Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: 5MJTLIEeZoJmed1rlWz7vr9sNGooSouHYTdLh3qzusg=
Subject key identifier: 7E:40:3F:B2:4C:D5:78:DC:29:8B:BD:AC:D2:9E:96:2A:BE:DB:86:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 539F94594DA7F51829FCC679C83B737823816730
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Tue 05 Aug 2025 20:21:23 +0000
ROA not before: Tue 05 Aug 2025 20:21:23 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:9f:94:59:4d:a7:f5:18:29:fc:c6:79:c8:3b:73:78:23:81:67:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:23 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4aebbcfd15eed0c4d24bc7e1e1b95f81eb520ec674866683d8701926235453d4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b9:56:09:74:1b:ea:5f:a4:ec:7e:06:ad:94:
14:58:9b:4d:ab:e9:09:ce:d0:50:b4:69:dc:c2:0b:
99:06:27:c3:0d:f2:eb:f9:ab:d6:a2:98:87:f8:f3:
10:f3:f2:60:35:39:ac:b6:b9:65:16:29:07:9b:f7:
e0:5c:25:3d:14:31:45:9b:af:f6:ba:cf:69:8f:aa:
e1:21:31:a9:61:af:45:52:87:23:3b:1b:d4:7d:13:
4a:df:b6:b3:75:61:53:de:da:8c:3d:79:6b:49:1a:
7b:56:44:42:8d:11:53:4e:9b:a8:3b:9e:db:a2:ee:
f9:e3:84:cd:91:e1:f4:50:51:85:20:26:3a:b0:fc:
cb:ec:bc:66:ae:9c:d2:24:4f:a8:70:70:d5:8f:91:
b3:e7:70:44:22:68:36:00:de:38:69:19:97:34:eb:
59:a3:07:64:03:87:ad:4c:96:54:fd:d1:5c:72:1e:
3b:c2:c1:aa:40:55:95:5c:57:83:64:db:69:de:47:
5b:f5:bb:4f:fc:ba:93:77:6d:5e:ad:2c:fb:32:2a:
0c:a9:8e:54:f1:f7:4c:25:5a:fd:ec:06:63:40:b6:
92:1c:7f:45:3c:23:25:0f:a5:d7:98:a8:aa:ca:b9:
1f:77:09:5b:7a:d9:8e:77:12:16:05:21:0e:10:42:
50:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:40:3F:B2:4C:D5:78:DC:29:8B:BD:AC:D2:9E:96:2A:BE:DB:86:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
72:b2:16:75:29:37:c4:ff:ac:81:6b:6d:e8:df:87:b5:76:0a:
17:2b:3c:e2:68:ba:da:da:a9:bf:c0:04:88:23:ad:3b:fb:a5:
16:83:54:7e:53:4a:bd:6c:88:f1:0b:e5:4c:cf:6d:89:0d:d1:
e2:7a:d3:98:de:ad:2c:1d:62:12:f3:3e:74:e0:44:9a:a4:68:
47:00:f7:e8:57:e2:87:02:ac:63:81:62:81:42:b8:6a:c2:41:
bd:87:67:93:58:5f:66:5f:18:16:a4:7a:99:21:79:22:f1:6d:
7a:b0:50:93:00:5a:ec:85:16:a5:b2:3b:f3:71:db:0d:e1:5d:
44:52:46:65:4f:af:a7:b6:0d:34:16:b9:f0:a9:8b:59:5d:eb:
90:5d:86:a2:0f:96:38:8d:cf:8f:82:7a:71:91:4a:62:49:00:
16:f1:55:fb:49:34:5f:c2:4f:3a:ec:9d:71:df:58:cf:a7:04:
bb:09:a8:e2:70:51:48:37:27:dd:a0:ef:01:ff:4f:c4:5d:17:
be:bb:d1:32:7a:ea:a9:b5:c3:0e:8b:0d:14:47:b4:a0:13:03:
64:2d:f3:6f:1c:bd:e9:98:29:25:45:a5:01:dd:c9:67:0e:7b:
5d:99:85:ca:39:05:ea:79:05:da:9d:09:05:b0:98:be:9a:68:
d4:18:90:94
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUU5+UWU2n9Rgp/MZ5yDtzeCOBZzAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZWJiY2ZkMTVlZWQwYzRkMjRiYzdlMWUxYjk1ZjgxZWI1MjBlYzY3NDg2
NjY4M2Q4NzAxOTI2MjM1NDUzZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL65Vgl0G+pfpOx+Bq2UFFibTavpCc7QULRp3MILmQYnww3y6/mr1qKYh/jz
EPPyYDU5rLa5ZRYpB5v34FwlPRQxRZuv9rrPaY+q4SExqWGvRVKHIzsb1H0TSt+2
s3VhU97ajD15a0kae1ZEQo0RU06bqDue26Lu+eOEzZHh9FBRhSAmOrD8y+y8Zq6c
0iRPqHBw1Y+Rs+dwRCJoNgDeOGkZlzTrWaMHZAOHrUyWVP3RXHIeO8LBqkBVlVxX
g2Tbad5HW/W7T/y6k3dtXq0s+zIqDKmOVPH3TCVa/ewGY0C2khx/RTwjJQ+l15io
qsq5H3cJW3rZjncSFgUhDhBCUP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR+QD+y
TNV43CmLvazSnpYqvtuG0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQByshZ1KTfE/6yBa23o34e1dgoXKzziaLra2qm/wASI
I607+6UWg1R+U0q9bIjxC+VMz22JDdHietOY3q0sHWIS8z504ESapGhHAPfoV+KH
AqxjgWKBQrhqwkG9h2eTWF9mXxgWpHqZIXki8W16sFCTAFrshRalsjvzcdsN4V1E
UkZlT6+ntg00FrnwqYtZXeuQXYaiD5Y4jc+PgnpxkUpiSQAW8VX7STRfwk867J1x
31jPpwS7CajicFFINyfdoO8B/0/EXRe+u9EyeuqptcMOiw0UR7SgEwNkLfNvHL3p
mCklRaUB3clnDntdmYXKOQXqeQXanQkFsJi+mmjUGJCU
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:33 2025 by rpki-client