Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: zUClG+hCrHwtlymlh6VhwN9QRezGehRq5kHJuxIo+m0=
Subject key identifier: AF:61:4F:1B:FF:B7:CD:52:E9:23:E9:9D:6F:9D:05:AE:2D:DB:31:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 036EBB87323FEBBEF6EA9193BCB01E7A300DDCF5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Fri 15 Aug 2025 15:50:08 +0000
ROA not before: Fri 15 Aug 2025 15:50:08 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:6e:bb:87:32:3f:eb:be:f6:ea:91:93:bc:b0:1e:7a:30:0d:dc:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:08 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=62d6e764334d14bd9dc4bbe283a3a3d306c3a43fcd8ccf08d359330809ccaac2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1d:95:f9:a1:ef:f9:87:82:a7:38:40:d4:2f:
1b:ba:1f:6b:74:70:d4:5b:3b:34:95:6d:41:f9:6f:
c6:73:e5:3b:fa:42:15:a5:0d:e6:44:06:73:f8:44:
ba:79:0e:8b:49:1b:ee:5f:8d:7a:70:9c:5b:af:45:
0e:57:7a:99:32:4e:d7:22:53:68:4c:3a:35:82:28:
3f:49:05:be:a7:ed:d0:31:35:21:6b:ad:cc:cd:20:
04:75:50:d6:ad:f0:07:63:12:10:fd:73:2a:70:5e:
57:3f:e6:2e:47:3f:4d:b5:81:5c:fc:43:b1:42:36:
7c:52:13:9d:ec:89:14:21:7b:a8:31:01:e2:00:eb:
52:88:32:2e:da:dd:a0:15:4a:b5:70:2b:12:ce:2e:
8d:2b:40:dc:5c:c2:69:22:8e:fe:32:62:fd:58:a1:
10:6e:b0:2b:61:08:42:c1:fe:a9:31:54:93:0c:c7:
41:ad:bc:eb:e8:2f:aa:54:63:38:01:92:0a:00:39:
89:1b:0d:39:2e:8a:10:87:09:59:31:f4:cd:e6:6a:
50:3b:c1:bb:b8:4d:6d:10:7c:cf:aa:61:56:48:d4:
2a:06:6c:ae:11:07:68:c8:7f:26:b4:eb:6a:63:a5:
96:51:3e:1a:94:4a:e0:e5:9c:8b:fb:4b:41:2d:1e:
f4:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:61:4F:1B:FF:B7:CD:52:E9:23:E9:9D:6F:9D:05:AE:2D:DB:31:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
3c:4e:ea:8b:b3:72:4e:bb:66:9f:9b:f5:80:72:63:29:41:c4:
c9:c6:a4:86:b7:04:c7:2b:3b:d0:d1:81:49:06:1e:77:02:db:
2a:87:4f:41:fe:a4:5b:d3:ae:32:b8:81:af:e3:55:cb:3f:a8:
6a:ec:2c:c5:24:0e:a7:8b:94:da:ed:c2:d2:97:83:5e:46:ed:
ab:20:58:09:ba:d9:d0:b1:a8:47:f1:fc:40:0a:b7:20:b1:c6:
20:03:05:ca:97:05:9b:68:de:b0:9d:bb:c2:ac:8b:f0:64:10:
9b:bd:f4:bf:a6:4b:30:a6:24:41:4c:d6:5d:75:f7:5c:37:f2:
34:25:93:d5:ab:90:90:7c:c8:2a:a2:bc:d9:ed:5f:12:7f:d1:
1f:c4:0e:8d:fe:ce:72:a3:53:72:fb:f5:4c:38:d2:97:57:3d:
91:1a:e3:3e:4a:89:84:69:be:39:ca:6a:94:31:29:80:4b:78:
3d:aa:cc:fb:9d:1e:53:34:73:62:52:d0:9c:51:fb:8a:d4:2c:
4f:b6:4b:44:f6:35:bf:76:dc:b4:89:b6:62:ba:e9:6b:ae:ed:
06:c4:68:6a:21:25:a5:38:17:d3:cb:c2:36:b5:05:de:75:87:
6d:90:f2:4a:7e:ff:d3:b1:76:62:c8:c8:db:e7:b1:35:7d:f9:
9a:e1:54:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUA267hzI/67726pGTvLAeejAN3PUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZDZlNzY0MzM0ZDE0YmQ5ZGM0YmJlMjgzYTNhM2QzMDZjM2E0M2ZjZDhj
Y2YwOGQzNTkzMzA4MDljY2FhYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKMdlfmh7/mHgqc4QNQvG7ofa3Rw1Fs7NJVtQflvxnPlO/pCFaUN5kQGc/hE
unkOi0kb7l+NenCcW69FDld6mTJO1yJTaEw6NYIoP0kFvqft0DE1IWutzM0gBHVQ
1q3wB2MSEP1zKnBeVz/mLkc/TbWBXPxDsUI2fFITneyJFCF7qDEB4gDrUogyLtrd
oBVKtXArEs4ujStA3FzCaSKO/jJi/VihEG6wK2EIQsH+qTFUkwzHQa286+gvqlRj
OAGSCgA5iRsNOS6KEIcJWTH0zeZqUDvBu7hNbRB8z6phVkjUKgZsrhEHaMh/JrTr
amOlllE+GpRK4OWci/tLQS0e9PcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSvYU8b
/7fNUukj6Z1vnQWuLdsxSjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAPE7qi7NyTrtmn5v1gHJjKUHEycakhrcExys70NGB
SQYedwLbKodPQf6kW9OuMriBr+NVyz+oauwsxSQOp4uU2u3C0peDXkbtqyBYCbrZ
0LGoR/H8QAq3ILHGIAMFypcFm2jesJ27wqyL8GQQm730v6ZLMKYkQUzWXXX3XDfy
NCWT1auQkHzIKqK82e1fEn/RH8QOjf7OcqNTcvv1TDjSl1c9kRrjPkqJhGm+Ocpq
lDEpgEt4ParM+50eUzRzYlLQnFH7itQsT7ZLRPY1v3bctIm2Yrrpa67tBsRoaiEl
pTgX08vCNrUF3nWHbZDySn7/07F2YsjI2+exNX35muFU4Q==
-----END CERTIFICATE-----
Generated at Wed Aug 20 13:12:58 2025 by rpki-client