Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: hu91D7t67D2hNqWhxyWbiC08QlF3iIw8wOUDYMkoRY0=
Subject key identifier: B3:2C:69:2E:F2:C6:89:3A:5A:CA:AC:A6:CD:03:34:08:23:D1:4B:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13D758867CE66296002C4DBE62877CE8E48F6645
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Tue 05 Aug 2025 20:21:26 +0000
ROA not before: Tue 05 Aug 2025 20:21:26 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:d7:58:86:7c:e6:62:96:00:2c:4d:be:62:87:7c:e8:e4:8f:66:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:26 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=65c688f65d8a62255d0f51049eb1cd00d8eeebfc630ba1aa6758abc0c6fd9f77, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:47:5d:c7:cb:43:1c:22:60:1b:1c:d3:2d:83:
b3:2a:43:f4:df:5e:5b:e1:66:7d:a5:a6:e9:20:1e:
63:a1:73:1e:c9:4a:e4:15:04:ed:f7:cb:95:8c:e6:
ff:07:bd:83:b2:7d:7c:72:be:5f:b0:55:ce:26:dc:
e3:99:ee:44:9c:12:3f:f9:4c:8f:f1:ae:04:2b:38:
16:e7:8e:db:ba:92:3e:6e:26:2b:16:c9:2a:e3:ee:
2a:b0:61:d4:6d:1d:08:1b:22:ba:66:87:67:7d:43:
2f:75:86:95:8a:6e:6a:ac:3e:dc:b2:4f:92:76:01:
5d:3d:04:3e:31:7b:18:54:d2:69:c0:bd:aa:c2:0c:
d8:fa:90:98:4f:09:1b:0e:ca:91:2b:78:7a:ae:76:
e5:19:4d:1c:84:cf:90:fc:21:e3:ce:06:77:68:a4:
75:05:c2:24:cb:76:00:1d:42:7c:c4:a4:87:50:86:
59:06:b9:a4:38:d1:28:5b:b6:88:5c:06:65:4c:92:
1a:c6:e3:dc:67:c6:2e:ff:96:c2:46:54:eb:94:3d:
66:76:81:ee:14:45:9e:7a:6a:b6:de:ad:60:b5:b5:
bb:10:99:ff:b8:01:55:80:e5:96:b6:b3:0e:95:e9:
21:91:1a:8a:a8:a1:9d:43:24:cd:42:bf:6a:77:03:
2b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:2C:69:2E:F2:C6:89:3A:5A:CA:AC:A6:CD:03:34:08:23:D1:4B:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3d:4d:20:e6:5c:0d:b1:e9:bb:4f:0a:9a:3c:45:bb:76:52:f7:
59:d8:7f:70:3f:2a:5b:1f:b6:47:f3:b5:68:03:7f:08:16:16:
af:72:df:fa:9a:20:f0:eb:8b:92:13:d4:0f:65:fa:96:d4:db:
33:4b:4a:48:04:74:8a:cc:40:13:20:3d:7a:28:82:12:a9:a6:
3c:6f:27:e1:a7:8e:4f:d9:08:89:25:55:f0:9c:8e:1c:22:4a:
9c:e0:71:50:02:0b:d0:24:2e:1e:0c:5f:8e:c7:c3:d8:0d:de:
dd:4e:db:f5:15:8a:a7:81:24:50:4d:33:a0:15:6a:08:cf:c1:
82:c9:43:2b:a0:5c:dd:05:85:3a:57:66:be:84:ef:89:da:f3:
32:41:3c:d7:d5:9c:5c:8b:91:39:6e:69:cf:ce:b2:90:ab:41:
39:ee:ad:fa:8b:8e:93:c4:90:b2:ca:bf:46:7b:01:cd:88:ae:
47:d2:98:11:06:90:6e:43:08:c9:b6:3f:02:98:05:4e:a4:98:
e5:25:46:4f:7a:2f:e0:0a:2b:99:69:96:82:79:a6:e0:ed:e3:
36:88:fc:b1:82:0a:a7:84:75:81:c0:70:40:58:5b:d1:2d:33:
4c:82:34:91:42:23:de:d7:fc:59:c9:ce:4b:15:9f:47:8c:4d:
64:39:55:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE9dYhnzmYpYALE2+Yod86OSPZkUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1YzY4OGY2NWQ4YTYyMjU1ZDBmNTEwNDllYjFjZDAwZDhlZWViZmM2MzBi
YTFhYTY3NThhYmMwYzZmZDlmNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANdHXcfLQxwiYBsc0y2DsypD9N9eW+FmfaWm6SAeY6FzHslK5BUE7ffLlYzm
/we9g7J9fHK+X7BVzibc45nuRJwSP/lMj/GuBCs4FueO27qSPm4mKxbJKuPuKrBh
1G0dCBsiumaHZ31DL3WGlYpuaqw+3LJPknYBXT0EPjF7GFTSacC9qsIM2PqQmE8J
Gw7KkSt4eq525RlNHITPkPwh484Gd2ikdQXCJMt2AB1CfMSkh1CGWQa5pDjRKFu2
iFwGZUySGsbj3GfGLv+WwkZU65Q9ZnaB7hRFnnpqtt6tYLW1uxCZ/7gBVYDllraz
DpXpIZEaiqihnUMkzUK/ancDK4MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSzLGku
8saJOlrKrKbNAzQII9FLoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQA9TSDmXA2x6btPCpo8Rbt2UvdZ2H9wPypbH7ZH87Vo
A38IFhavct/6miDw64uSE9QPZfqW1NszS0pIBHSKzEATID16KIISqaY8byfhp45P
2QiJJVXwnI4cIkqc4HFQAgvQJC4eDF+Ox8PYDd7dTtv1FYqngSRQTTOgFWoIz8GC
yUMroFzdBYU6V2a+hO+J2vMyQTzX1Zxci5E5bmnPzrKQq0E57q36i46TxJCyyr9G
ewHNiK5H0pgRBpBuQwjJtj8CmAVOpJjlJUZPei/gCiuZaZaCeabg7eM2iPyxggqn
hHWBwHBAWFvRLTNMgjSRQiPe1/xZyc5LFZ9HjE1kOVUj
-----END CERTIFICATE-----
Generated at Wed Aug 20 13:13:01 2025 by rpki-client