Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: zVcpg+4j/FGc9cSNo3F+WkSP9mg7FQ1YpQ6pGeHuZmY=
Subject key identifier: B7:7E:F5:58:AB:3F:B4:3E:D1:E4:29:11:7B:E2:7F:DC:2A:41:15:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C336691EF075BE8F2453FE198F94B358F65CAA9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Mon 16 Jun 2025 21:50:19 +0000
ROA not before: Mon 16 Jun 2025 21:50:19 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:33:66:91:ef:07:5b:e8:f2:45:3f:e1:98:f9:4b:35:8f:65:ca:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:19 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=1ad123c7e248f79390afd3a66740ddc66400ac105ee31e8a886d840becdf85a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:96:8b:89:46:05:ca:40:21:37:d1:0e:10:de:
0f:e9:f5:9b:ea:d3:18:4a:c1:7d:cc:68:e0:3c:56:
2e:ed:6c:19:f5:f6:56:8e:4e:ed:da:23:11:ff:24:
c6:6c:05:fe:fd:6b:6e:19:bf:ac:41:c1:e0:59:3c:
4c:5b:a2:16:7e:5c:9f:95:b2:4d:c1:ba:08:74:0c:
8e:c3:50:96:ca:a6:b3:12:99:59:5c:1e:e7:66:cb:
47:cf:8d:26:f2:0d:8c:62:6f:a5:b7:bd:b8:d7:50:
ab:0b:1a:79:3a:68:ee:b8:e9:4e:3c:a2:27:37:44:
e6:d2:b1:a9:db:c9:18:35:00:32:95:58:f5:13:0c:
b1:44:98:3d:72:ee:24:40:d6:6e:82:90:ed:ed:7a:
55:f1:2f:47:ca:a9:73:a0:60:db:cb:28:93:ce:43:
89:db:0e:8f:7d:17:af:96:b7:6b:0a:0d:f0:2f:b6:
25:a1:d6:57:d2:d3:eb:cd:ff:03:3a:df:28:7b:93:
e2:30:d7:b4:61:9b:30:bb:11:b5:48:df:c6:d7:6c:
43:a8:54:b4:95:28:c3:09:a8:8e:61:a3:88:5b:78:
55:82:3d:30:b4:88:62:7f:f9:14:ce:96:ee:af:30:
a4:90:fa:0f:2d:ee:7e:e0:52:d9:f0:36:43:f7:51:
25:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7E:F5:58:AB:3F:B4:3E:D1:E4:29:11:7B:E2:7F:DC:2A:41:15:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
52:dd:03:b1:c2:6f:b6:00:2c:32:2c:e2:82:64:30:cd:92:a4:
19:11:ac:3e:71:84:78:4d:7d:94:7a:0a:86:4f:7d:55:d8:40:
df:bb:2d:da:18:d5:8b:65:76:24:a8:47:4f:9f:80:86:dd:1d:
3e:63:77:35:f9:dc:ea:05:cc:24:1f:71:fe:9e:cb:fd:c1:a4:
f9:e3:3a:25:9a:55:bf:25:9a:da:9a:0d:08:e2:03:6f:01:f5:
db:05:2e:06:b2:8e:89:4e:21:7c:0f:1a:fe:d0:b4:26:0a:64:
9f:2b:4d:d2:b1:b6:c3:58:83:e0:96:13:16:f3:2b:d3:0d:2b:
6b:43:1a:bf:a0:f3:af:cf:f2:23:97:f0:47:bc:84:a0:52:9b:
d1:66:d3:01:8a:64:ee:3b:c3:f8:4d:9e:d7:aa:04:6d:ce:ac:
af:d7:47:12:55:e2:56:cf:5a:03:ca:04:1e:32:a5:0e:a2:f3:
9c:49:17:e8:89:eb:13:d9:e5:47:73:97:95:5c:f1:67:25:85:
a9:8d:c1:79:37:cb:20:5f:ae:2b:94:5a:75:ac:cd:f0:18:ae:
1f:a4:59:cc:14:ae:c3:d1:f9:1c:31:e1:c2:fd:3b:bc:b7:86:
82:42:67:14:6a:59:27:c1:8d:3a:fd:07:4f:9b:d2:c3:91:2d:
aa:ca:61:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXDNmke8HW+jyRT/hmPlLNY9lyqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMTlaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZDEyM2M3ZTI0OGY3OTM5MGFmZDNhNjY3NDBkZGM2NjQwMGFjMTA1ZWUz
MWU4YTg4NmQ4NDBiZWNkZjg1YTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOuWi4lGBcpAITfRDhDeD+n1m+rTGErBfcxo4DxWLu1sGfX2Vo5O7dojEf8k
xmwF/v1rbhm/rEHB4Fk8TFuiFn5cn5WyTcG6CHQMjsNQlsqmsxKZWVwe52bLR8+N
JvINjGJvpbe9uNdQqwsaeTpo7rjpTjyiJzdE5tKxqdvJGDUAMpVY9RMMsUSYPXLu
JEDWboKQ7e16VfEvR8qpc6Bg28sok85DidsOj30Xr5a3awoN8C+2JaHWV9LT683/
AzrfKHuT4jDXtGGbMLsRtUjfxtdsQ6hUtJUowwmojmGjiFt4VYI9MLSIYn/5FM6W
7q8wpJD6Dy3ufuBS2fA2Q/dRJQUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS3fvVY
qz+0PtHkKRF74n/cKkEV1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAUt0DscJvtgAsMizigmQwzZKkGRGsPnGEeE19lHoK
hk99VdhA37st2hjVi2V2JKhHT5+Aht0dPmN3Nfnc6gXMJB9x/p7L/cGk+eM6JZpV
vyWa2poNCOIDbwH12wUuBrKOiU4hfA8a/tC0JgpknytN0rG2w1iD4JYTFvMr0w0r
a0Mav6Dzr8/yI5fwR7yEoFKb0WbTAYpk7jvD+E2e16oEbc6sr9dHElXiVs9aA8oE
HjKlDqLznEkX6InrE9nlR3OXlVzxZyWFqY3BeTfLIF+uK5RadazN8BiuH6RZzBSu
w9H5HDHhwv07vLeGgkJnFGpZJ8GNOv0HT5vSw5Etqsphaw==
-----END CERTIFICATE-----
Generated at Mon Jun 30 22:55:51 2025 by rpki-client