Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: H2S1jgE0QW1ZoeHO6SOze3w6UmJBvCy6KBrDrTGTa5k=
Subject key identifier: 00:67:D6:EC:F7:F0:A4:5C:8C:DD:9A:E1:CA:15:AF:C5:F6:E9:C9:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 612AD23461EAA0BAA6BBDD02DB8590F4DDB086C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Tue 05 Aug 2025 20:21:34 +0000
ROA not before: Tue 05 Aug 2025 20:21:34 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:2a:d2:34:61:ea:a0:ba:a6:bb:dd:02:db:85:90:f4:dd:b0:86:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:34 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5985076c5d0f7ebceba9ac571a41bbe35e9abedada70c52d0b888ebf40d0ba10, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f9:7a:df:e6:e1:b8:2b:5f:14:ef:e9:9b:6e:
09:a5:4d:9f:46:4e:68:c2:6c:4f:79:70:e9:3b:36:
86:97:0e:05:98:4f:46:c6:63:a1:a0:50:41:e1:f1:
6d:c6:92:55:04:13:99:a5:58:3d:0d:43:74:23:ed:
49:a8:23:54:36:9e:8c:e9:fd:2b:c6:eb:6e:5e:11:
0a:23:53:20:ee:2a:62:e0:46:e7:59:fd:b3:20:ec:
05:06:a1:35:09:b0:e2:9e:11:25:7b:3e:49:f3:90:
c9:4e:dd:e9:68:a0:9f:dd:03:80:b5:50:0f:37:12:
fa:88:1a:9f:35:83:68:1e:56:b0:85:e6:69:45:7a:
ce:66:92:53:80:88:10:1f:cb:7d:34:4a:de:f3:d7:
90:89:42:e3:78:89:7e:a4:aa:1f:da:5f:5e:9f:de:
16:af:67:b6:be:1b:2c:55:1c:c5:a9:fb:e9:44:da:
c1:a5:19:1d:29:b5:a7:c1:90:74:7c:b2:62:3a:2b:
be:d6:fe:32:f9:af:04:75:a7:98:d7:c4:fe:16:0c:
79:29:e9:7e:da:47:be:4d:d1:6d:52:61:a5:3c:4d:
2e:9c:df:0a:12:06:1f:01:d0:7b:3f:3f:46:35:82:
86:11:82:d5:44:56:a5:65:b4:e4:2d:37:40:11:10:
b3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:67:D6:EC:F7:F0:A4:5C:8C:DD:9A:E1:CA:15:AF:C5:F6:E9:C9:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
87:bd:63:df:cc:c6:2c:57:6b:5c:04:c0:a7:bc:96:ed:4e:b1:
00:45:73:9d:4e:4a:8f:a4:d8:e5:ff:48:70:71:48:7b:7f:0b:
5c:a0:a5:1d:bd:d2:b4:15:7e:a2:b9:d2:61:4d:0d:39:58:46:
78:c4:83:f8:12:48:35:a8:18:d6:79:48:49:ce:6f:2d:b9:54:
4b:78:82:7b:68:d5:d6:c4:e1:9e:a4:e9:f0:06:22:1f:6a:0f:
7f:4e:29:0d:22:61:d3:32:b4:86:ef:14:5f:cb:82:e4:9b:91:
d1:f5:ac:39:fb:0e:0b:79:7a:e1:12:0b:2b:db:1c:f1:fb:41:
86:dd:ba:82:ab:2c:7b:b4:7c:ec:21:71:e0:72:25:5f:9e:9b:
b8:23:c4:b4:31:4d:dc:ef:a4:70:ed:79:b1:c1:0f:61:28:e4:
12:ee:78:0e:71:cf:83:42:6b:82:b6:b9:de:74:c5:46:21:51:
9e:5f:70:ba:58:b2:66:7e:59:6e:15:ec:9c:75:89:cc:2f:bf:
36:0c:6a:13:6c:e8:d1:6c:b5:23:dd:c4:5f:3c:00:91:6d:d9:
fb:b0:0d:f1:3d:42:2b:cd:dc:28:c4:77:7d:10:4f:15:63:2a:
f0:35:05:36:c2:44:48:93:2f:2d:38:d8:20:e4:46:85:d6:32:
21:e6:94:8b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYSrSNGHqoLqmu90C24WQ9N2whsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ODUwNzZjNWQwZjdlYmNlYmE5YWM1NzFhNDFiYmUzNWU5YWJlZGFkYTcw
YzUyZDBiODg4ZWJmNDBkMGJhMTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJH5et/m4bgrXxTv6ZtuCaVNn0ZOaMJsT3lw6Ts2hpcOBZhPRsZjoaBQQeHx
bcaSVQQTmaVYPQ1DdCPtSagjVDaejOn9K8brbl4RCiNTIO4qYuBG51n9syDsBQah
NQmw4p4RJXs+SfOQyU7d6Wign90DgLVQDzcS+oganzWDaB5WsIXmaUV6zmaSU4CI
EB/LfTRK3vPXkIlC43iJfqSqH9pfXp/eFq9ntr4bLFUcxan76UTawaUZHSm1p8GQ
dHyyYjorvtb+MvmvBHWnmNfE/hYMeSnpftpHvk3RbVJhpTxNLpzfChIGHwHQez8/
RjWChhGC1URWpWW05C03QBEQsx8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAZ9bs
9/CkXIzdmuHKFa/F9unJRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAh71j38zGLFdrXATAp7yW7U6xAEVznU5Kj6TY5f9I
cHFIe38LXKClHb3StBV+ornSYU0NOVhGeMSD+BJINagY1nlISc5vLblUS3iCe2jV
1sThnqTp8AYiH2oPf04pDSJh0zK0hu8UX8uC5JuR0fWsOfsOC3l64RILK9sc8ftB
ht26gqsse7R87CFx4HIlX56buCPEtDFN3O+kcO15scEPYSjkEu54DnHPg0Jrgra5
3nTFRiFRnl9wuliyZn5ZbhXsnHWJzC+/NgxqE2zo0Wy1I93EXzwAkW3Z+7AN8T1C
K83cKMR3fRBPFWMq8DUFNsJESJMvLTjYIORGhdYyIeaUiw==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:20 2025 by rpki-client