Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: FLdiEYj5Al3vZIM5qtAcvvXvVt0svn8yWW4NtDW+cPA=
Subject key identifier: 3D:9E:E1:77:B3:EE:E9:39:DB:B0:2C:5E:69:84:26:70:E0:9F:F1:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2CC869664DCDB83CB43157F3A1C47BE3ADD9240D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Tue 05 Aug 2025 20:21:19 +0000
ROA not before: Tue 05 Aug 2025 20:21:19 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:c8:69:66:4d:cd:b8:3c:b4:31:57:f3:a1:c4:7b:e3:ad:d9:24:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:19 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=ce0051cc187347374ccc2105e3c2e3636b55b28807e048eb00f2ed897892c990, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:24:3c:db:cd:7f:09:0d:fe:fd:67:ca:30:39:
e1:eb:c1:7c:a3:5f:7e:cc:7b:c8:56:d8:be:1e:0d:
70:e6:c7:d6:bc:20:02:10:ec:71:30:9f:52:c8:ea:
72:9e:d0:e0:d5:b4:7a:eb:e7:2a:1a:ab:6d:76:42:
98:d9:07:d3:fd:83:c7:45:11:e0:c5:e3:2e:53:99:
09:7e:a7:e0:40:16:f8:66:fe:49:8a:2a:67:c1:3d:
0f:bb:26:24:6b:53:66:fa:4f:ae:63:89:3a:aa:ae:
83:3f:2d:db:64:83:8b:df:8c:0c:c4:e4:c1:6e:49:
56:eb:9f:22:41:58:ae:dd:66:42:80:b2:35:a6:7a:
5c:aa:dc:80:c7:ad:ec:e6:12:38:73:f4:53:f3:82:
d0:02:f9:0c:e1:ad:18:b3:a6:07:af:82:b8:b9:31:
57:71:c5:f3:47:80:a6:14:e5:b7:45:5b:bd:00:38:
81:cc:2b:03:36:0f:6b:0c:c2:5d:97:28:0e:29:e6:
8f:c9:87:84:0f:cf:6f:5b:2f:53:ec:d7:e0:40:b9:
54:a5:f9:4e:f1:bd:fa:7f:97:07:76:f3:65:7e:ee:
96:c9:ea:6a:a0:d5:17:5d:bc:29:f3:41:eb:dc:8b:
47:90:39:39:98:fe:ff:e6:a4:9e:9e:29:b9:ad:2b:
7f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:9E:E1:77:B3:EE:E9:39:DB:B0:2C:5E:69:84:26:70:E0:9F:F1:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0a:ae:d3:4c:02:9f:3b:f1:01:5c:5d:04:cb:31:71:1f:16:c5:
1c:0f:9e:00:eb:84:35:85:a5:01:76:1f:6d:bd:f3:51:de:7d:
15:42:ae:6d:01:cc:d9:0d:69:39:9e:0c:d1:c3:68:2c:d0:a6:
e1:83:35:2b:8c:be:a3:eb:94:c8:67:ff:fc:a8:d9:16:4b:96:
12:ba:e9:7d:e8:c6:95:f2:bf:da:94:65:58:2f:5b:e6:65:64:
63:61:6d:4e:d5:5c:98:64:13:af:20:ea:a9:f2:28:c8:66:e6:
d0:75:ae:c0:e3:56:21:43:48:29:84:3a:bf:ba:51:49:bb:30:
b1:14:12:1c:10:59:b0:a9:89:72:2c:8d:7f:52:2a:18:8a:d8:
2a:48:f8:1a:81:19:05:08:c1:90:33:70:fb:72:80:d5:17:b0:
f1:51:14:ae:f5:0b:34:dc:7c:47:af:cb:40:1f:65:17:74:1b:
0c:2c:fc:da:e2:e2:19:44:d8:a6:78:ee:39:5d:5e:ff:eb:2b:
62:3b:57:62:dc:6a:e3:5d:04:52:6f:d6:2f:4f:c7:e2:d5:ca:
63:66:ae:1c:4d:97:3f:eb:b1:80:04:66:7a:f8:ec:43:de:1d:
aa:32:ce:53:c7:e1:d2:e2:21:2b:12:68:88:c7:87:6f:02:f8:
b7:c8:2a:67
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULMhpZk3NuDy0MVfzocR7463ZJA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMTlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlMDA1MWNjMTg3MzQ3Mzc0Y2NjMjEwNWUzYzJlMzYzNmI1NWIyODgwN2Uw
NDhlYjAwZjJlZDg5Nzg5MmM5OTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ4kPNvNfwkN/v1nyjA54evBfKNffsx7yFbYvh4NcObH1rwgAhDscTCfUsjq
cp7Q4NW0euvnKhqrbXZCmNkH0/2Dx0UR4MXjLlOZCX6n4EAW+Gb+SYoqZ8E9D7sm
JGtTZvpPrmOJOqqugz8t22SDi9+MDMTkwW5JVuufIkFYrt1mQoCyNaZ6XKrcgMet
7OYSOHP0U/OC0AL5DOGtGLOmB6+CuLkxV3HF80eAphTlt0VbvQA4gcwrAzYPawzC
XZcoDinmj8mHhA/Pb1svU+zX4EC5VKX5TvG9+n+XB3bzZX7ulsnqaqDVF128KfNB
69yLR5A5OZj+/+aknp4pua0rfzECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ9nuF3
s+7pOduwLF5phCZw4J/xiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEACq7TTAKfO/EBXF0EyzFxHxbFHA+eAOuENYWlAXYf
bb3zUd59FUKubQHM2Q1pOZ4M0cNoLNCm4YM1K4y+o+uUyGf//KjZFkuWErrpfejG
lfK/2pRlWC9b5mVkY2FtTtVcmGQTryDqqfIoyGbm0HWuwONWIUNIKYQ6v7pRSbsw
sRQSHBBZsKmJciyNf1IqGIrYKkj4GoEZBQjBkDNw+3KA1Rew8VEUrvULNNx8R6/L
QB9lF3QbDCz82uLiGUTYpnjuOV1e/+srYjtXYtxq410EUm/WL0/H4tXKY2auHE2X
P+uxgARmevjsQ94dqjLOU8fh0uIhKxJoiMeHbwL4t8gqZw==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:16 2025 by rpki-client