Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: nRLnUtxgabFnKqnOuQ7brlyDBYvXppRjcCk+jDlxR1g=
Subject key identifier: 81:4A:52:C7:FA:EA:12:3B:80:25:46:F9:18:EF:BE:67:D0:97:49:F9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 58253110F42738A972CB941BB0B03751B5E14F57
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Tue 05 Aug 2025 20:20:47 +0000
ROA not before: Tue 05 Aug 2025 20:20:47 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:25:31:10:f4:27:38:a9:72:cb:94:1b:b0:b0:37:51:b5:e1:4f:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:47 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=61c908b27c6a2451753e2f2c43db38059128870b5c52999446885e40cc80d7ec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:79:ae:ee:10:11:97:86:bd:ef:1c:f9:02:cf:
59:2e:71:31:89:d1:b0:b0:85:a0:ea:57:4a:d5:c4:
ea:e6:a8:19:af:12:93:20:7f:94:cb:4f:7f:86:63:
b2:a5:e9:b5:75:14:2f:c7:91:74:77:e7:ae:d0:fb:
b6:b6:e9:22:d6:7b:d4:64:18:09:d1:5a:4f:0f:16:
92:3e:76:65:f6:9e:5b:dc:a0:5c:60:f0:a2:09:dd:
78:1d:0f:18:cc:69:bc:43:72:74:82:fc:76:0e:53:
7e:ee:51:65:2a:40:8a:e9:e5:0e:82:a6:6e:82:0a:
58:d2:f3:1a:a7:07:88:7e:37:a4:7a:32:c2:f3:58:
ef:02:1b:5e:60:ab:bf:fe:8f:e3:b0:1c:a5:e1:c6:
ab:81:7c:13:57:65:66:ad:97:c2:46:4f:c1:2a:4f:
94:04:9b:a9:e9:24:a2:5a:59:9a:be:50:7f:3a:b5:
b9:28:af:15:25:7e:55:c9:72:af:c1:3e:6a:15:a8:
f8:28:62:45:64:5a:55:eb:64:1b:a1:cb:ac:93:b4:
57:89:32:f3:f3:eb:a3:96:8a:85:63:b7:eb:1b:11:
3d:6f:da:b1:67:62:04:38:0d:c1:11:7b:32:6a:e1:
b4:92:83:de:f1:f0:d8:cc:ea:e1:0b:29:2c:c1:7c:
5d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:4A:52:C7:FA:EA:12:3B:80:25:46:F9:18:EF:BE:67:D0:97:49:F9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
35:6e:5b:55:41:64:36:26:48:b5:de:13:29:b4:09:5f:fa:81:
8c:54:8a:56:d0:7f:e4:05:a1:18:f8:71:5b:c6:2b:66:aa:4c:
7a:e1:32:ff:68:d0:03:1f:f2:4d:c1:1a:4e:3c:d4:35:ba:5f:
01:16:bb:72:15:ae:c3:f4:37:b7:38:e8:de:43:d6:5a:91:d1:
94:f6:87:12:e7:9d:51:a5:84:a5:79:47:a6:67:84:b5:1d:14:
4a:54:a9:97:c8:c4:df:19:11:20:f7:67:0e:ff:c7:bb:27:cf:
b7:ab:47:01:0e:04:d2:fa:6b:14:63:f5:63:5a:c7:b9:1f:f4:
0b:bf:a8:68:fd:df:1b:37:c1:e9:6a:77:1a:08:0c:6b:2d:ec:
b1:c0:61:55:82:9f:3f:c9:c6:e8:6c:d4:a2:a7:85:1d:e7:4e:
18:6b:1e:78:6c:88:09:25:b0:43:36:6f:27:7b:d0:2f:cf:f2:
52:e5:59:1e:b7:45:f2:b7:f9:ab:65:9b:a9:ce:1c:d9:a2:14:
fb:f2:4d:7b:a6:e8:61:5c:f9:f4:df:97:61:0c:2d:b0:ea:02:
b5:0f:d3:a1:90:00:89:dc:00:a7:75:8b:3b:32:18:44:5e:40:
81:8c:f1:5b:e4:38:70:06:13:3e:f9:2f:a2:19:37:30:0c:1f:
85:a1:a5:f7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWCUxEPQnOKlyy5QbsLA3UbXhT1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxYzkwOGIyN2M2YTI0NTE3NTNlMmYyYzQzZGIzODA1OTEyODg3MGI1YzUy
OTk5NDQ2ODg1ZTQwY2M4MGQ3ZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKh5ru4QEZeGve8c+QLPWS5xMYnRsLCFoOpXStXE6uaoGa8SkyB/lMtPf4Zj
sqXptXUUL8eRdHfnrtD7trbpItZ71GQYCdFaTw8Wkj52ZfaeW9ygXGDwogndeB0P
GMxpvENydIL8dg5Tfu5RZSpAiunlDoKmboIKWNLzGqcHiH43pHoywvNY7wIbXmCr
v/6P47AcpeHGq4F8E1dlZq2XwkZPwSpPlASbqekkolpZmr5Qfzq1uSivFSV+Vcly
r8E+ahWo+ChiRWRaVetkG6HLrJO0V4ky8/Pro5aKhWO36xsRPW/asWdiBDgNwRF7
MmrhtJKD3vHw2Mzq4QspLMF8XXECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSBSlLH
+uoSO4AlRvkY775n0JdJ+TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEANW5bVUFkNiZItd4TKbQJX/qBjFSKVtB/5AWhGPhx
W8YrZqpMeuEy/2jQAx/yTcEaTjzUNbpfARa7chWuw/Q3tzjo3kPWWpHRlPaHEued
UaWEpXlHpmeEtR0USlSpl8jE3xkRIPdnDv/HuyfPt6tHAQ4E0vprFGP1Y1rHuR/0
C7+oaP3fGzfB6Wp3GggMay3sscBhVYKfP8nG6GzUoqeFHedOGGseeGyICSWwQzZv
J3vQL8/yUuVZHrdF8rf5q2Wbqc4c2aIU+/JNe6boYVz59N+XYQwtsOoCtQ/ToZAA
idwAp3WLOzIYRF5AgYzxW+Q4cAYTPvkvohk3MAwfhaGl9w==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:22 2025 by rpki-client