Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: QNB2nwxRvomWg04EUs9SFatYlMTfeQnNhmQms9xqw6E=
Subject key identifier: 96:4A:D4:EF:4F:68:33:01:C7:20:B7:C6:7E:B9:9F:3B:17:1C:60:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5087D6C4B869F27667B805B07E6857DAD7ED2189
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Tue 05 Aug 2025 20:20:48 +0000
ROA not before: Tue 05 Aug 2025 20:20:48 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:87:d6:c4:b8:69:f2:76:67:b8:05:b0:7e:68:57:da:d7:ed:21:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:48 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9230e66f3051b213837b3186bf62152cea23180ef818bd86a7bc0ae5bcf3ed8e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:e7:fb:11:e2:c6:a0:6b:fc:c9:87:d8:b1:bf:
6e:1b:99:1d:41:e2:92:ba:5f:61:ae:64:b8:fe:2e:
59:88:a8:9d:f8:af:4b:56:4b:d5:d3:9a:70:3d:49:
33:fd:46:25:df:bc:4f:10:65:cf:30:f7:4f:50:35:
ab:67:d2:92:f2:0a:b8:81:1f:46:26:05:6a:75:bc:
82:1d:a2:53:d1:85:5c:0e:ca:6c:51:30:bb:a6:fa:
22:07:17:23:23:a8:4c:59:41:1b:45:24:9c:52:c4:
8c:88:e9:f6:a7:c7:84:2a:e1:65:75:5c:93:2c:d9:
f1:f9:2f:f8:f8:80:7f:21:cb:4f:bd:36:9f:1e:d7:
51:30:4a:c4:a7:04:5c:c1:88:23:85:d2:57:1b:47:
ae:de:27:c9:23:25:f9:af:dc:e9:5c:59:1f:48:10:
45:b9:f3:e3:50:fe:08:03:8d:c1:c2:fb:a7:08:ce:
06:eb:a4:a9:84:7b:8f:68:db:d4:76:6f:78:8b:2a:
cd:a9:a0:86:4c:bc:3e:aa:c7:73:7e:22:5e:50:1d:
a4:dc:9a:9a:be:de:2a:81:53:1b:9f:f2:56:57:2e:
65:30:9b:43:3a:05:ce:cc:a5:48:6a:4c:7d:33:2d:
b9:20:7d:a2:3d:85:be:26:1b:c1:c1:35:21:1d:21:
c1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4A:D4:EF:4F:68:33:01:C7:20:B7:C6:7E:B9:9F:3B:17:1C:60:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5a:dd:93:cb:8a:d2:eb:f9:71:08:96:48:f6:ff:ff:c0:de:2c:
1d:69:a9:42:3d:14:dd:cf:15:ea:d2:d9:51:e2:f0:9f:df:63:
52:ac:54:db:3b:69:0b:40:32:87:28:18:ed:6b:12:ae:9e:bf:
eb:31:5d:7f:bc:14:66:a8:ef:72:9f:08:d1:66:e4:5b:ec:db:
e2:8d:a0:54:ef:e7:84:63:3f:16:c4:46:87:4a:b3:6e:e1:60:
d4:2a:b4:8b:a0:24:a0:8d:5f:93:9b:d9:04:ec:c4:0f:5c:c1:
86:10:fb:4d:2d:a3:06:66:9d:93:09:9b:7b:ea:3a:a3:1c:ff:
35:34:d4:23:94:f7:db:37:93:07:6e:87:5b:6d:27:6b:e8:71:
7c:47:83:aa:9f:62:16:8a:61:f8:14:07:fc:5a:a7:a7:74:35:
43:2a:23:a5:fb:32:8d:fd:50:b5:4b:23:d0:d0:d9:f0:64:25:
b2:63:10:38:25:90:c2:31:c5:21:a8:87:cf:ce:b8:de:10:83:
6e:04:18:aa:71:62:28:98:8f:99:6f:79:bb:d6:0e:92:9f:7c:
a3:a4:7a:02:af:91:5e:c3:b1:f8:e3:39:f8:41:a9:0c:e4:c1:
34:9a:c5:82:4b:d2:5f:7d:73:e8:e5:3b:43:a8:2f:de:4b:88:
84:f8:57:5e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUIfWxLhp8nZnuAWwfmhX2tftIYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNDhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDkyMzBlNjZmMzA1MWIyMTM4MzdiMzE4NmJmNjIxNTJjZWEyMzE4MGVmODE4
YmQ4NmE3YmMwYWU1YmNmM2VkOGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7n+xHixqBr/MmH2LG/bhuZHUHikrpfYa5kuP4uWYionfivS1ZL1dOacD1J
M/1GJd+8TxBlzzD3T1A1q2fSkvIKuIEfRiYFanW8gh2iU9GFXA7KbFEwu6b6IgcX
IyOoTFlBG0UknFLEjIjp9qfHhCrhZXVckyzZ8fkv+PiAfyHLT702nx7XUTBKxKcE
XMGII4XSVxtHrt4nySMl+a/c6VxZH0gQRbnz41D+CAONwcL7pwjOBuukqYR7j2jb
1HZveIsqzamghky8PqrHc34iXlAdpNyamr7eKoFTG5/yVlcuZTCbQzoFzsylSGpM
fTMtuSB9oj2FviYbwcE1IR0hwSECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSWStTv
T2gzAccgt8Z+uZ87FxxgCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQBa3ZPLitLr+XEIlkj2///A3iwdaalCPRTdzxXq0tlR
4vCf32NSrFTbO2kLQDKHKBjtaxKunr/rMV1/vBRmqO9ynwjRZuRb7NvijaBU7+eE
Yz8WxEaHSrNu4WDUKrSLoCSgjV+Tm9kE7MQPXMGGEPtNLaMGZp2TCZt76jqjHP81
NNQjlPfbN5MHbodbbSdr6HF8R4Oqn2IWimH4FAf8WqendDVDKiOl+zKN/VC1SyPQ
0NnwZCWyYxA4JZDCMcUhqIfPzrjeEINuBBiqcWIomI+Zb3m71g6Sn3yjpHoCr5Fe
w7H44zn4QakM5ME0msWCS9JffXPo5TtDqC/eS4iE+Fde
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:43:58 2025 by rpki-client