Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: 3sozYAmxh7PtlUB2Hslf4XhhGDUskshCp5DH0//YE3s=
Subject key identifier: 78:10:BC:E9:9F:ED:18:CB:51:22:E3:43:1B:F5:57:2F:B9:76:C2:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 411F78F5BCDF90FF8309CFF2F31B8F8C5F2E3997
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Fri 11 Jul 2025 20:50:45 +0000
ROA not before: Fri 11 Jul 2025 20:50:45 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:1f:78:f5:bc:df:90:ff:83:09:cf:f2:f3:1b:8f:8c:5f:2e:39:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:45 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7a561a3dde99b2966d61afbda6813371bf9e63f1ce8de37b8f516e86453a970d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:6b:b9:75:74:a7:af:ac:f1:18:70:57:f8:bf:
23:97:17:20:dc:bd:f7:2d:b9:43:e5:1c:a9:a0:54:
70:ea:3a:b8:d3:9b:66:75:fc:3a:5a:bf:86:30:fe:
3d:b7:a5:43:42:cc:23:45:57:55:2c:f9:52:d6:a8:
39:a6:3e:db:35:55:68:3f:cb:c5:14:02:02:20:93:
68:3e:9c:54:2d:50:6d:45:b5:04:14:69:be:cc:7d:
ef:f3:b0:f7:20:e8:ec:6b:d5:a3:4d:ac:5b:c6:e4:
5b:b3:38:18:6d:84:14:64:6b:6a:a2:77:bb:17:17:
b1:bf:d2:f7:d5:bd:e5:bd:32:5c:c8:f0:14:db:84:
c7:71:6a:db:27:c7:02:42:ef:08:3f:5e:9d:be:a6:
68:60:f8:aa:3c:28:5e:44:17:e8:34:ab:a0:f2:78:
ad:3c:83:28:64:35:68:3f:ed:ef:2b:82:94:27:77:
ec:93:8b:30:3a:2e:44:c4:47:d6:4b:fa:53:ee:4d:
dc:f9:37:2c:91:ed:ab:03:9e:45:e3:cb:fd:de:ef:
64:4e:8b:b8:cc:22:df:68:19:12:30:1d:31:41:75:
6b:45:c4:32:18:09:2b:d6:30:d3:59:2d:dd:c9:76:
8a:3f:41:ba:1b:e9:36:6a:94:87:d8:6f:50:59:07:
eb:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:10:BC:E9:9F:ED:18:CB:51:22:E3:43:1B:F5:57:2F:B9:76:C2:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
14:27:31:a1:34:80:9a:84:7b:eb:89:33:42:00:f9:55:39:20:
8a:2b:f0:9c:23:a0:93:f8:b9:69:f8:1b:cf:7a:26:c9:e3:3a:
25:67:ee:3e:f9:68:94:9e:26:b8:b8:71:75:29:9d:26:3a:46:
6d:5a:97:e2:17:d6:cb:42:15:d5:f1:dd:35:88:d3:06:66:08:
a2:9e:5c:93:0f:6b:b1:ad:a2:07:2f:ef:6d:07:e4:b1:8e:d6:
66:a9:fd:74:dd:ed:dc:44:a8:8c:72:99:b9:0d:a5:51:dc:18:
80:89:6d:df:9c:04:0a:fe:28:21:67:ac:93:ca:85:5b:70:7a:
96:4f:31:36:29:0e:80:82:b0:1d:d4:6a:af:e7:e1:e8:59:eb:
93:22:c2:da:b6:66:3e:34:0d:c1:7a:53:fb:bc:6c:82:a4:83:
7d:8c:ba:0f:33:0d:6c:c9:9b:4c:22:d4:98:91:99:42:42:c4:
31:9d:2b:70:ce:13:05:2f:93:04:d0:af:7c:86:92:6d:70:53:
55:a1:61:52:ef:9f:88:5c:b4:7a:de:c5:e1:66:a7:79:b9:b0:
44:0b:f2:14:0f:7f:a4:d3:d9:45:2c:b2:c7:98:8a:b8:ab:2f:
23:c1:93:78:af:cd:cf:9a:ed:41:cf:03:85:be:eb:cc:6e:a1:
b5:6a:f0:28
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQR949bzfkP+DCc/y8xuPjF8uOZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNDVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhNTYxYTNkZGU5OWIyOTY2ZDYxYWZiZGE2ODEzMzcxYmY5ZTYzZjFjZThk
ZTM3YjhmNTE2ZTg2NDUzYTk3MGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPZruXV0p6+s8RhwV/i/I5cXINy99y25Q+UcqaBUcOo6uNObZnX8Olq/hjD+
PbelQ0LMI0VXVSz5UtaoOaY+2zVVaD/LxRQCAiCTaD6cVC1QbUW1BBRpvsx97/Ow
9yDo7GvVo02sW8bkW7M4GG2EFGRraqJ3uxcXsb/S99W95b0yXMjwFNuEx3Fq2yfH
AkLvCD9enb6maGD4qjwoXkQX6DSroPJ4rTyDKGQ1aD/t7yuClCd37JOLMDouRMRH
1kv6U+5N3Pk3LJHtqwOeRePL/d7vZE6LuMwi32gZEjAdMUF1a0XEMhgJK9Yw01kt
3cl2ij9BuhvpNmqUh9hvUFkH62UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR4ELzp
n+0Yy1Ei40Mb9VcvuXbC5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAFCcxoTSAmoR764kzQgD5VTkgiivwnCOgk/i5afgb
z3omyeM6JWfuPvlolJ4muLhxdSmdJjpGbVqX4hfWy0IV1fHdNYjTBmYIop5ckw9r
sa2iBy/vbQfksY7WZqn9dN3t3ESojHKZuQ2lUdwYgIlt35wECv4oIWesk8qFW3B6
lk8xNikOgIKwHdRqr+fh6FnrkyLC2rZmPjQNwXpT+7xsgqSDfYy6DzMNbMmbTCLU
mJGZQkLEMZ0rcM4TBS+TBNCvfIaSbXBTVaFhUu+fiFy0et7F4WanebmwRAvyFA9/
pNPZRSyyx5iKuKsvI8GTeK/Nz5rtQc8Dhb7rzG6htWrwKA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:49:14 2025 by rpki-client