Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
File: 3558ad32-215e-47a4-9f5b-477ec71e940f.roa (raw, json)
Hash identifier: qjwt8ZvIMuC0OtVdO1kLbbStgN5NmWX+CD1uoLjoZ/s=
Subject key identifier: EF:B4:BE:48:D4:E1:84:03:5D:A6:16:12:6A:62:75:62:7E:34:4D:40
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C4161B1CD9532E9CFE2685896C3CCB532D75118
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
Signing time: Fri 11 Jul 2025 20:50:09 +0000
ROA not before: Fri 11 Jul 2025 20:50:09 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:41:61:b1:cd:95:32:e9:cf:e2:68:58:96:c3:cc:b5:32:d7:51:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:09 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=1e70f6792f312172484d213bda42ecedd794ca4865833af79b206f575f6f5d9c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ae:cb:a3:0a:e9:0b:83:df:f6:98:86:23:e8:
a1:6c:d0:71:fa:dd:f6:c1:94:0e:b3:d2:63:ba:e4:
67:79:ed:60:b3:37:07:c0:c6:5b:50:e2:b6:c5:e5:
47:ad:6c:8c:fd:5f:b3:00:e0:33:4d:5c:17:e2:34:
12:e6:f8:04:a9:c6:52:ba:2a:21:c7:7c:67:be:42:
8a:1a:73:42:aa:70:12:19:6c:80:82:b4:c3:75:61:
82:57:c6:f0:1f:37:9d:89:3a:2a:4c:ca:e6:d3:dd:
e6:73:f0:60:5b:a1:b4:00:6f:be:a6:ff:80:e1:49:
89:22:21:9b:86:50:02:65:15:8d:e8:1d:62:5f:3d:
95:1c:13:a3:0b:de:b6:cf:07:84:b5:e4:f8:6d:a3:
a7:f5:2c:90:3d:22:4a:e3:bc:fa:57:72:7d:1a:7d:
af:e5:c8:f5:57:b7:ff:86:fd:08:00:a4:57:2f:fd:
e5:9c:b5:d7:82:d9:6a:ca:d0:c3:bd:26:ed:ed:1a:
eb:3a:7b:0d:9e:9d:d2:29:fe:bc:6b:b5:45:48:be:
44:3e:77:63:75:11:1b:58:78:e4:6c:13:50:b2:89:
3e:cd:5a:43:a6:35:8c:bc:e6:d3:45:a5:33:a6:db:
4c:e8:94:f5:51:ea:f5:9e:ec:15:a6:07:f8:7b:cf:
af:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B4:BE:48:D4:E1:84:03:5D:A6:16:12:6A:62:75:62:7E:34:4D:40
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3558ad32-215e-47a4-9f5b-477ec71e940f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:3::/48
Signature Algorithm: sha256WithRSAEncryption
99:75:e4:1f:ba:9c:49:eb:e9:c1:10:c8:c9:01:40:72:73:a7:
af:7e:bf:a8:fe:3c:11:ac:9c:e3:6d:16:50:17:8a:45:39:16:
71:ef:b3:ca:36:56:e1:9e:77:bb:bc:94:2f:7a:72:f6:b3:dd:
94:65:80:71:c7:d6:7e:ec:57:ee:6f:c2:14:ed:1e:d8:6c:ba:
a7:16:13:8e:cb:1c:42:f0:da:e7:17:8d:a0:83:6b:0a:3a:24:
92:0e:f9:e3:29:c9:5c:2e:96:7c:51:62:7c:6c:6b:08:c3:f2:
fb:96:05:40:6b:eb:65:d1:8d:2b:5b:0c:70:fc:92:0b:31:62:
b2:e8:e7:72:bc:b5:f8:87:eb:83:ed:35:e6:a9:11:58:b4:e8:
8d:a6:2e:f3:7d:ba:30:58:7f:b3:44:73:e2:1d:13:9f:c5:99:
04:7b:04:93:f0:b8:f1:ca:f4:a8:98:e5:6c:7e:db:02:da:28:
ba:7d:fb:c8:ba:36:95:bf:6a:62:e8:28:49:90:64:cd:61:83:
60:1d:ac:e1:9d:e3:9c:2c:29:1c:cb:8d:fa:c3:a7:f9:02:0a:
89:a7:b8:16:70:d6:aa:8e:17:d3:8d:43:eb:b2:87:78:0e:be:
7d:a4:47:34:45:5d:37:de:8d:5c:43:4d:04:e7:4f:81:ff:87:
af:28:7e:87
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXEFhsc2VMunP4mhYlsPMtTLXURgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlNzBmNjc5MmYzMTIxNzI0ODRkMjEzYmRhNDJlY2VkZDc5NGNhNDg2NTgz
M2FmNzliMjA2ZjU3NWY2ZjVkOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuuy6MK6QuD3/aYhiPooWzQcfrd9sGUDrPSY7rkZ3ntYLM3B8DGW1DitsXl
R61sjP1fswDgM01cF+I0Eub4BKnGUroqIcd8Z75CihpzQqpwEhlsgIK0w3VhglfG
8B83nYk6KkzK5tPd5nPwYFuhtABvvqb/gOFJiSIhm4ZQAmUVjegdYl89lRwTowve
ts8HhLXk+G2jp/UskD0iSuO8+ldyfRp9r+XI9Ve3/4b9CACkVy/95Zy114LZasrQ
w70m7e0a6zp7DZ6d0in+vGu1RUi+RD53Y3URG1h45GwTULKJPs1aQ6Y1jLzm00Wl
M6bbTOiU9VHq9Z7sFaYH+HvPrzMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTvtL5I
1OGEA12mFhJqYnVifjRNQDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzU1OGFkMzItMjE1ZS00N2E0LTlmNWItNDc3ZWM3MWU5NDBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
AzANBgkqhkiG9w0BAQsFAAOCAQEAmXXkH7qcSevpwRDIyQFAcnOnr36/qP48Eayc
420WUBeKRTkWce+zyjZW4Z53u7yUL3py9rPdlGWAccfWfuxX7m/CFO0e2Gy6pxYT
jsscQvDa5xeNoINrCjokkg754ynJXC6WfFFifGxrCMPy+5YFQGvrZdGNK1sMcPyS
CzFisujncry1+Ifrg+015qkRWLTojaYu8326MFh/s0Rz4h0Tn8WZBHsEk/C48cr0
qJjlbH7bAtooun37yLo2lb9qYugoSZBkzWGDYB2s4Z3jnCwpHMuN+sOn+QIKiae4
FnDWqo4X041D67KHeA6+faRHNEVdN96NXENNBOdPgf+Hryh+hw==
-----END CERTIFICATE-----
Generated at Tue Aug 5 21:37:33 2025 by rpki-client