Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: K2X2JQzdW/KYV8b3XMKOYE08lLD2NdcZr9pht0lnZ/8=
Subject key identifier: 29:8D:EA:A6:D1:02:B4:B2:9A:2D:57:29:8D:A5:7D:8F:D0:1C:44:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32A6E670391A0802D6F48A7CEF1E1459F0D73FB3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Fri 15 Aug 2025 15:50:57 +0000
ROA not before: Fri 15 Aug 2025 15:50:57 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:a6:e6:70:39:1a:08:02:d6:f4:8a:7c:ef:1e:14:59:f0:d7:3f:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:57 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=fb7304f1d51a1460c0efa03da64236bedbd737ad0865cfcc9288d0d39d18e7e2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:74:5a:28:69:cd:61:f0:96:a4:04:3f:bb:e8:
c3:34:a7:48:ae:72:6d:1f:75:b7:20:17:84:2c:57:
ff:90:8b:bf:ce:aa:74:48:75:7f:10:3d:d7:1e:55:
5e:60:56:5c:ea:f5:89:e7:67:0a:e6:16:22:93:06:
92:1b:5b:c3:74:65:2a:cd:5d:57:39:43:66:82:25:
82:ea:b2:9e:4f:cf:76:d4:91:da:b6:39:91:2f:47:
49:f4:17:bb:a8:33:d1:d7:d9:28:96:21:c9:21:92:
0e:3e:bf:1f:d5:85:1a:50:67:ce:9a:42:6a:a1:86:
ca:60:e5:36:6e:9c:58:80:d1:b7:57:34:fe:8f:08:
52:3f:66:91:f6:bd:5c:04:e2:64:d5:77:10:b5:3b:
e1:bd:a9:ab:da:e7:77:f4:d2:97:93:21:ae:dd:16:
4e:43:c5:ad:29:dc:7b:b4:2b:8c:95:59:5c:f5:1c:
0a:af:c5:70:51:0c:f3:65:b6:aa:08:0e:ef:f4:ec:
1d:69:d6:bd:d2:8d:47:e1:e0:9a:e1:fd:e4:f2:a9:
76:d9:45:36:1c:69:84:15:e1:b8:14:17:14:46:a7:
68:a0:cf:4a:eb:98:c2:a3:c8:6b:fb:14:d7:0a:f4:
bb:0d:4a:da:3c:9e:e3:81:f1:26:1b:e3:51:54:5e:
fd:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:8D:EA:A6:D1:02:B4:B2:9A:2D:57:29:8D:A5:7D:8F:D0:1C:44:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
5a:bc:38:f1:95:1c:b3:e1:f9:9a:b0:ff:d8:09:7d:63:9e:8a:
a1:95:f0:a8:28:a1:78:38:ae:1b:60:65:38:1c:c5:eb:06:93:
aa:66:58:8e:be:5b:91:30:12:ab:25:00:e3:bc:77:c4:b4:4e:
81:1b:81:c5:77:bc:65:eb:ad:86:d9:71:6e:1a:01:e2:e2:9b:
a4:9c:e5:1e:c6:03:2d:06:84:2c:15:06:3d:42:69:75:d9:de:
d7:94:71:36:4c:ce:6e:c9:78:ce:7c:c2:bf:a7:1b:37:3f:1b:
33:34:bf:2d:66:bb:f9:9e:85:ea:32:14:a8:95:0a:f9:75:d5:
2c:81:32:2c:ba:3c:91:e8:d6:aa:3d:81:dd:61:a5:da:03:da:
91:ae:3d:b8:e2:2b:dd:f4:22:2d:0a:ad:73:11:38:e1:a7:0a:
52:c1:c9:92:05:8c:71:27:db:2b:97:9e:b2:ff:12:42:4a:90:
ea:77:c3:31:77:9e:18:d5:ce:4c:2e:a1:26:34:67:90:1e:08:
f2:32:b9:65:91:b6:e2:5f:88:0c:27:1c:35:68:3c:c1:0d:c5:
1d:47:32:9e:89:a3:fe:a2:32:e4:af:51:16:ff:0c:b1:2e:25:
8c:3c:31:05:f1:d1:71:5e:13:db:45:c0:08:ab:f3:67:11:61:
c0:4f:e0:85
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMqbmcDkaCALW9Ip87x4UWfDXP7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNTdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNzMwNGYxZDUxYTE0NjBjMGVmYTAzZGE2NDIzNmJlZGJkNzM3YWQwODY1
Y2ZjYzkyODhkMGQzOWQxOGU3ZTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMV0WihpzWHwlqQEP7vowzSnSK5ybR91tyAXhCxX/5CLv86qdEh1fxA91x5V
XmBWXOr1iednCuYWIpMGkhtbw3RlKs1dVzlDZoIlguqynk/PdtSR2rY5kS9HSfQX
u6gz0dfZKJYhySGSDj6/H9WFGlBnzppCaqGGymDlNm6cWIDRt1c0/o8IUj9mkfa9
XATiZNV3ELU74b2pq9rnd/TSl5Mhrt0WTkPFrSnce7QrjJVZXPUcCq/FcFEM82W2
qggO7/TsHWnWvdKNR+HgmuH95PKpdtlFNhxphBXhuBQXFEanaKDPSuuYwqPIa/sU
1wr0uw1K2jye44HxJhvjUVRe/WkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQpjeqm
0QK0spotVymNpX2P0BxEUjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQBavDjxlRyz4fmasP/YCX1jnoqhlfCoKKF4OK4bYGU4
HMXrBpOqZliOvluRMBKrJQDjvHfEtE6BG4HFd7xl662G2XFuGgHi4puknOUexgMt
BoQsFQY9Qml12d7XlHE2TM5uyXjOfMK/pxs3PxszNL8tZrv5noXqMhSolQr5ddUs
gTIsujyR6NaqPYHdYaXaA9qRrj244ivd9CItCq1zETjhpwpSwcmSBYxxJ9srl56y
/xJCSpDqd8Mxd54Y1c5MLqEmNGeQHgjyMrllkbbiX4gMJxw1aDzBDcUdRzKeiaP+
ojLkr1EW/wyxLiWMPDEF8dFxXhPbRcAIq/NnEWHAT+CF
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:58 2025 by rpki-client