba:7f:72:
90:03:fc:b8:84:c8:f2:64:60:87:7a:d0:c8:18:30:fe:4a:83:
f4:10:63:53:ad:be:19:c9:21:61:e6:37:e2:f0:1c:49:4a:b9:
f4:71:67:a2:3c:b1:ea:81:98:97:ed:94:02:a4:6a:08:dc:92:
fe:e4:c7:3d:48:9c:04:db:f3:c6:e3:52:c9:d8:e4:8f:a7:ca:
c7:3c:da:10:92:cd:2d:64:7a:c7:10:49:02:0b:b8:d3:3e:f7:
13:fd:6e:a1:8e:d8:a2:d4:3d:44:23:5d:31:ad:a0:e6:03:ce:
ab:ec:ca:56:0c:70:49:e4:ad:0d:6d:50:31:cd:33:51:20:bf:
ab:95:c2:d5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBr/DfOAw+3hhFOEM2m7YcfAi9AwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwNDRaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3MjQ5MDA3NTA1YTljNDEyMzkxNDE2ZmZmYjZhYTM5MDU4NWNmMDRhZGFh
MDlmZWMzYmU3YTczN2JlYzNmYTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKFLcjsjiunjuLtE/0lPzCwiphWxoKkeRo55fe9+tp37Pvjhe85gatK6G1Di
i23Yh7daBgOP69R0K/orPfQI7wTlXxR2UD4stIB7M2ImSmExpESRb/T6QRWUxo2B
P+wMxEjt85WLGanM7TMs4ovn6IuZ1MT+rM4nQsMpQYRm4puhFOquXuF58Vk9skvs
z0rBjzXzt/Krz6zXu/dAUwNWju2KWv+Yr8DqXAC9omlN5P07//e16G43744Z5et8
alFx7VNE8kmbu0KFaNJoL9GPPk/ljk6wUTPpU6Wb/+gOJSjwCA89fTMoc2oeLYMx
9XLEhUpMZLvCYEQVygVxmCrVXVsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQI38UA
XiCbltuH3JhxPFPDuPi9ljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQBHFzah4UjyJlz3sjyqqA9nXf+TDVOX9QGFw0J65lGD
7+FOpIo1QJYRY+7jb9PJAKS0trJri6tX9lDsmcxXrFKPyTSRByvnAzcLe/uP6Olh
cFRi/mH0h62LMYDFVyTeOQnMPE7nB+hSlAFXE8rcP6Eh2UW4wgFJ0whd43e6f3KQ
A/y4hMjyZGCHetDIGDD+SoP0EGNTrb4ZySFh5jfi8BxJSrn0cWeiPLHqgZiX7ZQC
pGoI3JL+5Mc9SJwE2/PG41LJ2OSPp8rHPNoQks0tZHrHEEkCC7jTPvcT/W6hjtii
1D1EI10xraDmA86r7MpWDHBJ5K0NbVAxzTNRIL+rlcLV
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:17:54 2025 by rpki-client