Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: n6LAINTsNsznz+OlJ0H+nn+LIgZ+YIqjBniQvE58O/0=
Subject key identifier: 63:FD:4C:CA:47:9F:ED:A4:05:12:A4:E6:A4:23:70:68:9F:29:15:A3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 74329D5DB14107105FA53934015934C9288F7DF4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Tue 05 Aug 2025 20:21:23 +0000
ROA not before: Tue 05 Aug 2025 20:21:23 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:32:9d:5d:b1:41:07:10:5f:a5:39:34:01:59:34:c9:28:8f:7d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:23 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=80ef61a2d7df759d5e49383e16891f35f55930b44cca0cb68a879d91c60a0f54, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:09:8a:05:6c:d3:b3:1d:42:0d:f1:71:79:
30:f9:ed:d8:ba:5a:c2:d0:4c:ea:9d:47:7d:5f:d7:
2e:a8:82:fa:43:d1:c5:85:57:d0:e0:66:57:a7:2b:
60:4d:f5:ae:b1:6d:e3:a5:6e:58:98:c7:10:34:23:
0e:ae:0b:dc:a1:98:ee:e4:f4:4d:3d:55:5e:28:83:
62:c9:51:8d:d2:31:19:30:63:b5:43:06:59:07:88:
92:18:90:bc:bf:32:a1:f8:ee:b5:f2:4f:3c:e1:4f:
e4:3f:dc:5c:67:16:f0:0a:7a:f8:f5:ba:71:40:fe:
2a:f0:42:b4:da:b3:f2:c1:2e:2b:11:c8:3f:0b:6a:
62:50:82:96:4b:a8:1e:08:65:8f:7d:bd:f6:ca:93:
bc:f2:72:0e:00:7b:a8:1e:2b:58:1d:8f:ed:8a:8a:
6b:1f:34:6c:75:16:fa:c0:2d:c1:a6:ef:5c:30:23:
cc:b9:85:6a:76:b3:f0:b7:f0:36:b3:47:a8:11:9a:
6d:ee:d3:02:a5:11:b0:c6:bd:d0:dd:8b:38:1f:43:
4b:d2:ae:bb:95:23:bc:27:ac:34:c1:83:3e:06:ea:
e9:c7:df:db:3a:47:86:3b:42:69:6d:5b:47:3b:3c:
bf:00:92:90:ad:14:b1:4a:c3:4a:b2:ad:e6:13:53:
a4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:FD:4C:CA:47:9F:ED:A4:05:12:A4:E6:A4:23:70:68:9F:29:15:A3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:7a:f2:f6:7a:6d:67:e9:00:f1:82:84:f4:60:71:9e:2f:f9:
b3:5e:d7:ab:47:a9:b1:01:fc:3c:8d:14:06:dc:a4:5d:09:97:
bb:3f:7d:b5:5c:61:7c:e1:5d:70:68:ba:9a:9f:d2:06:e2:01:
be:c0:71:05:18:ee:ad:d9:a4:11:3e:b0:b6:e3:af:2f:ac:12:
fc:75:c3:10:cc:5a:7b:65:6e:9e:c6:a7:3d:ee:c9:7b:d5:f2:
44:cb:91:f8:bb:c1:07:2e:35:df:65:45:7f:a9:1a:30:ac:3d:
62:30:8f:9c:4e:06:e2:41:73:3a:87:65:43:e6:4a:46:41:b2:
98:74:c8:0b:bc:1c:9c:01:65:c3:6b:ee:c9:0f:7f:7c:f9:1c:
7a:87:ec:de:d2:19:f8:61:ec:1e:61:0a:f1:6c:4a:8c:a1:d6:
5a:d2:5e:1f:0f:76:de:2d:e8:07:8b:dc:08:70:8e:27:34:cb:
ed:09:0f:ec:d2:50:f9:18:b3:64:82:13:e8:88:c9:6f:fa:a8:
2b:08:db:5f:24:c4:3d:8a:25:dc:e5:46:9b:03:7a:58:cc:17:
19:e8:ad:43:1b:ea:0c:a8:03:18:64:48:3b:7d:22:eb:d4:69:
91:8b:6a:8a:77:40:40:4a:99:8e:57:63:43:ca:c6:19:ec:03:
d6:39:3a:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdDKdXbFBBxBfpTk0AVk0ySiPffQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZWY2MWEyZDdkZjc1OWQ1ZTQ5MzgzZTE2ODkxZjM1ZjU1OTMwYjQ0Y2Nh
MGNiNjhhODc5ZDkxYzYwYTBmNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrTCYoFbNOzHUIN8XF5MPnt2LpawtBM6p1HfV/XLqiC+kPRxYVX0OBmV6cr
YE31rrFt46VuWJjHEDQjDq4L3KGY7uT0TT1VXiiDYslRjdIxGTBjtUMGWQeIkhiQ
vL8yofjutfJPPOFP5D/cXGcW8Ap6+PW6cUD+KvBCtNqz8sEuKxHIPwtqYlCClkuo
Hghlj3299sqTvPJyDgB7qB4rWB2P7YqKax80bHUW+sAtwabvXDAjzLmFanaz8Lfw
NrNHqBGabe7TAqURsMa90N2LOB9DS9Kuu5UjvCesNMGDPgbq6cff2zpHhjtCaW1b
Rzs8vwCSkK0UsUrDSrKt5hNTpOECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRj/UzK
R5/tpAUSpOakI3BonykVozAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQDKevL2em1n6QDxgoT0YHGeL/mzXterR6mxAfw8jRQG
3KRdCZe7P321XGF84V1waLqan9IG4gG+wHEFGO6t2aQRPrC2468vrBL8dcMQzFp7
ZW6exqc97sl71fJEy5H4u8EHLjXfZUV/qRowrD1iMI+cTgbiQXM6h2VD5kpGQbKY
dMgLvBycAWXDa+7JD398+Rx6h+ze0hn4YeweYQrxbEqModZa0l4fD3beLegHi9wI
cI4nNMvtCQ/s0lD5GLNkghPoiMlv+qgrCNtfJMQ9iiXc5UabA3pYzBcZ6K1DG+oM
qAMYZEg7fSLr1GmRi2qKd0BASpmOV2NDysYZ7APWOTpn
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:33 2025 by rpki-client