Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
File: 6df8accc-a525-49ec-ad13-7401de62f775.roa (raw, json)
Hash identifier: MyD9FGwzK3D/yY4PcaLjDTrcgrfeSzpsLyYmr5y4nQE=
Subject key identifier: 67:A6:2C:30:4C:40:89:76:87:13:C2:11:5E:1A:7F:29:B9:13:DE:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11CE3CF4176B93FD5264DCBE010A29B30A7C3367
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
Signing time: Tue 05 Aug 2025 20:21:26 +0000
ROA not before: Tue 05 Aug 2025 20:21:26 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.109.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:ce:3c:f4:17:6b:93:fd:52:64:dc:be:01:0a:29:b3:0a:7c:33:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:26 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7ca23956dd65ead86c6a5f8291edd7728613e8e08b55932bf9fa97f1ea53fa3c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:fe:32:8e:08:4c:a2:d0:57:21:1d:61:96:
58:b7:3f:d1:94:d5:d4:e3:13:46:be:5a:70:d6:7e:
80:0f:fd:43:64:95:ae:7c:02:ac:6f:68:2b:f4:64:
c4:15:f7:e5:34:01:9d:47:df:d8:c6:2b:ed:5a:10:
7e:ac:89:0f:9b:4b:bb:ad:64:96:80:a9:ec:0a:e1:
10:6f:cd:e6:77:28:2d:93:99:50:87:d6:22:8e:a0:
a8:4e:13:f9:78:09:e4:fe:ed:06:29:d3:71:ce:28:
8f:68:f5:bb:a5:68:7e:e8:66:d3:14:95:61:13:6f:
06:44:96:df:d6:3c:04:2c:9c:e9:27:1a:01:e9:ea:
d6:f6:6f:8d:c4:78:33:94:38:a9:79:b4:ee:e7:81:
79:8b:ba:f4:e5:63:34:2e:36:e3:be:e4:db:24:b3:
a6:4e:9e:8f:f6:cb:56:a8:fe:08:60:cf:39:3c:19:
a0:63:f5:a8:02:98:7c:59:31:99:80:72:e5:bb:d2:
be:47:6b:0e:a4:56:ca:4e:fa:74:81:b7:ce:39:c9:
af:bb:8e:40:70:c9:62:93:45:75:eb:13:e0:c3:37:
02:8b:8c:8c:64:68:5a:99:a7:e1:0a:6a:77:bb:2e:
7c:f3:11:88:61:8d:70:d7:67:41:56:44:b1:12:80:
8c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A6:2C:30:4C:40:89:76:87:13:C2:11:5E:1A:7F:29:B9:13:DE:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6df8accc-a525-49ec-ad13-7401de62f775.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:fd:f6:1b:d0:cb:3c:5e:ce:dc:4e:ca:e8:75:29:b2:31:4a:
58:16:51:94:a8:3f:6f:3f:ea:be:f6:0c:40:65:f9:85:d2:7d:
8c:25:4b:64:1c:8e:8b:6f:01:9a:61:26:88:e4:e0:28:1a:6b:
07:e2:32:75:a4:de:7f:5c:de:01:a5:6b:96:c0:51:5e:33:62:
06:e9:31:96:ed:8b:d0:f6:b5:c7:f4:ce:33:ef:1a:fa:58:c5:
2a:d9:29:59:70:1c:7f:3d:01:4e:a2:c9:c5:6e:5f:a9:f8:d2:
59:51:cf:9a:30:8b:40:ff:9a:d4:64:a7:87:78:92:e1:98:81:
00:9f:a7:0a:bd:9e:51:23:0d:76:ca:a3:e7:9f:68:5d:99:57:
5e:cf:5c:98:bb:3a:a6:37:90:e0:7e:25:af:da:ff:d6:d6:e0:
f9:63:ac:49:07:a5:b3:35:c6:44:6e:27:78:a0:dd:c9:8e:d1:
99:5b:a1:df:49:6f:21:40:b3:b1:1d:f5:98:bb:49:03:ab:01:
45:74:4c:75:ba:2d:be:b2:5a:48:ee:f0:3b:4f:15:50:5a:39:
1a:c3:8d:cf:3b:66:2f:9d:7f:c6:5c:ad:e8:a7:c9:6e:84:f5:
a4:ff:6f:7f:7c:1b:6f:7a:f5:51:08:36:c1:00:e4:b3:a9:ea:
0d:d5:63:c5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUEc489Bdrk/1SZNy+AQopswp8M2cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjYTIzOTU2ZGQ2NWVhZDg2YzZhNWY4MjkxZWRkNzcyODYxM2U4ZTA4YjU1
OTMyYmY5ZmE5N2YxZWE1M2ZhM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6p/jKOCEyi0FchHWGWWLc/0ZTV1OMTRr5acNZ+gA/9Q2SVrnwCrG9oK/Rk
xBX35TQBnUff2MYr7VoQfqyJD5tLu61kloCp7ArhEG/N5ncoLZOZUIfWIo6gqE4T
+XgJ5P7tBinTcc4oj2j1u6Vofuhm0xSVYRNvBkSW39Y8BCyc6ScaAenq1vZvjcR4
M5Q4qXm07ueBeYu69OVjNC42477k2ySzpk6ej/bLVqj+CGDPOTwZoGP1qAKYfFkx
mYBy5bvSvkdrDqRWyk76dIG3zjnJr7uOQHDJYpNFdesT4MM3AouMjGRoWpmn4Qpq
d7sufPMRiGGNcNdnQVZEsRKAjMUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRnpiww
TECJdocTwhFeGn8puRPeNDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmRmOGFjY2MtYTUyNS00OWVjLWFkMTMtNzQwMWRlNjJmNzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ9tMA0G
CSqGSIb3DQEBCwUAA4IBAQAE/fYb0Ms8Xs7cTsrodSmyMUpYFlGUqD9vP+q+9gxA
ZfmF0n2MJUtkHI6LbwGaYSaI5OAoGmsH4jJ1pN5/XN4BpWuWwFFeM2IG6TGW7YvQ
9rXH9M4z7xr6WMUq2SlZcBx/PQFOosnFbl+p+NJZUc+aMItA/5rUZKeHeJLhmIEA
n6cKvZ5RIw12yqPnn2hdmVdez1yYuzqmN5DgfiWv2v/W1uD5Y6xJB6WzNcZEbid4
oN3JjtGZW6HfSW8hQLOxHfWYu0kDqwFFdEx1ui2+slpI7vA7TxVQWjkaw43PO2Yv
nX/GXK3op8luhPWk/29/fBtvevVRCDbBAOSzqeoN1WPF
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:59 2025 by rpki-client