Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: JoqP6nV+yqtsin5nrAbo79KxWSmUGSDMu3aaCnUljh0=
Subject key identifier: C3:1F:07:B5:A3:7D:D4:0D:03:A8:A1:0D:2A:23:31:DE:E4:79:73:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 648118D4413A6AF7A954C2029E45CEC120FE97D8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Mon 01 Sep 2025 21:30:12 +0000
ROA not before: Mon 01 Sep 2025 21:30:12 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:81:18:d4:41:3a:6a:f7:a9:54:c2:02:9e:45:ce:c1:20:fe:97:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:12 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=77f4866fbbf046a547f3ddd99004a4fb3831006a820c8cac6da15c7c0714db7f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c4:21:85:e1:2a:52:4e:b8:ae:89:b2:0a:80:
db:17:6a:37:6f:75:9d:4c:19:e2:01:aa:69:29:b4:
1d:2b:55:a8:98:29:27:d0:c3:19:e5:ee:39:40:13:
2d:56:cd:3e:02:ef:38:60:c2:b0:c4:7b:37:51:f2:
3b:b2:89:87:d1:e6:81:7f:b8:fe:9b:88:1b:aa:bb:
dd:41:36:85:c1:ae:c7:c3:9a:ed:59:57:f3:cf:66:
3a:27:b4:fa:70:21:30:fc:24:6e:6f:aa:8e:2b:1b:
fc:e7:33:1b:f7:7f:36:7f:c6:b4:3f:8c:a9:ad:1c:
4b:82:66:01:66:be:45:75:65:75:f5:93:49:9b:99:
ae:44:bf:a6:27:6c:f4:3a:34:a7:20:7d:da:22:11:
ed:dc:ec:a7:50:e6:e8:ec:a2:00:37:14:1a:0e:14:
8a:01:1a:63:d0:7a:4e:f8:3b:00:bd:20:c2:11:ca:
fb:5c:d7:79:d7:eb:d6:43:29:c1:5c:fd:37:04:bf:
3d:d8:8d:db:77:1d:91:05:38:36:52:fb:e4:bb:98:
91:67:30:d2:70:5f:d8:e7:97:73:fa:65:37:cc:a7:
89:39:3d:c1:1d:1b:70:c0:bc:5f:b3:62:76:a1:33:
e9:bb:73:38:09:48:60:4c:06:c0:5e:4d:43:e1:77:
05:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1F:07:B5:A3:7D:D4:0D:03:A8:A1:0D:2A:23:31:DE:E4:79:73:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ba:df:31:bc:ff:7b:b1:c9:43:e1:3b:ac:3e:bb:8b:e2:da:79:
ae:80:3c:fb:55:19:93:64:f6:42:c0:4e:ad:36:f1:49:68:31:
60:25:90:9d:af:ea:65:93:1d:f9:1a:ca:38:e8:8f:83:02:14:
a3:b8:8f:b5:b5:3b:10:58:18:2f:0e:6f:35:2f:39:ec:da:2c:
04:af:cd:ab:5f:13:a1:e6:b7:1b:cb:02:9d:fb:b8:49:f3:ac:
44:49:f6:f6:fb:f2:68:ea:4f:e1:25:ee:42:8d:78:35:39:bd:
a7:38:7c:e5:d7:3d:f5:1b:e8:cc:11:de:d0:06:ab:9d:31:f8:
24:62:b4:6b:c9:a7:7a:db:a7:4e:02:e4:fa:a1:d8:2a:95:41:
bd:9d:20:4d:32:14:f1:19:18:06:d1:19:6b:5b:15:09:18:87:
86:5f:18:34:d2:72:4a:91:8a:95:95:44:e1:1d:c1:ee:a7:09:
b1:4e:02:20:3b:45:3a:c7:49:0d:f7:69:7f:16:f9:b8:2e:26:
d4:92:a8:c2:72:f2:c5:df:c3:13:e5:25:c4:e9:c9:8b:e6:d3:
7d:46:c7:64:9d:bb:e7:a4:ac:cb:73:cf:aa:91:5d:c2:de:1f:
5d:0b:32:8b:19:51:4b:29:26:53:fb:39:d2:53:9d:ac:1d:18:
df:ad:78:34
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZIEY1EE6avepVMICnkXOwSD+l9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMTJaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDc3ZjQ4NjZmYmJmMDQ2YTU0N2YzZGRkOTkwMDRhNGZiMzgzMTAwNmE4MjBj
OGNhYzZkYTE1YzdjMDcxNGRiN2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHEIYXhKlJOuK6JsgqA2xdqN291nUwZ4gGqaSm0HStVqJgpJ9DDGeXuOUAT
LVbNPgLvOGDCsMR7N1HyO7KJh9HmgX+4/puIG6q73UE2hcGux8Oa7VlX889mOie0
+nAhMPwkbm+qjisb/OczG/d/Nn/GtD+Mqa0cS4JmAWa+RXVldfWTSZuZrkS/pids
9Do0pyB92iIR7dzsp1Dm6OyiADcUGg4UigEaY9B6Tvg7AL0gwhHK+1zXedfr1kMp
wVz9NwS/PdiN23cdkQU4NlL75LuYkWcw0nBf2OeXc/plN8yniTk9wR0bcMC8X7Ni
dqEz6btzOAlIYEwGwF5NQ+F3BYsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTDHwe1
o33UDQOooQ0qIzHe5HlzCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAut8xvP97sclD4TusPruL4tp5roA8+1UZk2T2QsBO
rTbxSWgxYCWQna/qZZMd+RrKOOiPgwIUo7iPtbU7EFgYLw5vNS857NosBK/Nq18T
oea3G8sCnfu4SfOsREn29vvyaOpP4SXuQo14NTm9pzh85dc99RvozBHe0AarnTH4
JGK0a8mnetunTgLk+qHYKpVBvZ0gTTIU8RkYBtEZa1sVCRiHhl8YNNJySpGKlZVE
4R3B7qcJsU4CIDtFOsdJDfdpfxb5uC4m1JKownLyxd/DE+UlxOnJi+bTfUbHZJ27
56Ssy3PPqpFdwt4fXQsyixlRSykmU/s50lOdrB0Y3614NA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 09:00:26 2025 by rpki-client