Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: //R/tnSH0VC1xge7WRy/RA50A3tyq8zy4gVBaTJQGt8=
Subject key identifier: 77:6E:92:71:86:AC:7D:E7:BC:D8:B2:7A:3A:74:2E:4C:4C:06:5F:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 59D220D4D96B9938E5A16C7160EFE78EFA522E70
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Fri 11 Jul 2025 20:51:01 +0000
ROA not before: Fri 11 Jul 2025 20:51:01 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d2:20:d4:d9:6b:99:38:e5:a1:6c:71:60:ef:e7:8e:fa:52:2e:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:51:01 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1c1fdf8ee84a8b91d27cad9fde146075ac97e74bb429e52c6788f9457b3f8191, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9f:32:8f:86:05:d8:ad:76:ac:4f:3e:2c:c8:
ef:62:5f:00:fb:7c:06:ee:e6:b1:a7:6a:4d:a1:7d:
03:78:f5:e5:e5:b2:d6:17:94:96:c1:c3:39:79:91:
20:1f:d4:ec:21:b9:24:39:65:a0:2c:fa:78:06:23:
7f:5b:4e:55:26:5c:bf:6f:a1:c9:76:4d:40:2a:fc:
59:3c:a1:67:21:c2:9c:2d:c4:aa:1b:52:82:e7:46:
9b:b4:e3:c3:77:ed:5c:9e:ef:cb:08:fd:7e:1d:c3:
17:55:1c:c5:56:1a:8a:91:88:d7:30:d4:86:b6:5b:
bd:5e:4a:94:e9:ee:ba:c8:1d:a7:8e:60:d8:5b:1a:
31:fc:26:de:36:36:04:5f:b2:38:33:ec:82:26:af:
af:a5:fd:cb:07:27:78:48:18:2b:32:14:ff:29:9b:
d3:f0:3f:65:bb:f9:e6:19:b7:ce:04:fe:5e:43:61:
c7:4f:c9:75:11:bc:7d:c3:7d:f3:58:21:a2:dc:1e:
2c:40:df:93:0d:68:5e:bf:87:57:e2:1e:c7:95:37:
20:75:c6:e9:b2:dc:93:06:f3:03:7d:db:77:d6:39:
96:e7:65:6f:b0:2d:6f:a4:42:6a:f9:35:24:94:3a:
67:6b:54:8b:66:39:96:76:3e:e6:65:4f:e3:df:73:
98:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:6E:92:71:86:AC:7D:E7:BC:D8:B2:7A:3A:74:2E:4C:4C:06:5F:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:af:9d:b5:e2:88:2d:f0:b4:1a:41:8c:b4:86:e7:ca:6d:dc:
c4:bb:1f:af:67:1d:e6:d0:2c:bb:34:c9:57:0c:58:b2:a4:9e:
f2:3e:ee:62:7d:f7:a8:3b:6d:47:c7:c2:1a:11:35:e0:d4:6c:
a7:ba:3f:33:67:23:b2:0c:0c:0c:4b:f7:2e:33:af:c0:24:16:
b7:a6:5e:70:08:91:2b:cd:8a:35:0c:99:8e:80:a4:d9:82:fe:
36:d2:3b:a2:3d:3e:06:61:90:d9:7b:f3:00:75:86:f8:73:a6:
dd:47:36:e6:72:c4:ce:17:cc:23:72:43:d0:f5:62:a9:eb:23:
bf:7a:ae:33:57:50:66:63:36:f2:c8:05:8f:6a:48:8a:96:b2:
91:87:9b:11:f3:3e:76:60:40:4d:44:42:15:07:b1:41:cd:c7:
d8:c2:15:71:cb:b8:fc:90:d5:f9:d8:e8:72:d4:a3:54:16:9e:
00:13:a9:0a:5a:f5:6c:35:dc:9c:4e:c6:55:af:91:d4:c4:be:
e9:5c:8e:fa:0a:2e:d7:66:26:b0:4b:20:e8:93:4c:f5:99:f5:
68:fa:70:44:f6:4a:ee:59:ab:a4:a9:75:93:56:a3:c8:0e:6e:
00:4e:38:ab:85:d0:83:a0:2a:fb:71:de:4e:b2:58:08:e7:6d:
aa:e7:f2:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUWdIg1NlrmTjloWxxYO/njvpSLnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUxMDFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMWZkZjhlZTg0YThiOTFkMjdjYWQ5ZmRlMTQ2MDc1YWM5N2U3NGJiNDI5
ZTUyYzY3ODhmOTQ1N2IzZjgxOTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOCfMo+GBditdqxPPizI72JfAPt8Bu7msadqTaF9A3j15eWy1heUlsHDOXmR
IB/U7CG5JDlloCz6eAYjf1tOVSZcv2+hyXZNQCr8WTyhZyHCnC3EqhtSgudGm7Tj
w3ftXJ7vywj9fh3DF1UcxVYaipGI1zDUhrZbvV5KlOnuusgdp45g2FsaMfwm3jY2
BF+yODPsgiavr6X9ywcneEgYKzIU/ymb0/A/Zbv55hm3zgT+XkNhx0/JdRG8fcN9
81ghotweLEDfkw1oXr+HV+Iex5U3IHXG6bLckwbzA33bd9Y5ludlb7Atb6RCavk1
JJQ6Z2tUi2Y5lnY+5mVP499zmHECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR3bpJx
hqx957zYsno6dC5MTAZfJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQB/r5214ogt8LQaQYy0hufKbdzEux+vZx3m0Cy7NMlX
DFiypJ7yPu5iffeoO21Hx8IaETXg1Gynuj8zZyOyDAwMS/cuM6/AJBa3pl5wCJEr
zYo1DJmOgKTZgv420juiPT4GYZDZe/MAdYb4c6bdRzbmcsTOF8wjckPQ9WKp6yO/
eq4zV1BmYzbyyAWPakiKlrKRh5sR8z52YEBNREIVB7FBzcfYwhVxy7j8kNX52Ohy
1KNUFp4AE6kKWvVsNdycTsZVr5HUxL7pXI76Ci7XZiawSyDok0z1mfVo+nBE9kru
WaukqXWTVqPIDm4ATjirhdCDoCr7cd5OslgI522q5/I8
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:35:48 2025 by rpki-client