Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: tuDqDJglHbQEpIOju4W14msRtv2kryc7GYc5qZN79gE=
Subject key identifier: B9:56:06:EE:D7:60:E7:49:09:33:D4:78:E9:94:13:BE:32:8D:4E:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 335A42966C8DE2C944310A6507E0304B8332234F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Fri 11 Jul 2025 20:50:46 +0000
ROA not before: Fri 11 Jul 2025 20:50:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:5a:42:96:6c:8d:e2:c9:44:31:0a:65:07:e0:30:4b:83:32:23:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=dadf2c02f1cb4b1147ae7faba47b4c191fa26726e1dd00e714661df868d1fb6c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d6:87:ac:aa:92:6f:45:c2:4d:53:64:eb:f2:
33:99:43:ea:ec:c7:f2:54:91:82:42:9c:40:c6:22:
4f:38:dd:54:97:c5:0b:9b:78:bc:bc:cc:01:7f:72:
08:78:38:a8:97:7a:82:ff:73:ac:88:6c:58:c5:c2:
a7:2d:2e:4f:bb:97:66:0c:49:2c:67:c9:ac:93:1f:
98:9d:da:4d:9b:4f:70:2c:89:8d:05:a8:d6:fe:f6:
eb:8c:65:55:9e:16:40:53:d7:f7:e9:d9:ee:6d:d8:
77:be:3a:34:af:9b:50:d3:6f:1e:fc:1d:28:24:65:
3a:1b:1e:5f:b6:94:b1:c6:24:c5:71:57:4f:37:08:
09:e4:f3:27:66:ba:5b:82:e5:0b:fa:32:62:8f:fb:
2d:63:d4:27:05:fb:2a:04:14:11:d3:0b:0c:19:87:
84:88:5c:ca:4b:e0:e8:c7:b6:a3:f3:b3:fb:a2:d1:
34:ec:d8:73:04:dd:01:8d:76:14:d5:62:15:ac:c7:
3f:70:d0:1d:5a:01:48:5b:24:33:08:35:02:fa:ac:
65:04:5e:0f:22:84:63:0b:ef:5d:1d:05:54:ef:3e:
2d:ba:a2:90:70:49:7d:0d:53:e5:80:f4:d3:c3:55:
d6:54:43:97:12:c5:f5:34:e3:53:2c:ba:19:53:fb:
8a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:56:06:EE:D7:60:E7:49:09:33:D4:78:E9:94:13:BE:32:8D:4E:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:f0:09:3d:57:45:88:47:e9:c5:2d:89:29:e0:41:f9:4b:5a:
e4:b5:4c:09:f1:3c:0e:39:86:7b:75:68:10:46:5e:77:95:b0:
2d:cf:0d:fb:94:a4:f0:ad:b3:be:6e:ba:43:d7:25:ad:f9:6c:
4f:45:f5:1b:b0:64:da:66:91:b5:f0:f7:f9:49:55:9e:45:a0:
82:9a:49:c2:28:2c:51:9f:e2:4b:e1:d7:26:b0:13:85:6a:7e:
f2:87:4d:e3:0f:92:e4:dc:72:95:52:d6:55:c9:75:68:3e:1b:
d5:4a:83:0d:1c:7b:d4:09:eb:9c:e5:ff:75:7e:7e:8f:37:38:
bc:98:0f:63:2b:18:91:a4:d8:ec:a7:c4:63:2e:04:d4:f9:de:
aa:68:22:f0:33:35:43:02:fa:42:5c:9d:95:46:b4:3b:10:27:
d6:bd:ea:55:20:5a:cc:61:ad:50:fe:4f:ed:ea:dd:47:cb:75:
3a:ec:b1:31:c1:9f:59:13:f6:68:27:f2:48:5c:63:c3:bd:95:
87:44:02:4c:7a:58:6d:83:c8:d4:aa:ea:23:77:2a:83:9a:48:
01:09:29:75:3f:5b:78:4c:16:08:98:11:05:17:09:57:77:84:
44:1c:a2:fc:a8:59:b0:b6:e5:09:81:fe:70:dd:52:75:61:28:
d1:2b:fe:23
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUM1pClmyN4slEMQplB+AwS4MyI08wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhZGYyYzAyZjFjYjRiMTE0N2FlN2ZhYmE0N2I0YzE5MWZhMjY3MjZlMWRk
MDBlNzE0NjYxZGY4NjhkMWZiNmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzWh6yqkm9Fwk1TZOvyM5lD6uzH8lSRgkKcQMYiTzjdVJfFC5t4vLzMAX9y
CHg4qJd6gv9zrIhsWMXCpy0uT7uXZgxJLGfJrJMfmJ3aTZtPcCyJjQWo1v7264xl
VZ4WQFPX9+nZ7m3Yd746NK+bUNNvHvwdKCRlOhseX7aUscYkxXFXTzcICeTzJ2a6
W4LlC/oyYo/7LWPUJwX7KgQUEdMLDBmHhIhcykvg6Me2o/Oz+6LRNOzYcwTdAY12
FNViFazHP3DQHVoBSFskMwg1AvqsZQReDyKEYwvvXR0FVO8+LbqikHBJfQ1T5YD0
08NV1lRDlxLF9TTjUyy6GVP7ivkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS5Vgbu
12DnSQkz1HjplBO+Mo1O3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQBx8Ak9V0WIR+nFLYkp4EH5S1rktUwJ8TwOOYZ7dWgQ
Rl53lbAtzw37lKTwrbO+brpD1yWt+WxPRfUbsGTaZpG18Pf5SVWeRaCCmknCKCxR
n+JL4dcmsBOFan7yh03jD5Lk3HKVUtZVyXVoPhvVSoMNHHvUCeuc5f91fn6PNzi8
mA9jKxiRpNjsp8RjLgTU+d6qaCLwMzVDAvpCXJ2VRrQ7ECfWvepVIFrMYa1Q/k/t
6t1Hy3U67LExwZ9ZE/ZoJ/JIXGPDvZWHRAJMelhtg8jUquojdyqDmkgBCSl1P1t4
TBYImBEFFwlXd4REHKL8qFmwtuUJgf5w3VJ1YSjRK/4j
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:31:04 2025 by rpki-client