Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: qmOHLGRUjWoDDenHS6YQwnUH04/DF9b8iXjS5FLlKRE=
Subject key identifier: B8:43:51:95:3E:28:F5:E7:B8:2B:1D:DD:9C:B4:49:D8:4B:0F:A2:EB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6ABDB3D8A73AAE182135CD7E9E9BF4BD236CA332
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Tue 05 Aug 2025 20:21:18 +0000
ROA not before: Tue 05 Aug 2025 20:21:18 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:bd:b3:d8:a7:3a:ae:18:21:35:cd:7e:9e:9b:f4:bd:23:6c:a3:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:18 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=109809b741b91669b9358c3d65cc292573d99df851eef1f259a49e075437b196, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5e:5a:0a:3d:d6:73:60:37:7e:a5:39:a5:53:
77:79:eb:9a:83:eb:79:85:da:95:e9:77:c3:65:a8:
f5:33:3d:14:6e:15:45:9c:f1:70:c9:33:82:02:e2:
89:1b:55:46:de:86:5a:60:07:43:6b:0e:80:77:26:
37:36:37:73:42:28:74:a1:3b:aa:d7:b5:b3:4e:29:
ba:af:22:bc:b4:e9:01:13:a1:3f:ed:a0:71:d2:8e:
fd:52:b6:b1:f3:d5:34:3e:4b:05:fa:6c:ba:bf:8b:
81:85:b9:26:a6:d1:99:5e:fa:a3:dc:ae:f6:c5:09:
b0:80:4e:9c:ef:90:b3:4b:b8:59:09:9e:77:9e:ca:
9d:72:04:e7:aa:9c:0e:ba:75:24:d7:6b:77:2d:50:
fb:14:8b:1d:33:8f:6b:ce:b1:bf:e5:fb:3a:f4:8e:
e1:b3:ff:57:c5:01:c8:d9:af:bb:fc:06:d7:8d:e6:
aa:1c:40:df:0c:c4:1a:af:2e:b8:0d:59:a2:0b:af:
0c:af:f6:56:ef:fc:55:28:a1:1a:87:fe:35:87:92:
a2:3a:7c:34:20:2f:c2:cc:c2:0d:cd:8b:41:63:5c:
2b:ce:d9:27:23:73:9e:63:4e:17:74:48:b4:1b:f2:
58:90:91:53:be:13:04:a3:31:af:40:40:64:29:e5:
6e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:43:51:95:3E:28:F5:E7:B8:2B:1D:DD:9C:B4:49:D8:4B:0F:A2:EB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
5d:94:75:f6:8b:2b:0b:01:7b:af:1f:f8:7c:6f:52:a4:d9:a8:
1c:50:f6:8e:7c:b6:69:60:11:27:a3:ed:10:e0:03:3d:df:86:
9c:f8:75:a7:c1:30:40:82:c2:0c:59:40:8b:fd:b3:08:64:78:
7e:13:29:d3:bc:4b:80:ca:55:dd:9c:90:af:d4:92:a1:e0:e0:
60:4d:d3:f7:b1:d7:26:44:c3:16:05:ff:eb:9b:01:bc:c0:2c:
98:e2:8d:c9:7b:ba:33:bf:a1:49:90:9c:5b:3a:97:57:4e:f4:
43:e2:a9:58:a8:ce:ae:79:eb:c7:f6:de:00:3e:c8:a1:6e:d3:
2b:1c:f0:40:92:54:cc:f2:b6:02:bb:f0:a0:11:a1:3c:22:58:
c6:d4:d5:d8:e5:11:a0:8e:a2:ab:20:63:cf:8b:ed:3a:26:26:
06:c9:26:d5:04:1c:e6:9e:6e:b4:3e:7b:5b:f2:50:94:d3:b3:
7d:40:b9:37:32:c3:5c:9d:d3:86:89:f1:2d:70:84:d0:70:db:
0c:cf:5a:4c:91:d5:37:51:6b:d3:e5:4d:2b:0f:9f:6b:38:5c:
7f:bf:2e:28:71:5d:3b:cf:92:29:ca:ea:b1:08:36:b4:66:3d:
1d:9b:a0:99:ab:3b:6e:b6:f5:c6:22:53:aa:dd:f1:e0:83:03:
1a:a4:84:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUar2z2Kc6rhghNc1+npv0vSNsozIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMThaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEwOTgwOWI3NDFiOTE2NjliOTM1OGMzZDY1Y2MyOTI1NzNkOTlkZjg1MWVl
ZjFmMjU5YTQ5ZTA3NTQzN2IxOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKReWgo91nNgN36lOaVTd3nrmoPreYXalel3w2Wo9TM9FG4VRZzxcMkzggLi
iRtVRt6GWmAHQ2sOgHcmNzY3c0IodKE7qte1s04puq8ivLTpAROhP+2gcdKO/VK2
sfPVND5LBfpsur+LgYW5JqbRmV76o9yu9sUJsIBOnO+Qs0u4WQmed57KnXIE56qc
Drp1JNdrdy1Q+xSLHTOPa86xv+X7OvSO4bP/V8UByNmvu/wG143mqhxA3wzEGq8u
uA1ZoguvDK/2Vu/8VSihGof+NYeSojp8NCAvwszCDc2LQWNcK87ZJyNznmNOF3RI
tBvyWJCRU74TBKMxr0BAZCnlbjsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBS4Q1GV
Pij157grHd2ctEnYSw+i6zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAXZR19osrCwF7rx/4fG9SpNmoHFD2jny2aWARJ6Pt
EOADPd+GnPh1p8EwQILCDFlAi/2zCGR4fhMp07xLgMpV3ZyQr9SSoeDgYE3T97HX
JkTDFgX/65sBvMAsmOKNyXu6M7+hSZCcWzqXV070Q+KpWKjOrnnrx/beAD7IoW7T
KxzwQJJUzPK2ArvwoBGhPCJYxtTV2OURoI6iqyBjz4vtOiYmBskm1QQc5p5utD57
W/JQlNOzfUC5NzLDXJ3ThonxLXCE0HDbDM9aTJHVN1Fr0+VNKw+fazhcf78uKHFd
O8+SKcrqsQg2tGY9HZugmas7brb1xiJTqt3x4IMDGqSEfg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:31 2025 by rpki-client