
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: BoemOch96saHFSm1xfWogcsS6JCClzLwoSo/jgMsTAo=
Subject key identifier: 4A:9F:9F:A6:55:54:02:CD:02:C5:72:E1:32:22:5C:DF:D5:0B:AD:F0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 28E4272DAE52A1DF3518FFDF11AB1F1A75E645F5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Mon 21 Jul 2025 17:00:41 +0000
ROA not before: Mon 21 Jul 2025 17:00:41 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:e4:27:2d:ae:52:a1:df:35:18:ff:df:11:ab:1f:1a:75:e6:45:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:41 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=72d9c071c20a4042c43bd5ed6ad07e7c6f19497354b34810031753fb9d9e3d9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:f9:62:a3:d0:32:1b:fa:6f:87:aa:91:a7:
00:0d:80:0f:d7:5c:57:3a:57:d7:f1:b5:ba:de:fa:
d9:c7:aa:4c:eb:0c:72:b3:3e:d7:c6:54:68:26:ee:
2d:6e:c9:f9:10:bb:d0:ab:ab:41:ea:11:61:fe:62:
49:3e:ec:1c:ac:bc:eb:7f:19:19:a7:a0:4e:c5:68:
91:3a:85:cf:c8:1b:a9:6a:7f:a2:62:58:25:f2:c1:
90:37:7e:99:62:5e:2e:04:bc:76:87:95:87:a1:37:
9b:f0:aa:47:52:af:c6:cf:55:69:c4:13:77:7a:ba:
45:6f:78:e2:93:83:ed:23:73:b6:55:30:9b:ba:7a:
ce:9d:71:80:21:dc:1a:04:62:cc:58:ff:2f:eb:8d:
30:03:15:ff:a2:83:40:3f:8e:62:71:ad:9f:64:87:
d1:fa:e4:56:f0:1d:d5:30:dc:8d:b4:cc:31:6e:5c:
a3:1e:51:bd:31:b5:0d:8a:eb:ae:dd:4c:12:3b:ec:
c1:b7:55:03:91:d2:4e:e7:0f:cf:37:b0:fc:91:38:
15:54:ac:9c:80:da:90:f2:6b:c9:c1:be:82:1b:9c:
d6:2e:85:07:6e:2e:9c:8b:33:10:3a:de:ed:bb:36:
5a:b4:a8:19:1b:91:7d:a2:d7:42:c7:f3:ae:42:4d:
a2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:9F:9F:A6:55:54:02:CD:02:C5:72:E1:32:22:5C:DF:D5:0B:AD:F0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
af:4c:54:dc:36:bf:80:ae:c2:a2:cd:90:b7:f3:1b:db:7b:67:
df:5f:54:0a:51:e0:07:8b:0d:08:db:08:09:72:fb:66:5a:08:
98:a4:fa:68:c2:9c:d9:af:93:c4:35:93:a3:a7:39:1e:7e:fa:
8b:6b:09:66:31:2f:61:0e:28:35:80:f7:04:b4:57:40:88:52:
ec:b7:58:83:34:9c:65:d4:aa:46:c3:dd:29:49:f0:2b:3d:2d:
a1:d9:e2:31:6f:ac:68:d7:df:d6:84:fa:22:e8:6f:75:fb:e2:
ff:c9:71:32:d8:12:60:bb:3d:01:00:13:3b:b5:47:d4:c0:f0:
76:33:03:a2:95:47:64:03:ff:a2:e3:48:e0:05:e0:bf:7a:3d:
26:97:07:3a:2c:e8:54:97:ff:21:8c:82:99:b0:73:93:8c:34:
da:45:cc:bf:99:c0:27:33:73:a7:42:54:be:a2:4b:a9:cf:6e:
09:ed:6c:65:68:bf:61:50:f4:77:0f:b0:f9:bd:29:2a:3e:ba:
cd:95:54:34:54:49:4a:d1:1f:80:ef:1f:57:0a:5a:06:1e:ba:
d2:00:65:bc:9d:a9:aa:fa:40:2e:04:0e:ff:bd:d3:36:d7:d6:
b4:fa:89:4a:d6:10:cd:27:f5:1f:33:5e:02:3e:5c:f7:88:61:
28:d7:3c:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKOQnLa5Sod81GP/fEasfGnXmRfUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDFaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDcyZDljMDcxYzIwYTQwNDJjNDNiZDVlZDZhZDA3ZTdjNmYxOTQ5NzM1NGIz
NDgxMDAzMTc1M2ZiOWQ5ZTNkOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ7N+WKj0DIb+m+HqpGnAA2AD9dcVzpX1/G1ut762ceqTOsMcrM+18ZUaCbu
LW7J+RC70KurQeoRYf5iST7sHKy8638ZGaegTsVokTqFz8gbqWp/omJYJfLBkDd+
mWJeLgS8doeVh6E3m/CqR1Kvxs9VacQTd3q6RW944pOD7SNztlUwm7p6zp1xgCHc
GgRizFj/L+uNMAMV/6KDQD+OYnGtn2SH0frkVvAd1TDcjbTMMW5cox5RvTG1DYrr
rt1MEjvswbdVA5HSTucPzzew/JE4FVSsnIDakPJrycG+ghuc1i6FB24unIszEDre
7bs2WrSoGRuRfaLXQsfzrkJNooMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRKn5+m
VVQCzQLFcuEyIlzf1Qut8DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQCvTFTcNr+ArsKizZC38xvbe2ffX1QKUeAHiw0I2wgJ
cvtmWgiYpPpowpzZr5PENZOjpzkefvqLawlmMS9hDig1gPcEtFdAiFLst1iDNJxl
1KpGw90pSfArPS2h2eIxb6xo19/WhPoi6G91++L/yXEy2BJguz0BABM7tUfUwPB2
MwOilUdkA/+i40jgBeC/ej0mlwc6LOhUl/8hjIKZsHOTjDTaRcy/mcAnM3OnQlS+
okupz24J7WxlaL9hUPR3D7D5vSkqPrrNlVQ0VElK0R+A7x9XCloGHrrSAGW8namq
+kAuBA7/vdM219a0+olK1hDNJ/UfM14CPlz3iGEo1zxm
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:10:34 2025 by rpki-client