Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: 1D8F8IZIndIQvqyFPX0kTctNjdLbOHA4My1Vig/VISk=
Subject key identifier: F6:66:53:8A:7B:AE:98:EF:9D:7E:3A:0A:00:74:E0:05:90:D8:BE:AC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 431B6F9E5B999190F98FD370E36A397E6F69678A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Mon 21 Jul 2025 17:00:55 +0000
ROA not before: Mon 21 Jul 2025 17:00:55 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:1b:6f:9e:5b:99:91:90:f9:8f:d3:70:e3:6a:39:7e:6f:69:67:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:55 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=f53400da3407d959aed2a25ad99fed0da7ec06d68499564c4704db98aa004ea1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:af:f2:2d:6d:d4:ce:ab:0e:b4:eb:53:c7:
d2:81:2d:d5:82:58:39:cb:70:7a:c6:8f:f2:36:ad:
9b:12:7a:b1:6d:66:93:c9:83:ac:93:fb:db:34:e7:
e5:73:ac:53:d9:bb:9d:0b:a3:f7:f3:cf:20:4d:7d:
ac:b2:05:97:bc:ea:1d:5a:87:8f:f4:26:71:b2:a4:
b7:32:2c:16:26:11:81:51:0a:b5:c4:76:5b:90:f7:
59:a9:b9:c6:7d:96:de:e1:46:49:d4:e2:69:93:7d:
a8:ef:95:a6:b2:d4:54:b2:e8:a7:09:5e:e3:ed:08:
4e:02:61:ee:f3:6f:04:99:a2:95:df:0d:28:2b:4b:
c2:ab:eb:82:d3:c3:f5:30:8d:5c:90:07:42:00:2a:
9e:64:2d:f7:9f:66:2f:45:e6:96:ac:99:35:82:e2:
2c:7b:29:54:9f:b7:26:ea:1f:c2:c2:dd:53:4d:5c:
40:8b:cf:cb:90:34:3c:3f:de:89:fa:b0:15:2f:00:
75:a0:24:3a:1d:ba:e5:b3:ac:c4:0a:37:5e:2f:ff:
71:b6:bd:0b:94:f8:b3:49:60:12:32:bc:d5:82:af:
9f:dd:6b:85:14:d2:4f:a1:1c:c0:81:a3:a0:28:bc:
3c:03:52:3f:79:9a:68:b1:21:75:c0:72:e2:79:0c:
17:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:66:53:8A:7B:AE:98:EF:9D:7E:3A:0A:00:74:E0:05:90:D8:BE:AC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
bf:6e:34:b4:5f:f7:cf:ea:1b:ae:62:a7:7b:f6:16:f2:64:80:
e1:88:37:b5:fa:dd:55:4f:1c:6c:46:a5:b5:dc:af:82:43:1b:
57:83:07:13:88:4f:65:5b:43:52:b6:2b:57:72:2a:07:56:57:
92:b5:1c:a8:58:47:52:aa:6d:b5:f7:19:12:46:8c:f0:70:9f:
48:45:3b:8d:59:cf:2a:89:e7:2c:84:df:4b:73:49:34:4b:8a:
21:71:17:a3:9a:87:6b:9f:27:47:c0:c7:58:66:3f:f2:c1:c7:
cc:8f:98:15:26:07:3a:23:f7:95:23:51:aa:07:58:8d:e8:16:
d0:4f:b6:2b:c0:82:8e:af:9c:f9:97:49:c6:f7:d6:e0:73:ca:
6a:e1:6d:1e:2c:71:41:3e:42:2f:5d:29:73:e4:24:57:f6:13:
f5:84:55:de:e2:28:f5:ac:1f:16:09:87:66:f3:54:40:92:32:
ee:43:a5:7a:62:1a:03:08:56:df:73:b0:dd:67:53:84:83:3b:
c6:f3:e2:9d:5f:58:31:d9:f4:6e:b5:3c:93:08:8a:38:b8:fd:
6a:12:f0:8c:98:4b:40:c9:c9:76:7b:7b:a7:65:b6:53:90:40:
44:90:52:81:e1:c7:27:82:3b:41:d0:8a:36:0a:7a:24:24:23:
2a:4b:9a:2c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQxtvnluZkZD5j9Nw42o5fm9pZ4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNTVaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MzQwMGRhMzQwN2Q5NTlhZWQyYTI1YWQ5OWZlZDBkYTdlYzA2ZDY4NDk5
NTY0YzQ3MDRkYjk4YWEwMDRlYTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlGr/ItbdTOqw6061PH0oEt1YJYOctwesaP8jatmxJ6sW1mk8mDrJP72zTn
5XOsU9m7nQuj9/PPIE19rLIFl7zqHVqHj/QmcbKktzIsFiYRgVEKtcR2W5D3Wam5
xn2W3uFGSdTiaZN9qO+VprLUVLLopwle4+0ITgJh7vNvBJmild8NKCtLwqvrgtPD
9TCNXJAHQgAqnmQt959mL0XmlqyZNYLiLHspVJ+3JuofwsLdU01cQIvPy5A0PD/e
ifqwFS8AdaAkOh265bOsxAo3Xi//cba9C5T4s0lgEjK81YKvn91rhRTST6EcwIGj
oCi8PANSP3maaLEhdcBy4nkMF8UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT2ZlOK
e66Y751+OgoAdOAFkNi+rDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAv240tF/3z+obrmKne/YW8mSA4Yg3tfrdVU8cbEal
tdyvgkMbV4MHE4hPZVtDUrYrV3IqB1ZXkrUcqFhHUqpttfcZEkaM8HCfSEU7jVnP
KonnLITfS3NJNEuKIXEXo5qHa58nR8DHWGY/8sHHzI+YFSYHOiP3lSNRqgdYjegW
0E+2K8CCjq+c+ZdJxvfW4HPKauFtHixxQT5CL10pc+QkV/YT9YRV3uIo9awfFgmH
ZvNUQJIy7kOlemIaAwhW33Ow3WdThIM7xvPinV9YMdn0brU8kwiKOLj9ahLwjJhL
QMnJdnt7p2W2U5BARJBSgeHHJ4I7QdCKNgp6JCQjKkuaLA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:31:28 2025 by rpki-client