Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: zOInP8emJebuTzs0DmV1cUbwee4El+Lz7FUkcwHie/k=
Subject key identifier: 1A:C6:ED:35:07:09:8D:7A:C6:F2:E2:F0:D1:1B:5A:AF:0D:4F:09:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 73EBDF6817F9933AD6BFF0D768AA6C51064B4537
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Tue 05 Aug 2025 20:30:45 +0000
ROA not before: Tue 05 Aug 2025 20:30:45 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:eb:df:68:17:f9:93:3a:d6:bf:f0:d7:68:aa:6c:51:06:4b:45:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:30:45 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5fd487ea43d0ac24541f366151eb5111e02ab27b00535462d23a5d48cb20fbc4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:4d:4f:64:48:57:84:c3:56:29:f2:20:a9:
1d:20:ee:08:5d:45:bb:09:fb:12:0b:b6:d3:36:03:
79:51:dc:a9:b6:e1:b6:67:f9:d5:58:33:2b:12:f3:
70:c2:17:5d:ca:a5:16:66:cd:44:2a:35:ca:fb:42:
dc:8f:9e:43:b0:8e:d4:e7:3b:0e:da:d1:f4:e8:0c:
4f:a7:27:0b:79:5e:c5:7e:be:bf:9f:6d:75:b0:35:
1d:a6:37:b0:e7:cc:d3:0b:38:e4:c7:c6:3c:fa:55:
25:60:0f:63:1f:a2:33:dc:73:f4:ce:77:ec:a0:71:
12:c7:2a:90:47:36:f1:d7:65:2b:f6:69:eb:24:41:
20:5f:8c:e7:9e:a4:d5:f2:bb:b9:2c:cd:80:42:4f:
1a:f1:0a:a4:4e:7f:3e:53:11:f1:9b:ce:2a:de:35:
1d:be:13:a1:f4:4d:dc:67:1c:03:97:f7:e2:6a:18:
90:aa:14:04:72:7b:04:77:71:a0:34:9c:9c:39:84:
89:af:4e:f3:2b:3f:94:23:38:43:ad:0f:72:29:e2:
72:92:10:42:e1:b9:04:99:aa:8a:08:d0:1c:95:dc:
56:67:e3:e5:48:fa:82:82:d9:db:74:e7:f1:1f:f9:
14:01:fd:1c:ad:3d:b8:57:ea:57:af:cf:21:55:6d:
28:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C6:ED:35:07:09:8D:7A:C6:F2:E2:F0:D1:1B:5A:AF:0D:4F:09:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c5:67:ee:59:f7:83:09:a7:d7:64:0d:d5:51:df:c8:8f:fc:cd:
d1:50:08:9e:d9:fc:8d:b4:31:19:c2:67:9a:16:6b:a4:f0:79:
75:7b:18:bf:13:d5:2c:64:25:5c:25:b5:7c:6d:72:59:53:a0:
d3:7c:c2:a2:0a:90:00:ff:47:43:f7:1e:7a:d7:b7:20:ff:6a:
3b:21:5d:16:41:17:5d:2b:81:8e:e0:eb:8a:3d:67:22:6d:9a:
bc:f3:4b:3c:9d:14:1c:35:c0:41:ac:5a:56:07:da:c4:5b:7b:
9e:8c:0c:0b:16:ae:11:db:72:07:a2:bb:9b:db:cd:68:e1:0a:
6a:ec:b4:16:11:0e:58:a5:ce:da:69:94:e5:8a:8c:c0:a9:46:
81:83:ef:e4:21:59:d1:3e:09:ea:63:f2:65:4d:4c:e5:66:b4:
74:c0:da:bb:e8:43:2b:16:48:a2:c5:f7:88:05:05:67:8d:98:
45:d9:3f:16:e9:4c:8a:7c:82:c5:a5:60:69:f3:67:75:79:de:
9d:df:e1:3c:a2:7c:16:8e:71:ac:9f:11:42:3f:53:06:f3:a8:
cd:d5:92:3d:82:61:e4:6e:59:4f:70:5c:34:02:d1:ee:8c:dd:
ed:0f:6f:15:f2:42:a0:d0:bd:17:b8:74:3f:68:04:b9:e4:36:
c1:f7:47:c8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc+vfaBf5kzrWv/DXaKpsUQZLRTcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDMwNDVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVmZDQ4N2VhNDNkMGFjMjQ1NDFmMzY2MTUxZWI1MTExZTAyYWIyN2IwMDUz
NTQ2MmQyM2E1ZDQ4Y2IyMGZiYzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMStTU9kSFeEw1Yp8iCpHSDuCF1Fuwn7Egu20zYDeVHcqbbhtmf51VgzKxLz
cMIXXcqlFmbNRCo1yvtC3I+eQ7CO1Oc7DtrR9OgMT6cnC3lexX6+v59tdbA1HaY3
sOfM0ws45MfGPPpVJWAPYx+iM9xz9M537KBxEscqkEc28ddlK/Zp6yRBIF+M556k
1fK7uSzNgEJPGvEKpE5/PlMR8ZvOKt41Hb4TofRN3GccA5f34moYkKoUBHJ7BHdx
oDScnDmEia9O8ys/lCM4Q60PcinicpIQQuG5BJmqigjQHJXcVmfj5Uj6goLZ23Tn
8R/5FAH9HK09uFfqV6/PIVVtKEcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQaxu01
BwmNesby4vDRG1qvDU8JETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQDFZ+5Z94MJp9dkDdVR38iP/M3RUAie2fyNtDEZwmea
Fmuk8Hl1exi/E9UsZCVcJbV8bXJZU6DTfMKiCpAA/0dD9x5617cg/2o7IV0WQRdd
K4GO4OuKPWcibZq880s8nRQcNcBBrFpWB9rEW3uejAwLFq4R23IHorub281o4Qpq
7LQWEQ5Ypc7aaZTliozAqUaBg+/kIVnRPgnqY/JlTUzlZrR0wNq76EMrFkiixfeI
BQVnjZhF2T8W6UyKfILFpWBp82d1ed6d3+E8onwWjnGsnxFCP1MG86jN1ZI9gmHk
bllPcFw0AtHujN3tD28V8kKg0L0XuHQ/aAS55DbB90fI
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:05 2025 by rpki-client