Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: CwPVGYr+5rKYlfT/Zx7KIalMbfxZHd/vDOMMnNnYwlw=
Subject key identifier: AF:F2:D7:81:14:7C:BB:A9:7B:AD:B1:5D:3B:17:E6:D4:7F:44:1C:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0D7D2BFAC7BEA0041B75A7B614FC13099C593325
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Fri 08 Aug 2025 00:40:54 +0000
ROA not before: Fri 08 Aug 2025 00:40:54 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:7d:2b:fa:c7:be:a0:04:1b:75:a7:b6:14:fc:13:09:9c:59:33:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:54 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=d4b112c4bc7e2102bcef73313307c7c6948396f14a76873b97048f232d217f37, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:54:c0:8e:b8:0c:9a:13:1c:d6:70:ee:26:2d:
87:13:cb:2f:67:fc:0f:c5:83:9c:90:66:4b:87:6f:
ea:67:49:d3:c5:f3:de:87:c5:e6:be:04:ca:a2:57:
ca:50:13:e6:d5:e8:44:15:12:95:50:91:9d:a4:d8:
11:17:93:b3:26:d3:99:1e:6d:5c:ed:c6:e3:65:50:
5b:88:cb:05:8f:82:19:11:a0:09:a0:ba:ea:a4:76:
61:03:75:5e:ca:d5:b5:0f:35:ac:42:dd:51:0f:36:
44:23:39:ec:3c:2b:34:cb:54:ab:c4:24:3c:8f:2f:
08:72:71:0d:96:fe:c9:b9:4d:e0:92:ce:36:2e:1c:
8f:f5:f2:10:3d:44:ae:ea:bc:2f:13:e3:67:2e:fd:
fe:88:36:47:3e:63:de:0c:1f:e2:e4:b6:e0:85:6f:
36:c9:2b:6e:74:33:9c:68:65:d3:e6:f4:57:69:e5:
2a:38:c0:d8:4f:51:92:15:cc:31:38:d6:72:e2:4f:
24:3d:69:45:ba:64:77:da:e0:df:a4:67:86:3a:77:
b6:aa:53:61:95:a0:6b:14:25:30:b6:8f:4d:17:ec:
31:2a:e9:9d:32:9d:6f:d8:a4:fc:8c:19:68:bc:b5:
0a:ed:bc:93:b9:5b:f5:6c:3e:aa:e1:5a:65:05:2f:
6c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F2:D7:81:14:7C:BB:A9:7B:AD:B1:5D:3B:17:E6:D4:7F:44:1C:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
33:07:c7:f2:d7:c1:81:7f:56:c4:33:00:1a:32:d3:fb:bf:0c:
c7:07:3e:dc:a6:52:b4:a9:e3:d2:bf:cd:cc:47:49:c1:03:51:
c1:9a:58:75:39:53:94:bb:15:07:a7:b4:9c:34:13:97:65:27:
e5:e0:5b:fe:d4:80:7a:e0:b7:66:16:cd:3e:fe:9f:98:d1:dd:
1f:5c:01:23:ef:7f:88:7c:1d:dc:e9:5f:57:ff:72:02:fc:02:
e3:da:41:ff:e0:79:0b:39:38:9e:7c:6d:f0:1a:7f:57:6b:73:
17:58:dc:6a:b8:c4:f4:f7:77:62:4a:eb:8c:fa:0a:66:f0:60:
1e:fb:17:90:ba:f1:96:0b:55:7b:01:8d:ba:cd:03:bb:3d:0a:
6e:ce:45:34:a2:62:0a:fa:58:f1:03:7e:e7:e1:c3:29:6e:99:
f1:3b:11:1a:90:b8:83:3c:6d:5a:27:07:4b:8b:6c:5c:4b:00:
c6:dc:be:12:87:15:d3:05:dd:16:70:c1:80:c7:ec:2c:3b:ea:
89:99:e0:88:d1:2e:56:2f:22:b9:ec:15:a5:84:bd:3f:b1:f4:
a7:99:40:ee:a4:83:ba:41:83:c0:8e:8d:dc:2d:55:53:44:20:
07:95:c8:5e:ba:45:49:a6:82:8f:66:6b:22:93:a3:9c:c0:cc:
d8:0e:81:e5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUDX0r+se+oAQbdae2FPwTCZxZMyUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwNTRaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YjExMmM0YmM3ZTIxMDJiY2VmNzMzMTMzMDdjN2M2OTQ4Mzk2ZjE0YTc2
ODczYjk3MDQ4ZjIzMmQyMTdmMzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANVUwI64DJoTHNZw7iYthxPLL2f8D8WDnJBmS4dv6mdJ08Xz3ofF5r4EyqJX
ylAT5tXoRBUSlVCRnaTYEReTsybTmR5tXO3G42VQW4jLBY+CGRGgCaC66qR2YQN1
XsrVtQ81rELdUQ82RCM57DwrNMtUq8QkPI8vCHJxDZb+yblN4JLONi4cj/XyED1E
ruq8LxPjZy79/og2Rz5j3gwf4uS24IVvNskrbnQznGhl0+b0V2nlKjjA2E9RkhXM
MTjWcuJPJD1pRbpkd9rg36Rnhjp3tqpTYZWgaxQlMLaPTRfsMSrpnTKdb9ik/IwZ
aLy1Cu28k7lb9Ww+quFaZQUvbFkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSv8teB
FHy7qXutsV07F+bUf0Qc0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEAMwfH8tfBgX9WxDMAGjLT+78Mxwc+3KZStKnj
0r/NzEdJwQNRwZpYdTlTlLsVB6e0nDQTl2Un5eBb/tSAeuC3ZhbNPv6fmNHdH1wB
I+9/iHwd3OlfV/9yAvwC49pB/+B5Czk4nnxt8Bp/V2tzF1jcarjE9Pd3YkrrjPoK
ZvBgHvsXkLrxlgtVewGNus0Duz0Kbs5FNKJiCvpY8QN+5+HDKW6Z8TsRGpC4gzxt
WicHS4tsXEsAxty+EocV0wXdFnDBgMfsLDvqiZngiNEuVi8iuewVpYS9P7H0p5lA
7qSDukGDwI6N3C1VU0QgB5XIXrpFSaaCj2ZrIpOjnMDM2A6B5Q==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:43:49 2025 by rpki-client