Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: t76JvyteB4mBIcjtKU0Ef7x7NLagfeIp+UJOkYRzOFk=
Subject key identifier: 8E:FD:FC:E6:04:D9:C3:AE:FF:70:10:92:EE:64:E1:70:3D:28:3A:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 584550E554F4B8A112EC4226C4EAB96FEB1F43FA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Mon 14 Jul 2025 15:30:36 +0000
ROA not before: Mon 14 Jul 2025 15:30:36 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:45:50:e5:54:f4:b8:a1:12:ec:42:26:c4:ea:b9:6f:eb:1f:43:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:36 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=ec6a593555f5c26e92b8154057258ceaa0fed0d1fbd669a02c1c272e7f0d68a9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:7c:43:38:91:d6:bb:fa:34:94:d4:ce:86:28:
67:01:11:8c:a5:f2:58:5a:95:51:3d:4b:53:02:97:
9b:f7:e9:40:af:96:0f:b1:4a:da:24:ae:f9:7b:48:
4c:a6:53:4a:26:ec:ff:6e:b0:a9:8d:62:91:22:4a:
c6:d3:8f:42:24:44:33:e3:40:b7:a3:ba:b5:40:2d:
9f:a2:77:77:34:48:53:d3:83:f8:30:1a:ff:9d:3c:
7e:00:c5:62:73:ef:ff:9b:a4:90:4b:8a:79:a0:c8:
89:c3:25:e6:43:4c:ae:25:f9:48:b7:ff:58:91:13:
cf:ed:da:7b:81:36:44:50:f5:8d:7b:de:3c:a6:5b:
18:9c:44:60:b8:47:2a:c5:10:14:d6:94:04:d4:05:
2a:c7:38:89:c0:5d:30:be:e8:e4:9c:01:94:15:bd:
6b:18:26:7a:d0:3b:e5:59:01:01:82:9e:da:03:17:
42:e7:f8:90:90:df:fa:31:a9:dd:ec:83:0e:ad:09:
d0:40:b2:e7:8c:26:a8:f0:52:0e:64:33:38:ef:fc:
f0:21:ed:85:34:e5:97:0a:f3:f2:21:fb:f5:c7:10:
38:7c:97:9a:65:29:26:fd:de:a6:a3:3a:52:89:19:
2c:9d:bb:90:30:28:30:9f:05:cf:4d:f6:c8:5a:95:
4b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FD:FC:E6:04:D9:C3:AE:FF:70:10:92:EE:64:E1:70:3D:28:3A:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
6d:e5:67:bb:94:3d:80:6f:23:14:3c:48:8c:14:65:95:16:39:
1a:cc:c0:0b:4a:66:e5:0c:63:9e:89:db:d5:34:a1:e0:88:bd:
6a:42:57:17:da:f7:fa:d5:39:e5:d2:ec:1f:9d:ff:d1:9f:24:
18:0b:82:56:48:d9:45:c4:7a:dc:57:55:10:44:4f:a4:be:96:
91:84:5a:72:96:c5:f1:de:ab:d0:ab:f3:e7:95:3e:eb:15:cb:
bb:e7:42:3c:96:5a:0b:3f:e2:6b:34:d8:46:22:7e:7b:d4:69:
25:38:fe:17:ab:6a:e2:9f:f9:f7:10:72:e9:0b:bc:5b:f4:7d:
6f:22:c1:c1:06:02:f0:6a:09:2f:7f:42:1d:22:eb:29:3a:02:
37:19:eb:1b:b3:6b:19:dc:f2:77:a7:e1:94:63:d4:db:40:6b:
b1:c7:0a:76:e2:c8:57:4b:be:80:bc:f9:b3:e8:ae:a3:df:88:
73:4a:03:71:bd:88:a3:38:c9:bf:df:24:a9:4d:b1:94:3d:e7:
94:c0:2f:00:d7:63:d7:4a:45:3e:39:54:db:75:44:d3:64:42:
46:8a:22:6e:e1:76:8d:86:55:3e:c0:af:12:c0:8b:dc:8a:a4:
e3:6f:2a:ef:bf:36:4c:1b:a9:c4:11:ab:eb:c2:ea:31:4c:76:
ed:25:37:72
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWEVQ5VT0uKES7EImxOq5b+sfQ/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwMzZaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjNmE1OTM1NTVmNWMyNmU5MmI4MTU0MDU3MjU4Y2VhYTBmZWQwZDFmYmQ2
NjlhMDJjMWMyNzJlN2YwZDY4YTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO58QziR1rv6NJTUzoYoZwERjKXyWFqVUT1LUwKXm/fpQK+WD7FK2iSu+XtI
TKZTSibs/26wqY1ikSJKxtOPQiREM+NAt6O6tUAtn6J3dzRIU9OD+DAa/508fgDF
YnPv/5ukkEuKeaDIicMl5kNMriX5SLf/WJETz+3ae4E2RFD1jXvePKZbGJxEYLhH
KsUQFNaUBNQFKsc4icBdML7o5JwBlBW9axgmetA75VkBAYKe2gMXQuf4kJDf+jGp
3eyDDq0J0ECy54wmqPBSDmQzOO/88CHthTTllwrz8iH79ccQOHyXmmUpJv3epqM6
UokZLJ27kDAoMJ8Fz032yFqVS/sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSO/fzm
BNnDrv9wEJLuZOFwPSg6ijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAbeVnu5Q9gG8jFDxIjBRllRY5GszAC0pm5Qxjnonb
1TSh4Ii9akJXF9r3+tU55dLsH53/0Z8kGAuCVkjZRcR63FdVEERPpL6WkYRacpbF
8d6r0Kvz55U+6xXLu+dCPJZaCz/iazTYRiJ+e9RpJTj+F6tq4p/59xBy6Qu8W/R9
byLBwQYC8GoJL39CHSLrKToCNxnrG7NrGdzyd6fhlGPU20BrsccKduLIV0u+gLz5
s+iuo9+Ic0oDcb2IozjJv98kqU2xlD3nlMAvANdj10pFPjlU23VE02RCRooibuF2
jYZVPsCvEsCL3Iqk428q7782TBupxBGr68LqMUx27SU3cg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:30:48 2025 by rpki-client