Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: snm6vt8UqDqJrJcPdH8OzWPj9J//pibY0oWayva8M/k=
Subject key identifier: A6:04:25:73:9E:03:F4:B5:6F:80:0B:CD:38:79:2F:37:1A:10:24:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6587CDFCFAF5C835F2E08D5831A70BE0C5CDEF6A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Fri 15 Aug 2025 15:50:35 +0000
ROA not before: Fri 15 Aug 2025 15:50:35 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:87:cd:fc:fa:f5:c8:35:f2:e0:8d:58:31:a7:0b:e0:c5:cd:ef:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:35 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=340ac1bdf473cd046fcddd80d203935e627b4fcd7d630ed00b3043d8204fd080, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3c:04:a2:0a:71:fd:a9:4e:5c:4b:18:ba:19:
e1:81:93:50:1e:a6:75:cf:37:3c:74:b3:92:19:8a:
6c:b7:9e:38:e5:ab:94:e9:2b:ae:c7:7f:05:af:37:
a2:56:09:dc:e5:f7:b3:e7:bd:ee:2a:47:94:f9:44:
2d:46:4b:bf:30:5b:0f:b5:b1:9b:89:12:40:be:28:
3d:d5:2f:26:32:b2:28:fc:01:86:3b:b4:07:8e:b0:
59:45:34:cb:35:6e:23:03:61:5f:e9:e3:c3:47:5d:
5f:1a:12:20:2e:63:fa:fb:bd:13:2c:8d:af:2b:67:
32:dd:fa:57:b2:41:0b:8f:cc:55:2e:d4:04:ae:a9:
c6:c6:ee:92:f8:66:4a:76:df:7e:b1:e3:35:e2:c4:
91:8d:b5:fe:a8:d6:03:dd:46:dc:93:f3:d0:07:04:
b9:8c:25:6c:84:88:aa:6c:62:4d:5d:65:8b:9d:87:
b1:70:09:42:f8:c8:cb:92:2c:b5:f0:82:80:83:4f:
f3:07:ca:4c:43:26:c5:12:9e:fb:05:d9:22:6b:43:
47:3b:b7:c7:0f:d1:3d:d1:af:03:ff:c2:c7:7d:ce:
7f:86:06:f1:35:ac:12:50:13:c8:8b:95:e8:c1:3a:
39:bc:b9:d4:90:2d:d6:34:f3:42:a5:3e:08:8f:a5:
f8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:04:25:73:9E:03:F4:B5:6F:80:0B:CD:38:79:2F:37:1A:10:24:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:51:32:ab:7d:35:46:d7:e1:47:e8:bd:5a:91:39:b1:c1:c9:
6d:6a:81:7b:21:0d:5f:20:2c:a4:e2:55:d3:a3:f1:6e:06:01:
4c:1b:38:97:61:69:f3:fa:97:ab:df:0d:d4:ca:36:de:35:29:
9c:45:03:4b:58:9f:1c:a9:58:33:01:18:ba:8d:bb:05:da:3e:
2a:2e:fc:fe:95:cc:7e:ce:93:6a:31:fd:3a:0f:9a:bc:4f:0c:
f1:2c:87:35:fc:4f:bc:59:e2:a2:d4:4b:63:84:0a:c6:7d:aa:
5e:82:1c:9b:42:cc:f4:95:51:96:1e:50:c1:ae:31:98:96:bf:
9d:ba:27:ba:5f:2a:20:2b:a1:16:3c:d6:fd:ee:6b:84:ea:9f:
95:95:17:04:b1:1e:6b:5d:03:81:d6:71:8d:2e:36:1d:fd:ca:
c7:74:7d:aa:8b:c8:0e:34:da:b8:02:9d:0e:57:8d:21:a6:8b:
05:4a:23:9a:c5:68:c2:50:c4:81:13:92:97:b1:fc:9f:d0:16:
9c:4f:a4:45:57:68:ed:5e:95:b0:98:fb:97:27:87:d2:eb:d0:
8d:ae:9e:15:5a:c0:77:0b:47:92:d2:32:63:68:92:94:6d:4f:
31:c6:30:c2:8b:c9:a5:82:d0:6e:4e:60:12:0c:60:1d:11:e7:
a6:05:0c:98
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZYfN/Pr1yDXy4I1YMacL4MXN72owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMzVaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0MGFjMWJkZjQ3M2NkMDQ2ZmNkZGQ4MGQyMDM5MzVlNjI3YjRmY2Q3ZDYz
MGVkMDBiMzA0M2Q4MjA0ZmQwODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALQ8BKIKcf2pTlxLGLoZ4YGTUB6mdc83PHSzkhmKbLeeOOWrlOkrrsd/Ba83
olYJ3OX3s+e97ipHlPlELUZLvzBbD7Wxm4kSQL4oPdUvJjKyKPwBhju0B46wWUU0
yzVuIwNhX+njw0ddXxoSIC5j+vu9EyyNrytnMt36V7JBC4/MVS7UBK6pxsbukvhm
SnbffrHjNeLEkY21/qjWA91G3JPz0AcEuYwlbISIqmxiTV1li52HsXAJQvjIy5Is
tfCCgINP8wfKTEMmxRKe+wXZImtDRzu3xw/RPdGvA//Cx33Of4YG8TWsElATyIuV
6ME6Oby51JAt1jTzQqU+CI+l+HMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSmBCVz
ngP0tW+AC804eS83GhAkODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAxUTKrfTVG1+FH6L1akTmxwcltaoF7IQ1fICyk4lXT
o/FuBgFMGziXYWnz+per3w3UyjbeNSmcRQNLWJ8cqVgzARi6jbsF2j4qLvz+lcx+
zpNqMf06D5q8TwzxLIc1/E+8WeKi1EtjhArGfapeghybQsz0lVGWHlDBrjGYlr+d
uie6XyogK6EWPNb97muE6p+VlRcEsR5rXQOB1nGNLjYd/crHdH2qi8gONNq4Ap0O
V40hposFSiOaxWjCUMSBE5KXsfyf0BacT6RFV2jtXpWwmPuXJ4fS69CNrp4VWsB3
C0eS0jJjaJKUbU8xxjDCi8mlgtBuTmASDGAdEeemBQyY
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:05 2025 by rpki-client