Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: bDqPoBgsCmJZ/AKoDA7KwQUNiM6up5uJCrfxarnKCIc=
Subject key identifier: AE:31:CE:C9:A9:7F:C4:17:02:56:97:D6:A6:64:95:58:58:5C:35:0A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 136A7D0F546F7301535D57C4C3E521FC62D3716F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Tue 15 Jul 2025 00:30:05 +0000
ROA not before: Tue 15 Jul 2025 00:30:05 +0000
ROA not after: Tue 19 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:6a:7d:0f:54:6f:73:01:53:5d:57:c4:c3:e5:21:fc:62:d3:71:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 15 00:30:05 2025 GMT
Not After : Aug 19 23:59:59 2025 GMT
Subject: serialNumber=a5642ed75cdcb1fa99cc888043423caae9e0809fdfbd161e52460b2d86d658c2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f7:db:66:63:6f:8c:e0:ef:e1:16:98:e3:da:
ba:96:d2:fd:f7:42:29:68:da:7f:24:cc:a1:90:d4:
d8:36:fb:74:d4:13:6b:ed:7a:d9:68:74:15:ef:71:
66:b3:e6:5c:89:68:ef:5f:99:f8:0d:79:37:f3:d3:
4b:6a:0f:51:57:66:9c:ff:6f:f9:53:d9:aa:4f:5e:
8f:ba:6b:11:0d:fa:ad:8f:22:53:ee:72:65:6c:ba:
25:7c:3a:fe:c8:e5:1e:79:40:f0:ee:ce:fa:44:78:
8f:3d:92:e3:89:ea:c6:9d:8f:d1:be:9e:e8:24:49:
94:56:e6:a8:59:37:98:e3:23:21:cc:2e:59:82:61:
3a:d5:a9:f1:36:06:ac:db:ca:aa:25:5c:bf:db:4f:
cb:21:2e:88:52:ce:b0:7d:a3:1a:33:03:5c:6e:b5:
09:94:c4:6a:b4:d2:f0:50:00:1e:c6:26:e8:a7:5c:
fe:b1:37:47:f9:fa:64:96:94:29:69:db:2c:47:38:
15:76:6d:e9:c9:8d:13:b4:3b:39:66:12:52:e3:55:
da:94:57:7e:2d:10:ca:e4:f4:bc:49:91:89:e9:6d:
e7:0c:79:d1:74:8e:0d:ca:90:55:75:8f:99:4b:ee:
99:30:cb:f5:15:50:7e:ba:ba:32:80:df:86:bf:85:
d6:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:31:CE:C9:A9:7F:C4:17:02:56:97:D6:A6:64:95:58:58:5C:35:0A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
63:1f:7a:20:67:52:73:33:09:23:48:77:0b:cd:70:65:0d:94:
88:ec:ab:1c:d2:e3:80:f1:78:e9:eb:3d:11:31:c5:80:7e:69:
36:c0:62:34:28:c8:fa:51:3f:5c:98:e2:b3:4e:93:42:fc:fb:
94:4b:19:4c:39:a5:2a:1f:15:45:3e:24:b6:dc:8b:a0:4a:50:
bb:73:35:78:14:fd:41:dc:66:09:4c:6d:c7:c6:ac:fd:02:d7:
fa:b3:da:ac:3c:c1:91:1a:cf:08:19:eb:9d:0a:81:05:10:77:
17:76:cf:64:9b:02:d6:87:55:5f:ea:3f:04:ee:e6:1c:fc:d7:
e6:0e:6f:77:54:23:61:02:e2:3e:89:51:8d:59:d3:db:7e:ec:
b5:59:c7:5b:5c:80:ac:47:db:1c:01:cf:c7:c7:f8:d0:7d:6b:
b1:fe:1e:59:6c:f7:c7:54:fc:f9:69:e2:4f:39:39:a7:7a:c9:
dd:8c:67:b2:61:c1:70:5c:c8:ac:66:29:ef:33:6d:5f:98:53:
40:71:a4:9d:58:f5:f5:f6:bb:e3:b5:4d:42:e5:86:98:91:98:
3a:f6:8e:9e:42:df:d5:9a:a1:6b:a9:c9:e5:83:d2:db:e9:13:
ea:f8:ab:4d:d5:e5:5e:cb:39:c6:e9:c5:91:96:f2:ec:b4:69:
ab:08:d5:b0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUE2p9D1RvcwFTXVfEw+Uh/GLTcW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTUwMDMwMDVaFw0yNTA4MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NjQyZWQ3NWNkY2IxZmE5OWNjODg4MDQzNDIzY2FhZTllMDgwOWZkZmJk
MTYxZTUyNDYwYjJkODZkNjU4YzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7322Zjb4zg7+EWmOPaupbS/fdCKWjafyTMoZDU2Db7dNQTa+162Wh0Fe9x
ZrPmXIlo71+Z+A15N/PTS2oPUVdmnP9v+VPZqk9ej7prEQ36rY8iU+5yZWy6JXw6
/sjlHnlA8O7O+kR4jz2S44nqxp2P0b6e6CRJlFbmqFk3mOMjIcwuWYJhOtWp8TYG
rNvKqiVcv9tPyyEuiFLOsH2jGjMDXG61CZTEarTS8FAAHsYm6Kdc/rE3R/n6ZJaU
KWnbLEc4FXZt6cmNE7Q7OWYSUuNV2pRXfi0QyuT0vEmRielt5wx50XSODcqQVXWP
mUvumTDL9RVQfrq6MoDfhr+F1q0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSuMc7J
qX/EFwJWl9amZJVYWFw1CjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAYx96IGdSczMJI0h3C81wZQ2UiOyrHNLjgPF46es9
ETHFgH5pNsBiNCjI+lE/XJjis06TQvz7lEsZTDmlKh8VRT4kttyLoEpQu3M1eBT9
QdxmCUxtx8as/QLX+rParDzBkRrPCBnrnQqBBRB3F3bPZJsC1odVX+o/BO7mHPzX
5g5vd1QjYQLiPolRjVnT237stVnHW1yArEfbHAHPx8f40H1rsf4eWWz3x1T8+Wni
Tzk5p3rJ3YxnsmHBcFzIrGYp7zNtX5hTQHGknVj19fa747VNQuWGmJGYOvaOnkLf
1Zqha6nJ5YPS2+kT6virTdXlXss5xunFkZby7LRpqwjVsA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:31:05 2025 by rpki-client