Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: V7m9o7SsBD7psMT6/swP4Fmhd7DHhNl2/o6Wv89ntC0=
Subject key identifier: 01:2C:71:37:AB:B5:91:2C:88:19:21:85:88:A2:BD:A6:FD:56:2B:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08313B1FB82DF24C0A509B5958E0C9F98AA06AE6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Mon 21 Jul 2025 17:00:09 +0000
ROA not before: Mon 21 Jul 2025 17:00:09 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:31:3b:1f:b8:2d:f2:4c:0a:50:9b:59:58:e0:c9:f9:8a:a0:6a:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:09 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=7f5d8aaff41ef5c644389bf748d2257463573a031b048f47d67cfe99b216b7fd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c9:6d:df:4e:4d:e2:20:76:08:eb:f5:12:22:
4e:7e:93:cb:1c:89:80:26:46:50:7b:26:88:f1:2c:
dc:0f:25:26:a0:7e:9e:e5:41:47:f1:f0:0a:35:62:
4b:81:a7:9d:c4:ba:6a:4e:39:c0:85:76:e5:de:ed:
c2:a7:2e:6f:db:86:9c:08:e5:4a:40:6e:62:09:c2:
d3:f6:0f:34:ed:eb:f8:16:c7:9d:bd:b4:3d:14:b1:
97:38:07:05:ae:f6:3f:3e:24:f2:9e:2e:cf:75:e8:
cd:d4:f7:94:98:fc:1d:27:01:b7:31:97:d7:8e:41:
7f:b6:5d:75:82:8b:95:3b:9e:5d:1b:36:6a:b8:ed:
95:e5:ce:a4:62:eb:1d:5c:b8:8c:e6:cd:07:fc:44:
c5:e2:6e:d2:97:e1:4c:6c:67:c1:4e:a2:7e:4f:b9:
ca:2a:ad:96:d2:7a:c7:76:45:9f:65:17:82:d0:84:
89:b6:7d:f2:c9:d2:a5:73:69:c0:d1:e0:ee:f0:e9:
d9:67:ea:60:d1:74:d0:e6:f9:98:f0:63:cc:08:26:
cc:a3:73:53:a2:30:71:f5:ed:87:92:dd:d2:a6:a0:
c9:7b:fc:d4:ea:b1:d0:56:97:12:65:0b:1d:0e:59:
a3:16:5c:04:f8:7c:85:08:5f:7d:e4:f8:28:9c:0f:
1e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2C:71:37:AB:B5:91:2C:88:19:21:85:88:A2:BD:A6:FD:56:2B:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
52:e8:4b:36:2c:c1:d5:62:c3:90:80:d8:61:69:f6:3a:0c:a9:
4a:06:1e:b6:a3:43:b8:ee:62:5f:a8:09:d8:8c:97:76:62:4c:
38:ec:e6:29:ff:23:32:48:1b:4c:a3:5a:84:29:c3:4f:47:00:
db:9a:b6:ac:2d:40:e5:3c:21:77:b4:16:47:50:8e:8a:ba:19:
63:5e:58:70:db:ee:c0:37:3d:6d:36:bf:77:70:f0:93:ad:18:
36:2c:0a:57:15:77:f1:67:b2:07:83:6c:72:69:17:77:19:3c:
16:83:4e:7a:38:92:9d:c9:42:bd:fa:d8:41:a6:3b:66:01:15:
c3:8d:5f:a4:a2:41:cf:85:16:e9:94:5c:2e:72:bb:bd:23:1a:
7b:2d:2f:17:16:b8:2f:b4:67:12:ea:9a:cb:3b:44:d3:c3:84:
1b:08:26:22:92:53:9f:59:0c:8a:70:be:ec:06:58:3b:78:b1:
69:40:d0:9a:dd:82:6c:3a:ec:36:d1:63:c6:ec:2a:61:42:c6:
c1:a2:8e:d7:21:f4:43:73:fd:49:13:aa:2e:73:13:32:1b:4e:
12:92:1a:22:60:cb:dc:16:d1:6f:ab:04:b0:39:5d:09:18:16:
54:40:e7:14:7f:aa:ab:46:75:26:df:db:37:fa:dd:14:97:f0:
e9:8a:2c:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCDE7H7gt8kwKUJtZWODJ+YqgauYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwMDlaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmNWQ4YWFmZjQxZWY1YzY0NDM4OWJmNzQ4ZDIyNTc0NjM1NzNhMDMxYjA0
OGY0N2Q2N2NmZTk5YjIxNmI3ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvJbd9OTeIgdgjr9RIiTn6TyxyJgCZGUHsmiPEs3A8lJqB+nuVBR/HwCjVi
S4GnncS6ak45wIV25d7twqcub9uGnAjlSkBuYgnC0/YPNO3r+BbHnb20PRSxlzgH
Ba72Pz4k8p4uz3XozdT3lJj8HScBtzGX145Bf7ZddYKLlTueXRs2arjtleXOpGLr
HVy4jObNB/xExeJu0pfhTGxnwU6ifk+5yiqtltJ6x3ZFn2UXgtCEibZ98snSpXNp
wNHg7vDp2WfqYNF00Ob5mPBjzAgmzKNzU6IwcfXth5Ld0qagyXv81Oqx0FaXEmUL
HQ5ZoxZcBPh8hQhffeT4KJwPHtMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQBLHE3
q7WRLIgZIYWIor2m/VYrtTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUuhLNizB1WLDkIDYYWn2OgypSgYetqNDuO5iX6gJ
2IyXdmJMOOzmKf8jMkgbTKNahCnDT0cA25q2rC1A5Twhd7QWR1COiroZY15YcNvu
wDc9bTa/d3Dwk60YNiwKVxV38WeyB4NscmkXdxk8FoNOejiSnclCvfrYQaY7ZgEV
w41fpKJBz4UW6ZRcLnK7vSMaey0vFxa4L7RnEuqayztE08OEGwgmIpJTn1kMinC+
7AZYO3ixaUDQmt2CbDrsNtFjxuwqYULGwaKO1yH0Q3P9SROqLnMTMhtOEpIaImDL
3BbRb6sEsDldCRgWVEDnFH+qq0Z1Jt/bN/rdFJfw6Yos4A==
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:26:19 2025 by rpki-client