Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: ANwKjAJdBIosIoyB0JOLhcXYci4AiR42kUGnz6RenYU=
Subject key identifier: 14:07:2D:D0:CE:50:88:D1:35:78:48:7A:EE:B2:07:94:7C:11:39:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 301DB6E0B8CCCD368A84F0F342471969CFB5C2CC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Tue 05 Aug 2025 20:21:25 +0000
ROA not before: Tue 05 Aug 2025 20:21:25 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:1d:b6:e0:b8:cc:cd:36:8a:84:f0:f3:42:47:19:69:cf:b5:c2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:25 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=7e0712960acc3870a5c7295991c79109e55dea0fd532278fe05d25cce10964c4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:2c:52:5c:f3:2b:68:88:06:a4:28:bf:f1:52:
b4:2e:5e:1f:13:45:ba:07:21:ae:f8:68:61:81:14:
fe:ac:ef:50:36:c8:bb:26:d6:19:d6:a1:29:61:bf:
bf:82:6b:27:4c:95:38:55:6a:19:59:d6:16:47:82:
28:b2:cc:84:3e:e5:80:8a:e2:7b:56:9e:cb:66:88:
11:24:45:e8:7c:c2:f3:15:51:38:0e:21:64:3e:e1:
d0:2a:37:6c:cf:64:7d:f4:81:7d:2e:6a:e6:ac:c9:
fb:8e:02:b9:fd:64:0a:f9:2d:7a:84:ae:62:6e:56:
2b:22:20:e6:e0:9b:5e:61:5b:ab:38:f4:4c:b7:b7:
25:ca:42:2f:a4:35:0d:b1:e3:60:84:dd:15:a8:ca:
b5:63:45:99:11:10:2e:bd:fc:f4:12:9e:dd:ef:ba:
87:fc:57:69:92:86:8e:ff:0c:36:05:69:c7:63:9a:
16:cd:b0:ec:05:53:fc:02:ac:3a:88:8e:36:c8:f7:
b4:9f:45:ff:f4:b6:54:2a:97:75:75:dd:4e:19:ef:
28:2f:50:af:db:65:92:54:7a:f1:6a:1f:28:3e:d6:
8e:2e:b0:cb:d2:80:1b:db:e3:bb:96:c0:c1:90:ca:
09:3f:88:3f:82:de:45:71:39:8d:e5:a9:80:ba:7c:
21:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:07:2D:D0:CE:50:88:D1:35:78:48:7A:EE:B2:07:94:7C:11:39:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:1b:c1:ab:a2:8c:f1:a1:0e:ef:83:ee:50:31:78:b9:94:09:
e9:43:8f:7f:f3:1e:08:b3:3a:5b:ce:de:5d:5f:5e:00:0b:b9:
74:8a:06:b1:a6:40:cc:c4:fe:3a:d0:0f:a0:39:aa:f6:6b:c8:
52:16:11:d9:90:6a:ed:72:a7:e1:0f:19:88:a3:17:77:70:84:
d2:2a:e2:26:93:59:e7:73:39:11:1a:dd:f3:d4:8a:84:51:70:
5a:ca:78:4b:6c:60:91:00:45:c3:c3:7d:48:02:0d:ba:04:99:
d5:cf:69:b3:dd:50:3f:31:ae:ad:3f:ff:46:8d:7e:24:d4:4c:
76:0d:89:f3:36:3b:a1:3a:91:72:19:db:71:bf:36:fd:94:d2:
f5:50:f6:a7:5d:3d:86:7f:2b:17:4d:8d:6e:b4:92:b3:89:ba:
28:79:e5:dc:80:69:d2:83:70:ef:9b:dc:44:c2:ee:ca:dd:a1:
97:5f:4c:8e:07:e9:ac:be:94:73:23:c8:4b:dc:78:40:8c:77:
3e:5c:6d:f5:75:33:23:ad:d4:52:2f:d9:1f:dc:62:eb:1a:62:
72:03:10:78:44:f2:3f:0b:f3:0d:8e:2d:c6:6f:fa:f1:26:5a:
53:77:54:75:dc:be:58:59:3a:80:4c:3f:4e:1c:ab:a9:18:7c:
34:b5:70:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMB224LjMzTaKhPDzQkcZac+1wswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjVaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlMDcxMjk2MGFjYzM4NzBhNWM3Mjk1OTkxYzc5MTA5ZTU1ZGVhMGZkNTMy
Mjc4ZmUwNWQyNWNjZTEwOTY0YzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPUsUlzzK2iIBqQov/FStC5eHxNFugchrvhoYYEU/qzvUDbIuybWGdahKWG/
v4JrJ0yVOFVqGVnWFkeCKLLMhD7lgIrie1aey2aIESRF6HzC8xVROA4hZD7h0Co3
bM9kffSBfS5q5qzJ+44Cuf1kCvkteoSuYm5WKyIg5uCbXmFbqzj0TLe3JcpCL6Q1
DbHjYITdFajKtWNFmREQLr389BKe3e+6h/xXaZKGjv8MNgVpx2OaFs2w7AVT/AKs
OoiONsj3tJ9F//S2VCqXdXXdThnvKC9Qr9tlklR68WofKD7Wji6wy9KAG9vju5bA
wZDKCT+IP4LeRXE5jeWpgLp8IUECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUBy3Q
zlCI0TV4SHrusgeUfBE5BDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQBrG8GroozxoQ7vg+5QMXi5lAnpQ49/8x4Iszpbzt5d
X14AC7l0igaxpkDMxP460A+gOar2a8hSFhHZkGrtcqfhDxmIoxd3cITSKuImk1nn
czkRGt3z1IqEUXBaynhLbGCRAEXDw31IAg26BJnVz2mz3VA/Ma6tP/9GjX4k1Ex2
DYnzNjuhOpFyGdtxvzb9lNL1UPanXT2GfysXTY1utJKzibooeeXcgGnSg3Dvm9xE
wu7K3aGXX0yOB+msvpRzI8hL3HhAjHc+XG31dTMjrdRSL9kf3GLrGmJyAxB4RPI/
C/MNji3Gb/rxJlpTd1R13L5YWTqATD9OHKupGHw0tXCu
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:37 2025 by rpki-client