Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
File: 3558ad32-215e-47a4-9f5b-477ec71e940f.roa (raw, json)
Hash identifier: IqgETongNJSTPD9KUsBQiJbh++c0B167tHSTfOU8HA4=
Subject key identifier: 2B:4C:0F:0B:CA:4E:F7:03:7E:4D:CA:7E:81:32:BF:55:EA:17:0F:AC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0EB7A59C461AD92C4ECAEB22DE2D2818975990AB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
Signing time: Tue 05 Aug 2025 20:20:53 +0000
ROA not before: Tue 05 Aug 2025 20:20:53 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:b7:a5:9c:46:1a:d9:2c:4e:ca:eb:22:de:2d:28:18:97:59:90:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:53 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=bbd4ca1f9a65cefedd82b23254ed91727230b96736d58caab0b25b94882edd1a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:8e:2e:db:fd:b4:80:20:08:bd:8e:58:f6:94:
79:ab:77:57:48:be:40:87:c3:6b:74:af:53:6a:6d:
8e:d8:95:57:9b:01:0a:53:ba:10:99:f7:92:47:01:
31:4a:86:79:b5:b3:31:88:22:aa:d6:f5:30:3f:9a:
06:f2:9e:98:2a:22:ea:a3:f7:b4:24:4b:ce:aa:19:
1f:80:71:f7:3f:fd:29:07:f5:23:f2:89:6a:60:02:
74:86:e9:da:50:02:f7:b6:4e:80:b6:7c:27:8a:e7:
f3:d4:38:4a:2a:ca:64:f3:a1:41:4c:09:c2:2b:af:
67:0d:fc:64:e0:17:5a:b9:e8:5f:63:fa:9d:e3:85:
1a:78:22:50:c9:d2:db:f6:bb:a6:1b:40:79:7f:6e:
7b:9d:0b:1e:51:42:b8:ab:f6:35:d9:99:8b:8b:96:
01:61:f9:46:81:b3:ce:81:87:a9:09:3b:ed:ef:37:
df:02:d5:10:9d:af:86:83:fa:71:95:9d:f2:49:20:
cf:d0:c5:8b:70:6c:c1:d2:62:57:96:2d:aa:24:d4:
85:81:1a:30:72:c3:8b:52:9a:c3:7b:89:4e:81:61:
91:e2:bb:1b:f5:dc:88:3d:8d:06:13:f3:c1:9b:aa:
63:48:05:c5:8b:78:2c:ce:cd:26:24:29:f5:1b:69:
3b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4C:0F:0B:CA:4E:F7:03:7E:4D:CA:7E:81:32:BF:55:EA:17:0F:AC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:3::/48
Signature Algorithm: sha256WithRSAEncryption
0f:29:91:2d:e1:01:ce:f0:e6:c3:8d:e0:ed:5c:4b:f4:b3:52:
5e:a3:51:89:01:d5:97:3c:77:b3:81:22:e6:a5:a0:6e:e5:cb:
bb:0a:be:a0:5e:dd:6e:f2:13:84:96:c1:dd:a1:f2:73:98:8d:
42:e9:b6:d2:13:49:9e:2b:61:b9:a8:67:60:f5:59:2b:eb:aa:
75:c5:9b:a1:ac:b3:d4:b6:6d:d8:4c:d9:f1:1e:15:10:9b:3f:
55:a1:b0:51:f7:ca:dc:15:80:95:0f:64:63:7d:33:70:b4:a2:
5e:1c:05:8e:d0:34:ee:0a:26:40:b7:cd:b1:81:9d:da:e7:c0:
11:b6:0e:4e:a1:1a:cc:42:fd:23:a8:98:9b:74:c4:48:c7:fe:
b9:17:b8:9e:5b:27:d3:07:99:f7:44:c4:ca:1b:09:87:f3:4c:
3f:b1:db:0f:60:6e:c1:84:33:a4:74:5c:ac:34:ee:e9:5d:19:
91:34:b6:37:a0:87:78:e4:32:d1:45:ec:ef:be:78:9a:eb:1f:
9b:44:e0:5b:91:de:d6:73:fc:14:d9:4c:a6:a2:6a:2c:24:33:
3c:8f:4a:10:42:9c:d1:ed:eb:ac:c1:e8:c2:71:68:5d:b3:ef:
31:e6:d8:26:d7:ad:4b:c1:7a:1e:10:1e:54:29:cd:35:c2:b1:
08:3c:45:e1
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDrelnEYa2SxOyusi3i0oGJdZkKswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNTNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZDRjYTFmOWE2NWNlZmVkZDgyYjIzMjU0ZWQ5MTcyNzIzMGI5NjczNmQ1
OGNhYWIwYjI1Yjk0ODgyZWRkMWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOOLtv9tIAgCL2OWPaUeat3V0i+QIfDa3SvU2ptjtiVV5sBClO6EJn3kkcB
MUqGebWzMYgiqtb1MD+aBvKemCoi6qP3tCRLzqoZH4Bx9z/9KQf1I/KJamACdIbp
2lAC97ZOgLZ8J4rn89Q4SirKZPOhQUwJwiuvZw38ZOAXWrnoX2P6neOFGngiUMnS
2/a7phtAeX9ue50LHlFCuKv2NdmZi4uWAWH5RoGzzoGHqQk77e833wLVEJ2vhoP6
cZWd8kkgz9DFi3BswdJiV5YtqiTUhYEaMHLDi1Kaw3uJToFhkeK7G/XciD2NBhPz
wZuqY0gFxYt4LM7NJiQp9RtpOxcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQrTA8L
yk73A35Nyn6BMr9V6hcPrDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU1OGFkMzItMjE1ZS00N2E0LTlmNWItNDc3ZWM3MWU5NDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
AzANBgkqhkiG9w0BAQsFAAOCAQEADymRLeEBzvDmw43g7VxL9LNSXqNRiQHVlzx3
s4Ei5qWgbuXLuwq+oF7dbvIThJbB3aHyc5iNQum20hNJnithuahnYPVZK+uqdcWb
oayz1LZt2EzZ8R4VEJs/VaGwUffK3BWAlQ9kY30zcLSiXhwFjtA07gomQLfNsYGd
2ufAEbYOTqEazEL9I6iYm3TESMf+uRe4nlsn0weZ90TEyhsJh/NMP7HbD2BuwYQz
pHRcrDTu6V0ZkTS2N6CHeOQy0UXs7754musfm0TgW5He1nP8FNlMpqJqLCQzPI9K
EEKc0e3rrMHownFoXbPvMebYJtetS8F6HhAeVCnNNcKxCDxF4Q==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:16 2025 by rpki-client