Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: SrbGYEgsJzMecgcCykzy1UyAsL5VReiFpM1/zrDk4yg=
Subject key identifier: 80:3E:89:EF:0F:0E:10:E4:F9:0C:CE:7D:A7:35:70:83:15:85:24:D9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 732DF6774BB98FA77FFEB151EA664E47442956A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Mon 16 Jun 2025 21:50:06 +0000
ROA not before: Mon 16 Jun 2025 21:50:06 +0000
ROA not after: Mon 21 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:2d:f6:77:4b:b9:8f:a7:7f:fe:b1:51:ea:66:4e:47:44:29:56:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jun 16 21:50:06 2025 GMT
Not After : Jul 21 23:59:59 2025 GMT
Subject: serialNumber=49529df5b2342cf292a1cfd9b33eb3a98116d65cb6315f12f6d21ddcb532240f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:23:4b:14:3b:3e:3a:ae:40:fe:37:95:0e:d0:
3e:a4:70:85:07:c5:49:f9:07:e2:7e:af:9a:53:9e:
e7:48:c8:4f:87:34:11:91:c7:1b:3e:49:28:9d:6d:
2a:87:ed:75:2b:8a:ca:14:86:62:75:7f:23:85:19:
ff:55:ff:03:97:7f:64:db:ae:be:5a:0b:6f:10:3a:
0b:c7:aa:9d:e8:f1:17:56:17:4b:d7:cb:11:c2:4e:
47:81:a0:42:42:d9:c0:6c:8a:be:4a:45:10:28:9b:
33:be:ea:7c:41:0d:37:69:ad:86:58:dd:f6:e8:3c:
55:27:f1:c6:77:cc:b0:18:c7:60:4c:a6:4c:2e:86:
f0:77:4f:83:e5:24:d1:7c:12:c0:b1:51:ba:c8:43:
ea:32:c9:ec:04:7b:1e:62:93:d0:e8:13:e2:1b:c8:
ed:31:7e:77:62:2e:fc:8e:aa:fc:50:d0:52:ad:f6:
18:7f:5b:8b:8c:bb:b8:5a:cb:35:76:3a:24:3a:e3:
12:af:c1:f7:30:b5:34:43:1d:4f:50:0e:57:0b:b5:
1a:8a:51:e1:46:d0:1a:9b:cf:bd:50:ff:1e:34:2f:
67:c5:cc:2b:f2:11:95:3b:1b:99:99:8b:15:a8:51:
7a:a0:c2:22:78:01:ff:7a:30:bd:5f:b9:f7:73:7f:
0d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3E:89:EF:0F:0E:10:E4:F9:0C:CE:7D:A7:35:70:83:15:85:24:D9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
73:86:05:3a:7b:80:a9:d6:23:44:67:98:aa:7f:81:ce:00:ff:
9e:eb:8d:40:ea:93:54:6a:d6:42:dc:6c:48:b7:96:a7:e4:36:
43:20:7e:2e:e4:fc:cb:1d:8e:45:ec:f3:2a:be:8a:ed:f1:c7:
b3:88:95:ed:6e:a1:7c:df:21:94:74:66:ce:42:24:b6:fa:df:
6c:7c:60:54:c1:3b:1c:3a:31:e4:ba:ec:43:f6:34:c6:1a:7b:
11:e5:5c:a8:28:f5:d8:6d:ff:5e:04:18:f9:97:27:1b:28:4c:
b4:d2:d1:5f:5d:c3:22:0e:df:0f:a0:d2:21:f4:48:84:76:42:
94:98:a3:8a:3b:9b:bb:06:dd:af:01:fd:38:4e:b6:93:a7:59:
f7:30:96:23:eb:8d:e8:37:fa:5c:75:30:c5:6c:cc:65:20:58:
9b:e3:82:a6:49:dd:76:07:8b:65:69:b0:20:65:d5:48:a3:c2:
36:be:89:1c:f8:bc:42:a3:63:18:98:1f:bc:4f:66:09:03:d8:
9e:6a:12:4b:d1:9c:68:0d:48:41:a8:de:65:40:4f:42:80:1f:
a9:2f:c6:27:df:2e:0c:be:7c:60:34:a9:72:2e:0a:85:6f:fc:
a7:2f:45:12:fb:74:c5:81:0a:bb:8c:01:c6:64:71:0e:66:fd:
a3:fc:33:8f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcy32d0u5j6d//rFR6mZOR0QpVqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA2MTYyMTUwMDZaFw0yNTA3MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5NTI5ZGY1YjIzNDJjZjI5MmExY2ZkOWIzM2ViM2E5ODExNmQ2NWNiNjMx
NWYxMmY2ZDIxZGRjYjUzMjI0MGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUjSxQ7PjquQP43lQ7QPqRwhQfFSfkH4n6vmlOe50jIT4c0EZHHGz5JKJ1t
KoftdSuKyhSGYnV/I4UZ/1X/A5d/ZNuuvloLbxA6C8eqnejxF1YXS9fLEcJOR4Gg
QkLZwGyKvkpFECibM77qfEENN2mthljd9ug8VSfxxnfMsBjHYEymTC6G8HdPg+Uk
0XwSwLFRushD6jLJ7AR7HmKT0OgT4hvI7TF+d2Iu/I6q/FDQUq32GH9bi4y7uFrL
NXY6JDrjEq/B9zC1NEMdT1AOVwu1GopR4UbQGpvPvVD/HjQvZ8XMK/IRlTsbmZmL
FahReqDCIngB/3owvV+593N/DXECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSAPonv
Dw4Q5PkMzn2nNXCDFYUk2TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAc4YFOnuAqdYjRGeYqn+BzgD/nuuNQOqTVGrWQtxs
SLeWp+Q2QyB+LuT8yx2ORezzKr6K7fHHs4iV7W6hfN8hlHRmzkIktvrfbHxgVME7
HDox5LrsQ/Y0xhp7EeVcqCj12G3/XgQY+ZcnGyhMtNLRX13DIg7fD6DSIfRIhHZC
lJijijubuwbdrwH9OE62k6dZ9zCWI+uN6Df6XHUwxWzMZSBYm+OCpknddgeLZWmw
IGXVSKPCNr6JHPi8QqNjGJgfvE9mCQPYnmoSS9GcaA1IQajeZUBPQoAfqS/GJ98u
DL58YDSpci4KhW/8py9FEvt0xYEKu4wBxmRxDmb9o/wzjw==
-----END CERTIFICATE-----
Generated at Mon Jun 30 23:27:07 2025 by rpki-client