
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: S1aKnBsPMkDgtGpVh1KyFssofk5B6G8d8cGF+5hGR0I=
Subject key identifier: 62:DE:28:71:AC:6D:2D:C8:B3:3E:7F:5F:56:45:A9:0D:F1:76:03:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B2621C5D5ED1C195BDEE1ADCB951AAF3B112A8C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Fri 11 Jul 2025 20:51:00 +0000
ROA not before: Fri 11 Jul 2025 20:51:00 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:26:21:c5:d5:ed:1c:19:5b:de:e1:ad:cb:95:1a:af:3b:11:2a:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:51:00 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3bf51a5e5812aa5ec520a861903826db794d628d55f065885a3b93b0a1643934, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e1:a4:c7:76:89:b4:d8:ab:51:e4:03:65:26:
51:6b:d8:54:11:6e:c4:bb:c2:3c:54:11:1f:2a:d0:
03:26:7e:3f:2b:ee:0b:53:13:03:0d:55:81:9b:e4:
4f:4e:fe:b8:a5:e6:51:ab:12:a8:67:75:b6:11:ff:
7a:93:6c:9a:35:4d:a3:9d:fa:fa:94:f3:09:8b:65:
70:0d:fd:5b:c3:28:b0:1e:e5:f3:f3:21:72:e1:71:
a3:27:85:4a:48:d8:38:9e:2b:1b:bf:5d:de:1d:b3:
64:71:c4:21:80:62:28:71:9e:b2:2c:f1:3e:9d:fc:
ba:92:05:bc:79:bf:53:9a:33:da:28:80:8a:7f:93:
f1:04:32:e4:0d:a2:e3:3c:08:f7:a8:e9:43:fe:4f:
76:6d:49:2b:0c:7e:5c:3c:17:68:1e:90:ad:c8:81:
ee:ae:c8:5d:e1:98:f2:36:34:a4:b8:c7:d9:81:ee:
89:c5:ff:31:dc:a1:1b:c0:12:fe:85:0f:7d:c9:27:
ab:48:85:de:20:72:9f:43:73:a0:c9:e1:5b:6b:08:
5a:87:60:ce:74:da:41:c9:e8:78:d8:26:8b:64:6a:
e7:73:5b:77:fe:55:6d:94:4a:52:26:75:d9:fb:77:
9c:61:d2:c6:81:3f:73:0e:9c:46:85:c3:2c:9d:59:
af:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:DE:28:71:AC:6D:2D:C8:B3:3E:7F:5F:56:45:A9:0D:F1:76:03:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
18:7a:36:47:f7:d7:99:0e:46:ab:46:52:de:33:81:59:34:1a:
cc:e1:ae:83:c9:25:7d:60:c1:5e:37:dd:cb:3a:97:c0:e9:72:
aa:63:5d:bc:dd:0d:76:f8:0b:ce:51:ca:85:71:df:88:1d:b2:
60:e9:8a:48:3e:01:3f:74:f4:68:c5:88:48:8e:9b:b9:9f:b6:
9a:1e:10:8f:6d:a0:92:6a:14:26:7f:54:d9:cc:cb:4f:cf:44:
a5:ce:4f:0e:17:00:b1:92:b4:0a:68:3e:74:a7:7e:ea:2f:0a:
44:3b:c2:5b:0e:f9:9a:c6:1d:5b:95:6d:0b:b1:46:56:46:c9:
82:57:eb:0e:6b:fe:51:be:6f:04:1f:a1:fe:30:e8:9e:55:6d:
81:97:da:43:4f:1c:1a:5f:87:ac:a9:7c:18:2c:b2:c4:9a:0b:
c0:95:b2:e2:c2:7d:39:8b:e0:03:ef:77:da:87:bd:50:14:36:
c2:50:e2:82:2c:2f:1a:72:64:34:95:e5:25:38:6d:2d:ee:c8:
74:4e:26:99:0e:e1:28:04:f1:ef:f9:ab:00:10:c2:ec:44:d4:
11:99:19:9c:01:40:82:02:bf:dc:f1:72:b0:5b:ae:93:0c:c1:
20:fb:11:10:01:16:e0:58:7a:d6:33:6d:dc:a1:08:8d:07:d8:
9a:46:16:fa
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCyYhxdXtHBlb3uGty5UarzsRKowwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUxMDBaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiZjUxYTVlNTgxMmFhNWVjNTIwYTg2MTkwMzgyNmRiNzk0ZDYyOGQ1NWYw
NjU4ODVhM2I5M2IwYTE2NDM5MzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvhpMd2ibTYq1HkA2UmUWvYVBFuxLvCPFQRHyrQAyZ+PyvuC1MTAw1VgZvk
T07+uKXmUasSqGd1thH/epNsmjVNo536+pTzCYtlcA39W8MosB7l8/MhcuFxoyeF
SkjYOJ4rG79d3h2zZHHEIYBiKHGesizxPp38upIFvHm/U5oz2iiAin+T8QQy5A2i
4zwI96jpQ/5Pdm1JKwx+XDwXaB6QrciB7q7IXeGY8jY0pLjH2YHuicX/MdyhG8AS
/oUPfcknq0iF3iByn0NzoMnhW2sIWodgznTaQcnoeNgmi2Rq53Nbd/5VbZRKUiZ1
2ft3nGHSxoE/cw6cRoXDLJ1Zr1ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRi3ihx
rG0tyLM+f19WRakN8XYDOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAGHo2R/fXmQ5Gq0ZS3jOBWTQazOGug8klfWDBXjfd
yzqXwOlyqmNdvN0NdvgLzlHKhXHfiB2yYOmKSD4BP3T0aMWISI6buZ+2mh4Qj22g
kmoUJn9U2czLT89Epc5PDhcAsZK0Cmg+dKd+6i8KRDvCWw75msYdW5VtC7FGVkbJ
glfrDmv+Ub5vBB+h/jDonlVtgZfaQ08cGl+HrKl8GCyyxJoLwJWy4sJ9OYvgA+93
2oe9UBQ2wlDigiwvGnJkNJXlJThtLe7IdE4mmQ7hKATx7/mrABDC7ETUEZkZnAFA
ggK/3PFysFuukwzBIPsREAEW4Fh61jNt3KEIjQfYmkYW+g==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:38:50 2025 by rpki-client