Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
File: 695716ab-c4db-435d-95fe-4143be62030e.roa (raw, json)
Hash identifier: YRu62vTaTkJBtHWyZIe95JJCltf5DAvPhIwAMEpdAZQ=
Subject key identifier: D0:D0:55:2A:86:87:7B:8C:4D:EC:A7:B3:E9:B7:77:E8:01:A5:F8:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11EDB159A7E3DFED9AF6BCFA727FBE15C6D67FE5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
Signing time: Fri 08 Aug 2025 00:40:49 +0000
ROA not before: Fri 08 Aug 2025 00:40:49 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ed:b1:59:a7:e3:df:ed:9a:f6:bc:fa:72:7f:be:15:c6:d6:7f:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:49 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=347047c76d6055ac6db006c9d1b027a6c66f5598f543a2e3e061d460a60eedfb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:cc:87:ed:98:a8:c1:03:18:2d:12:f4:94:e6:
71:e4:4d:82:4b:ec:0a:7d:b8:ba:a4:ff:79:65:83:
e0:6b:4f:ed:b0:93:a2:6f:23:60:fb:84:3a:5b:0e:
73:8d:00:15:5b:1c:a8:a5:ea:de:22:9b:a5:36:4b:
b2:a3:91:4e:0e:1a:33:ff:00:db:4c:7b:78:06:30:
cd:85:e2:d9:c8:01:6c:72:6a:86:ce:7f:d1:f2:12:
86:1a:94:69:ab:7a:33:08:67:eb:56:04:c9:89:4e:
55:85:18:92:55:9d:8c:f5:4f:44:e2:b2:b2:69:38:
d2:70:18:21:65:bd:95:f1:09:7c:b7:c3:e0:dd:97:
53:56:d5:92:d3:b4:52:ff:5c:2b:6c:b5:b6:6f:29:
f6:84:d3:1d:e1:cf:8e:5d:bf:a8:46:fa:1a:ab:2f:
c2:63:e0:71:e8:5f:f3:5c:3b:f0:8c:86:d6:32:1b:
72:b4:38:32:2a:16:c9:65:8f:1c:d9:85:ae:d7:86:
71:ee:74:e7:8f:af:27:bd:c4:1d:4e:c9:19:28:b7:
9b:47:12:a9:b9:97:89:10:5b:ab:30:d4:66:51:0a:
be:50:5e:43:43:58:69:1b:e9:23:ad:36:90:1e:bc:
c0:a5:2c:3c:89:9f:7e:55:92:fb:89:34:dd:93:63:
a8:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:D0:55:2A:86:87:7B:8C:4D:EC:A7:B3:E9:B7:77:E8:01:A5:F8:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:6c:64:41:50:f7:f0:7b:1a:c4:61:30:ea:75:bc:e3:34:bd:
29:77:10:b8:10:9f:78:95:aa:77:bd:16:fb:31:56:a1:4d:fd:
33:47:13:3e:8e:77:da:c9:80:06:63:8a:89:95:f4:a3:fe:08:
5b:da:c8:a1:9a:a1:37:fc:e5:3b:50:46:9b:0a:73:01:a4:ea:
a1:90:27:22:93:c2:5c:3e:c1:ae:ce:60:1b:4a:f1:ba:b6:52:
2c:81:41:1a:55:7d:bb:63:a5:1e:e0:0b:c9:3e:c0:c5:12:0b:
fd:42:ea:3b:7c:ae:cf:42:5d:b0:a5:56:b4:b9:5e:6d:aa:b9:
cf:42:79:3b:71:64:e6:5d:1a:eb:5d:a3:b5:4d:71:61:8d:2c:
7e:0a:55:57:ce:9c:bf:de:f3:78:a5:3f:b2:3b:c7:fb:18:4c:
c3:fc:55:60:0e:90:43:2c:9c:30:5f:fd:c0:ad:5f:28:bb:2b:
e1:62:28:98:0f:ea:da:05:64:51:37:21:37:b6:39:8d:1b:4e:
63:3e:9e:2d:f3:e7:87:38:f3:84:14:03:b6:ce:13:88:04:12:
53:b1:2f:40:c0:d7:2b:26:48:8e:9a:15:64:e0:ff:ac:3c:c4:
e2:0c:11:6e:ad:b6:69:e8:c1:9c:84:7b:15:f0:57:0c:a2:f3:
0d:d2:88:3d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEe2xWafj3+2a9rz6cn++FcbWf+UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwNDlaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0NzA0N2M3NmQ2MDU1YWM2ZGIwMDZjOWQxYjAyN2E2YzY2ZjU1OThmNTQz
YTJlM2UwNjFkNDYwYTYwZWVkZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANvMh+2YqMEDGC0S9JTmceRNgkvsCn24uqT/eWWD4GtP7bCTom8jYPuEOlsO
c40AFVscqKXq3iKbpTZLsqORTg4aM/8A20x7eAYwzYXi2cgBbHJqhs5/0fIShhqU
aat6Mwhn61YEyYlOVYUYklWdjPVPROKysmk40nAYIWW9lfEJfLfD4N2XU1bVktO0
Uv9cK2y1tm8p9oTTHeHPjl2/qEb6GqsvwmPgcehf81w78IyG1jIbcrQ4MioWyWWP
HNmFrteGce5054+vJ73EHU7JGSi3m0cSqbmXiRBbqzDUZlEKvlBeQ0NYaRvpI602
kB68wKUsPImfflWS+4k03ZNjqFUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTQ0FUq
hod7jE3sp7Ppt3foAaX4pzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk1NzE2YWItYzRkYi00MzVkLTk1ZmUtNDE0M2JlNjIwMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQBWbGRBUPfwexrEYTDqdbzjNL0pdxC4EJ94lap3vRb7
MVahTf0zRxM+jnfayYAGY4qJlfSj/ghb2sihmqE3/OU7UEabCnMBpOqhkCcik8Jc
PsGuzmAbSvG6tlIsgUEaVX27Y6Ue4AvJPsDFEgv9Quo7fK7PQl2wpVa0uV5tqrnP
Qnk7cWTmXRrrXaO1TXFhjSx+ClVXzpy/3vN4pT+yO8f7GEzD/FVgDpBDLJwwX/3A
rV8ouyvhYiiYD+raBWRRNyE3tjmNG05jPp4t8+eHOPOEFAO2zhOIBBJTsS9AwNcr
JkiOmhVk4P+sPMTiDBFurbZp6MGchHsV8FcMovMN0og9
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:17 2025 by rpki-client