Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: reZAnCMiL76NZuHMpryKoED9GE0Pv/DoY1HfIhfeXb4=
Subject key identifier: EC:BE:79:62:7A:A1:F4:24:B8:AA:4F:56:D6:D1:DB:9B:BD:57:E3:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2328D3E9F2F6309842716E33B2111DDDB7CC5C8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Tue 05 Aug 2025 20:20:46 +0000
ROA not before: Tue 05 Aug 2025 20:20:46 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:28:d3:e9:f2:f6:30:98:42:71:6e:33:b2:11:1d:dd:b7:cc:5c:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:46 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=034c6bfd395ac27b8d060b21823d738166f1cd08e60589246384d8d9df7df85a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0d:a2:7b:dd:38:e4:96:08:d5:34:59:1a:5c:
56:a5:40:18:02:2a:fc:d9:19:95:d0:a6:60:85:c8:
b9:ac:b8:ea:98:f8:5e:16:57:0d:63:2f:69:0b:b7:
fb:be:33:d9:52:2e:3d:8c:e0:65:2a:ce:63:8c:37:
28:38:b5:d2:0d:51:da:d2:4c:6d:72:17:20:76:b3:
47:ab:94:3f:50:bb:58:6a:83:0e:e8:1f:26:52:b7:
8b:9b:b0:35:9e:39:58:bf:64:70:22:5a:60:14:5e:
27:d7:51:66:77:b4:07:5b:aa:0a:e1:cc:ce:bf:97:
9a:e2:ad:b5:04:be:28:69:14:13:0c:ed:76:16:93:
ce:ec:4c:b6:20:85:23:75:a9:4b:bb:90:1a:d9:29:
7a:8f:3b:26:fc:ff:6a:99:a3:11:16:66:dd:d0:be:
12:59:14:9d:11:76:23:b9:f8:04:30:69:7a:45:26:
da:99:94:f7:66:04:d0:90:e0:2f:c1:f1:1a:ab:88:
3d:3a:3f:14:d3:44:44:83:ad:ba:ba:62:4c:a7:6f:
10:ad:7f:c8:8c:0e:73:dd:c8:76:eb:4c:f1:06:ba:
2a:14:af:86:20:c6:ba:85:7f:33:aa:c1:32:fc:b8:
82:71:dd:32:bc:65:7e:5f:cc:7c:5a:86:f4:9b:20:
02:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:BE:79:62:7A:A1:F4:24:B8:AA:4F:56:D6:D1:DB:9B:BD:57:E3:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6f:61:c6:f7:16:a9:2e:eb:61:de:cf:90:00:28:4c:6a:3f:b3:
7f:54:73:32:ea:fc:c1:be:65:7a:64:05:73:10:9c:e1:87:de:
dd:60:08:b2:95:83:84:36:cc:bb:c9:58:a2:4d:99:03:0a:bd:
bd:90:5c:a0:ac:f7:df:b1:0d:f6:31:0a:5f:15:61:78:15:b1:
29:89:a3:52:bb:39:1d:b5:7e:3e:81:80:8e:53:42:7e:5e:54:
bf:15:4e:22:b3:42:73:bc:3a:a2:8a:d2:13:73:23:99:66:a8:
77:87:a4:5b:d3:b5:33:a7:f6:7b:3a:f3:24:3d:8a:7d:53:13:
d5:58:da:e8:40:5f:a8:ed:93:49:92:df:55:6a:6b:8b:80:cc:
b1:42:32:06:d5:39:62:6b:95:bf:48:7f:7b:1c:07:22:b7:78:
db:62:c8:96:61:20:0f:92:98:ae:5a:a6:28:90:aa:5e:61:d3:
95:f4:72:37:ca:01:90:02:a4:b0:c0:19:09:0b:ad:bf:3e:41:
bd:55:e6:0b:11:80:82:7f:6c:53:cc:4e:4b:6c:d2:03:bd:92:
5b:35:8a:01:2f:2d:2d:a5:8b:30:0c:62:79:f5:ae:0a:09:ae:
75:57:40:d2:eb:6c:f0:fb:e6:84:72:dd:dd:65:3f:98:22:d4:
3d:00:a9:58
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIyjT6fL2MJhCcW4zshEd3bfMXIwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNDZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzNGM2YmZkMzk1YWMyN2I4ZDA2MGIyMTgyM2Q3MzgxNjZmMWNkMDhlNjA1
ODkyNDYzODRkOGQ5ZGY3ZGY4NWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwNonvdOOSWCNU0WRpcVqVAGAIq/NkZldCmYIXIuay46pj4XhZXDWMvaQu3
+74z2VIuPYzgZSrOY4w3KDi10g1R2tJMbXIXIHazR6uUP1C7WGqDDugfJlK3i5uw
NZ45WL9kcCJaYBReJ9dRZne0B1uqCuHMzr+XmuKttQS+KGkUEwztdhaTzuxMtiCF
I3WpS7uQGtkpeo87Jvz/apmjERZm3dC+ElkUnRF2I7n4BDBpekUm2pmU92YE0JDg
L8HxGquIPTo/FNNERIOturpiTKdvEK1/yIwOc93IdutM8Qa6KhSvhiDGuoV/M6rB
Mvy4gnHdMrxlfl/MfFqG9JsgAmECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTsvnli
eqH0JLiqT1bW0dubvVfjVTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQBvYcb3Fqku62Hez5AAKExqP7N/VHMy6vzBvmV6ZAVz
EJzhh97dYAiylYOENsy7yViiTZkDCr29kFygrPffsQ32MQpfFWF4FbEpiaNSuzkd
tX4+gYCOU0J+XlS/FU4is0JzvDqiitITcyOZZqh3h6Rb07Uzp/Z7OvMkPYp9UxPV
WNroQF+o7ZNJkt9VamuLgMyxQjIG1Tlia5W/SH97HAcit3jbYsiWYSAPkpiuWqYo
kKpeYdOV9HI3ygGQAqSwwBkJC62/PkG9VeYLEYCCf2xTzE5LbNIDvZJbNYoBLy0t
pYswDGJ59a4KCa51V0DS62zw++aEct3dZT+YItQ9AKlY
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:58 2025 by rpki-client