Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: /10in1MRHlGlI4Ea7tbFYavjrve2iARo3/tRAgUrLMg=
Subject key identifier: 79:50:1A:88:6A:75:3D:D4:7B:16:98:84:8A:FA:AD:05:1C:AE:F6:3A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 63AE218F58B6CBDFF4012B1C9CA937BC8F452A39
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Mon 01 Sep 2025 21:20:13 +0000
ROA not before: Mon 01 Sep 2025 21:20:13 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:ae:21:8f:58:b6:cb:df:f4:01:2b:1c:9c:a9:37:bc:8f:45:2a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:20:13 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=74c799e6016102c6e8bfa1e0fa2c3f379a84192ebad88806422f1c7d44e31f1e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ca:83:2a:a6:8a:cb:2d:58:ad:27:af:ae:fb:
76:b4:ef:2d:f5:b9:a3:e6:ef:a7:c4:3c:2d:f5:ab:
36:84:c1:a3:81:a4:48:30:4b:bc:b0:08:a4:92:9c:
01:28:75:dc:58:01:62:ff:b8:d1:a6:3a:90:31:df:
d7:cb:6b:10:0b:e9:43:c3:07:11:d8:37:63:08:d8:
77:5f:ae:46:2f:38:58:50:5c:d1:25:c8:73:2c:2b:
37:c9:a0:55:81:8b:2a:2f:ad:72:bf:40:58:d6:f5:
6f:c2:c4:81:8e:02:57:a1:39:31:2e:85:37:60:59:
46:8e:11:af:66:00:12:25:ac:b6:81:2d:d4:b2:d1:
06:e7:e6:59:f8:e5:e9:c8:3b:38:22:f4:c7:97:5d:
d4:57:b2:83:cf:aa:e3:aa:9d:41:d2:05:77:66:87:
b4:16:83:7e:8e:00:af:6e:e1:ed:91:2f:28:67:56:
17:59:ae:d3:d9:7a:0e:43:c9:7e:83:df:0f:48:c7:
e1:14:0a:3d:59:8d:83:4c:87:75:c6:d1:e5:fd:22:
79:11:e3:e3:56:d9:eb:db:1c:dc:78:b8:65:fb:2b:
f2:4c:e8:32:1e:2c:cf:95:61:f5:57:0f:dd:74:59:
3c:52:45:5a:b7:10:08:d5:29:b9:ac:46:8b:d2:bd:
2c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:50:1A:88:6A:75:3D:D4:7B:16:98:84:8A:FA:AD:05:1C:AE:F6:3A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1f:79:0b:fc:9d:ae:ca:98:6d:24:92:a6:5f:f1:87:4f:ca:97:
3f:71:25:6a:1b:57:98:f6:12:76:fd:42:b6:53:2b:bf:6e:f9:
c6:ba:f8:c7:d5:ea:36:28:4c:30:4e:f4:b5:45:3c:0e:5f:14:
98:5f:93:4b:3f:62:c4:67:71:b9:de:c4:ca:b5:fc:7b:5f:9e:
36:30:a3:9a:dd:a1:40:21:74:28:2b:ca:86:97:3f:90:7f:ab:
ae:e0:d1:b0:12:32:b2:7a:04:6b:65:a7:bf:b3:d8:25:78:c5:
24:89:d1:5b:5c:40:6e:50:9b:5c:22:c5:d1:d7:56:f3:0b:a1:
4b:eb:b0:87:31:28:52:a2:b8:d5:76:cb:39:32:a6:83:aa:fd:
be:3e:89:d9:b1:b5:60:07:bc:b5:fa:37:4c:72:06:03:a0:c4:
cd:13:44:ec:a1:8b:68:bd:ae:61:3b:82:f3:8d:ee:a8:11:02:
fe:ff:9a:9e:b8:1e:d1:80:41:ab:2a:75:e7:24:16:99:a4:7d:
e1:be:31:99:4e:32:f9:cd:8c:4e:ed:8f:1c:a1:01:55:b8:bc:
0d:a4:08:41:51:14:c3:cb:f0:99:6b:ca:72:1a:65:56:e9:cd:
e3:60:ca:a8:87:8a:f4:16:f7:ad:7f:ec:c0:f6:f4:17:2e:1a:
db:cb:7e:b1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUY64hj1i2y9/0ASscnKk3vI9FKjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTIwMTNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Yzc5OWU2MDE2MTAyYzZlOGJmYTFlMGZhMmMzZjM3OWE4NDE5MmViYWQ4
ODgwNjQyMmYxYzdkNDRlMzFmMWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/KgyqmisstWK0nr677drTvLfW5o+bvp8Q8LfWrNoTBo4GkSDBLvLAIpJKc
ASh13FgBYv+40aY6kDHf18trEAvpQ8MHEdg3YwjYd1+uRi84WFBc0SXIcywrN8mg
VYGLKi+tcr9AWNb1b8LEgY4CV6E5MS6FN2BZRo4Rr2YAEiWstoEt1LLRBufmWfjl
6cg7OCL0x5dd1Feyg8+q46qdQdIFd2aHtBaDfo4Ar27h7ZEvKGdWF1mu09l6DkPJ
foPfD0jH4RQKPVmNg0yHdcbR5f0ieRHj41bZ69sc3Hi4Zfsr8kzoMh4sz5Vh9VcP
3XRZPFJFWrcQCNUpuaxGi9K9LMECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5UBqI
anU91HsWmISK+q0FHK72OjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQAfeQv8na7KmG0kkqZf8YdPypc/cSVqG1eY9hJ2/UK2
Uyu/bvnGuvjH1eo2KEwwTvS1RTwOXxSYX5NLP2LEZ3G53sTKtfx7X542MKOa3aFA
IXQoK8qGlz+Qf6uu4NGwEjKyegRrZae/s9gleMUkidFbXEBuUJtcIsXR11bzC6FL
67CHMShSorjVdss5MqaDqv2+PonZsbVgB7y1+jdMcgYDoMTNE0TsoYtova5hO4Lz
je6oEQL+/5qeuB7RgEGrKnXnJBaZpH3hvjGZTjL5zYxO7Y8coQFVuLwNpAhBURTD
y/CZa8pyGmVW6c3jYMqoh4r0Fvetf+zA9vQXLhrby36x
-----END CERTIFICATE-----
Generated at Wed Sep 17 20:22:20 2025 by rpki-client