Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: 8Cse/gxXEv6/6JOrF+EnU+uPteRlrIdY9yjRGRLeqeY=
Subject key identifier: 49:10:7F:7D:E3:A3:E5:8B:95:99:E3:2D:BF:30:2A:FC:73:9B:DA:16
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F6B4D576055BB675A62337173B16F721C50591D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Fri 08 Aug 2025 00:40:52 +0000
ROA not before: Fri 08 Aug 2025 00:40:52 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:6b:4d:57:60:55:bb:67:5a:62:33:71:73:b1:6f:72:1c:50:59:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:52 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=ff81fbf21584974db2c6defd03ca366ad32c350f0e066bda372e70e227cfd358, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7b:8b:41:a4:ee:2b:47:56:ed:94:66:80:72:
5f:60:9a:ae:0b:62:c9:28:cb:cb:3f:7e:38:ce:11:
31:8f:97:1b:f0:22:bd:95:5b:ed:3a:ff:96:be:3e:
b1:a9:6e:a5:74:91:18:6f:0f:4f:a8:49:1f:df:e2:
58:c0:a3:6c:68:1b:64:28:cb:33:f6:00:a2:b2:37:
d6:ac:47:2d:b6:c3:c1:af:f4:d8:c3:22:61:98:9c:
d3:6b:a5:9f:38:ec:a7:65:47:61:11:eb:a5:d5:5b:
b4:d2:c5:3e:fb:42:b6:a0:a4:cd:b4:2c:69:60:12:
72:83:d0:b2:28:c5:96:bf:22:f1:cc:eb:88:83:9f:
5a:91:a5:a1:3a:6a:96:1d:89:98:9b:1a:0b:50:36:
c1:31:ea:55:7b:7a:9c:b2:96:d1:9c:f1:33:b0:67:
8d:a5:40:79:b7:27:7d:8e:b0:49:ca:89:b1:7e:e1:
c0:22:b7:e8:e7:51:f5:b9:72:4f:9f:81:44:28:fc:
1b:69:a1:10:9f:14:e3:3e:50:60:1f:ab:24:3e:85:
e3:d0:02:1a:46:c4:55:33:8a:57:46:01:d5:82:4a:
7f:be:c9:b5:81:6e:8d:b6:bf:43:db:d0:83:40:3f:
37:66:05:91:0f:72:60:e6:1c:88:ae:89:a5:5c:66:
a2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:10:7F:7D:E3:A3:E5:8B:95:99:E3:2D:BF:30:2A:FC:73:9B:DA:16
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
6b:2d:29:b9:7b:aa:b8:41:0b:e1:18:47:73:1d:76:34:51:f0:
ca:d1:1a:24:1d:45:68:a6:e8:bc:52:d2:39:0a:3d:6b:b5:a1:
fb:a3:d9:34:d7:14:f3:ed:df:3b:c5:07:2f:d8:11:48:42:dc:
84:de:28:f3:ed:0b:31:9f:47:0f:e2:8f:1e:cb:6f:b4:c8:e7:
4e:bc:39:5d:f0:86:04:d1:e2:05:fa:97:6e:df:99:b5:49:f5:
40:fe:45:8b:d6:36:20:66:78:3e:d1:f2:98:b0:b8:51:65:08:
07:f6:0a:d4:fc:44:d0:e4:59:67:a2:bf:86:57:8e:f5:72:3b:
01:5c:bb:b5:82:39:52:3b:1a:70:62:17:70:63:69:82:1c:3a:
34:3e:bc:b6:a7:1d:5a:d9:94:ac:13:7d:18:24:04:ed:78:1e:
4d:64:dc:58:68:e8:ac:28:c5:87:9e:ec:0e:9a:eb:cd:2d:3e:
c0:2e:a8:18:95:2a:0f:ba:c7:c5:37:b0:68:26:ec:3d:92:62:
04:6f:4b:51:23:5f:b5:ef:cc:31:46:ee:4e:59:94:75:4c:aa:
77:de:ce:6f:ab:f1:3e:4b:d9:eb:5e:94:c8:4a:67:d8:d3:28:
40:f2:a5:83:c8:3c:25:6a:de:94:5b:26:55:fd:b3:ba:b9:cc:
45:67:ea:4f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUf2tNV2BVu2daYjNxc7FvchxQWR0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwNTJaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmODFmYmYyMTU4NDk3NGRiMmM2ZGVmZDAzY2EzNjZhZDMyYzM1MGYwZTA2
NmJkYTM3MmU3MGUyMjdjZmQzNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALR7i0Gk7itHVu2UZoByX2CargtiySjLyz9+OM4RMY+XG/AivZVb7Tr/lr4+
salupXSRGG8PT6hJH9/iWMCjbGgbZCjLM/YAorI31qxHLbbDwa/02MMiYZic02ul
nzjsp2VHYRHrpdVbtNLFPvtCtqCkzbQsaWAScoPQsijFlr8i8czriIOfWpGloTpq
lh2JmJsaC1A2wTHqVXt6nLKW0ZzxM7BnjaVAebcnfY6wScqJsX7hwCK36OdR9bly
T5+BRCj8G2mhEJ8U4z5QYB+rJD6F49ACGkbEVTOKV0YB1YJKf77JtYFujba/Q9vQ
g0A/N2YFkQ9yYOYciK6JpVxmoo0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRJEH99
46Pli5WZ4y2/MCr8c5vaFjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAay0puXuquEEL4RhHcx12NFHwytEaJB1FaKbovFLS
OQo9a7Wh+6PZNNcU8+3fO8UHL9gRSELchN4o8+0LMZ9HD+KPHstvtMjnTrw5XfCG
BNHiBfqXbt+ZtUn1QP5Fi9Y2IGZ4PtHymLC4UWUIB/YK1PxE0ORZZ6K/hleO9XI7
AVy7tYI5UjsacGIXcGNpghw6ND68tqcdWtmUrBN9GCQE7XgeTWTcWGjorCjFh57s
DprrzS0+wC6oGJUqD7rHxTewaCbsPZJiBG9LUSNfte/MMUbuTlmUdUyqd97Ob6vx
PkvZ616UyEpn2NMoQPKlg8g8JWrelFsmVf2zurnMRWfqTw==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:23 2025 by rpki-client