Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: EASENpaH6mFKPkjWJPEMA0qA3osQA3SE2dSFtAAp8PM=
Subject key identifier: D9:F9:02:28:F4:A4:0F:A3:B9:BF:C4:53:BE:A0:95:E5:36:26:2E:AC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57E9636B785A76BBD48D541DB4C9C4641D72C382
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Tue 05 Aug 2025 20:21:21 +0000
ROA not before: Tue 05 Aug 2025 20:21:21 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:e9:63:6b:78:5a:76:bb:d4:8d:54:1d:b4:c9:c4:64:1d:72:c3:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:21 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=31765857a27cd0dd3cdeb5ba543175ecf8f7ae73e8c6dd41d0cf424716343702, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:13:b8:08:44:83:4f:3c:44:42:29:85:57:83:
ff:e7:d2:d7:62:2d:eb:93:c9:68:a2:0b:9c:3b:57:
6a:f1:41:f1:1b:9a:b3:99:ff:2a:c2:ba:2c:f4:48:
37:ea:5f:2a:21:08:80:b3:04:fa:5c:e8:08:bc:34:
be:9d:b8:b5:81:9e:5e:a9:4b:a9:89:d7:fb:6f:c7:
66:c7:58:6b:28:d3:d9:e1:2b:60:ee:4a:f8:9a:ec:
7c:cf:ff:2d:34:d2:09:36:57:3c:cf:c9:d2:94:4e:
e1:69:5b:8c:84:bc:42:19:9f:47:07:3c:12:2c:93:
ad:9e:34:72:63:31:60:59:71:35:1f:3f:a6:e0:3f:
ce:4b:a5:7f:47:ec:6a:3e:8e:a5:ba:fd:31:2b:62:
00:d0:6c:18:82:64:e6:04:bd:5e:b9:f8:4e:9a:40:
5b:03:9e:33:45:9a:01:d2:ec:c6:d1:88:73:ee:f3:
2f:c1:3d:d2:77:2b:c0:c7:89:b6:d5:50:fa:13:da:
28:f0:5b:96:f5:9c:cb:28:4a:04:13:25:f3:ef:8a:
85:fb:62:b1:ca:e9:d6:60:33:b6:be:a3:8a:8e:6d:
ef:78:71:95:9e:c0:73:5f:c9:b7:0b:3b:b9:bc:43:
e6:6b:f4:52:1a:82:7e:26:72:8f:f1:f0:d9:b6:d7:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F9:02:28:F4:A4:0F:A3:B9:BF:C4:53:BE:A0:95:E5:36:26:2E:AC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:6d:0a:79:22:15:f2:a0:ee:fd:63:dd:66:c6:f9:3f:bc:df:
01:0a:48:70:dd:43:57:b3:2b:ef:fd:9c:2c:e7:83:36:9c:da:
3b:88:68:33:be:ac:2d:4b:b5:c9:99:d9:9d:43:6a:19:94:a3:
0f:aa:48:25:9c:20:4e:28:34:52:cc:0e:b5:1e:11:39:b7:83:
d2:8a:c3:00:21:68:5c:20:72:f4:c5:72:c9:0f:9d:11:3b:9e:
d0:3f:48:ca:2e:a7:da:11:53:35:5f:fe:27:ea:cd:68:8e:b0:
4b:58:cb:78:5f:1b:4a:b4:0e:bc:d6:7c:f1:12:d8:2a:e4:1a:
32:3f:a9:98:ed:d8:cb:af:34:c7:02:f9:46:df:12:40:cc:b0:
db:fe:6d:22:e2:c7:85:c6:25:3b:59:1c:94:90:ad:63:29:48:
2b:94:6a:59:89:56:00:92:6d:3d:8f:89:60:70:90:6d:25:d1:
3b:d9:56:df:0a:db:d3:22:4e:2c:c1:02:b8:ad:d9:20:e6:a2:
e7:b3:78:41:c3:b8:30:aa:df:26:30:78:68:63:14:e4:dc:6e:
a3:4e:c7:4f:f0:80:94:01:0a:2e:b5:fb:ec:9c:89:e4:c1:df:
ce:d3:2f:6c:52:24:cb:f8:59:5c:c7:f3:c0:0c:4c:f1:cd:f2:
56:b3:72:8a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUV+lja3hadrvUjVQdtMnEZB1yw4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDMxNzY1ODU3YTI3Y2QwZGQzY2RlYjViYTU0MzE3NWVjZjhmN2FlNzNlOGM2
ZGQ0MWQwY2Y0MjQ3MTYzNDM3MDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANMTuAhEg088REIphVeD/+fS12It65PJaKILnDtXavFB8Ruas5n/KsK6LPRI
N+pfKiEIgLME+lzoCLw0vp24tYGeXqlLqYnX+2/HZsdYayjT2eErYO5K+JrsfM//
LTTSCTZXPM/J0pRO4WlbjIS8QhmfRwc8EiyTrZ40cmMxYFlxNR8/puA/zkulf0fs
aj6Opbr9MStiANBsGIJk5gS9Xrn4TppAWwOeM0WaAdLsxtGIc+7zL8E90ncrwMeJ
ttVQ+hPaKPBblvWcyyhKBBMl8++Khftiscrp1mAztr6jio5t73hxlZ7Ac1/Jtws7
ubxD5mv0UhqCfiZyj/Hw2bbX6QsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTZ+QIo
9KQPo7m/xFO+oJXlNiYurDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAL20KeSIV8qDu/WPdZsb5P7zfAQpIcN1DV7Mr7/2c
LOeDNpzaO4hoM76sLUu1yZnZnUNqGZSjD6pIJZwgTig0UswOtR4RObeD0orDACFo
XCBy9MVyyQ+dETue0D9Iyi6n2hFTNV/+J+rNaI6wS1jLeF8bSrQOvNZ88RLYKuQa
Mj+pmO3Yy680xwL5Rt8SQMyw2/5tIuLHhcYlO1kclJCtYylIK5RqWYlWAJJtPY+J
YHCQbSXRO9lW3wrb0yJOLMECuK3ZIOai57N4QcO4MKrfJjB4aGMU5Nxuo07HT/CA
lAEKLrX77JyJ5MHfztMvbFIky/hZXMfzwAxM8c3yVrNyig==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:16 2025 by rpki-client