Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: ysaM3MiYYxeYZwH/pnFNcX7aZZNmj+AFNK0YNbSeofE=
Subject key identifier: E4:27:50:02:33:87:6F:3F:99:D8:E7:84:A0:45:01:B5:F5:4C:9B:61
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 410D87AEA387F7F6C9E16139E9C72FDAD7E5CC95
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Mon 14 Jul 2025 15:30:38 +0000
ROA not before: Mon 14 Jul 2025 15:30:38 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:0d:87:ae:a3:87:f7:f6:c9:e1:61:39:e9:c7:2f:da:d7:e5:cc:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:30:38 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=fe922a5f5185cd897930a4a46d224882fddd383e9037c2de17b7c0b4a265965e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:df:35:ba:f0:10:d2:bc:d6:36:9b:fb:ef:57:
9e:77:23:8f:82:4d:24:09:f7:48:c9:7d:0e:b1:5b:
1e:9e:6b:72:dc:7e:88:57:ec:14:6e:0f:1b:29:25:
b9:89:ff:b9:8b:f9:20:0a:d4:29:67:d0:5a:37:4f:
67:bc:7d:90:d8:0f:62:f4:29:86:1d:5a:26:b9:8e:
52:3e:71:31:66:d7:02:89:fb:5d:2a:26:5c:ed:b2:
1a:43:d8:46:33:67:7e:e6:e2:c3:d4:ed:44:f2:46:
be:4a:27:52:28:5e:2e:22:03:49:b0:cf:b9:07:54:
76:21:90:19:80:6c:47:ad:ff:56:44:aa:d1:83:76:
e8:f7:26:78:e1:f6:af:80:db:03:ee:92:4e:08:67:
5a:33:53:40:5f:4e:5a:26:bd:7e:76:ff:14:64:94:
9b:6d:71:68:47:67:2b:df:15:27:67:26:69:b6:31:
be:1d:cc:e6:43:f2:ff:09:56:9f:f9:0b:07:42:ec:
d3:9b:30:f5:36:4f:26:e4:52:bc:0a:6f:11:fd:35:
e5:bf:4d:e0:fe:00:cf:15:37:04:33:3f:e2:82:bd:
10:54:8b:c1:2d:b0:8c:aa:2b:05:e6:54:37:b3:52:
36:3c:b9:6b:93:e4:bd:13:7e:07:87:cb:14:20:70:
c2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:27:50:02:33:87:6F:3F:99:D8:E7:84:A0:45:01:B5:F5:4C:9B:61
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
bf:b7:c7:b7:b2:1c:f7:64:a8:9c:3b:e4:c8:7b:bc:8d:24:af:
37:7f:d3:7d:63:8d:1c:81:45:d4:d1:f7:87:32:3b:ee:3c:ad:
a1:fe:ec:18:a7:9d:1d:26:c0:5c:1f:cf:39:f0:09:f3:e8:93:
7d:c3:86:3a:70:f0:06:d6:4e:4c:39:89:ed:78:94:92:16:5d:
19:a9:c9:1f:59:70:44:58:3e:1d:a1:46:cd:45:a0:1c:b6:fc:
83:a5:84:e2:6d:76:bb:f1:42:a1:21:93:c4:1e:22:63:da:3a:
dc:cd:70:a9:99:0d:78:49:b9:f6:60:48:5e:17:7c:09:35:1c:
5e:b9:e8:f5:65:98:36:5d:b8:96:97:1a:6d:0f:75:4d:e3:35:
98:23:7e:11:e3:68:23:09:35:4d:ec:99:10:55:62:53:5b:66:
0e:69:84:08:97:06:2d:ed:1e:76:f5:dc:51:5e:63:6e:21:d3:
48:78:20:db:b5:63:85:c6:29:5f:e1:e3:67:39:04:eb:3a:d7:
2e:07:80:05:95:7b:ea:af:2a:a0:f0:5a:8e:18:21:76:8a:cc:
b8:d4:12:bf:2e:e9:04:96:63:33:13:1c:44:1d:80:1a:96:b9:
9b:96:97:61:5b:d3:37:61:ab:87:39:c3:c4:7e:67:34:76:b5:
74:e9:6f:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUQQ2HrqOH9/bJ4WE56ccv2tflzJUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTMwMzhaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlOTIyYTVmNTE4NWNkODk3OTMwYTRhNDZkMjI0ODgyZmRkZDM4M2U5MDM3
YzJkZTE3YjdjMGI0YTI2NTk2NWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/fNbrwENK81jab++9Xnncjj4JNJAn3SMl9DrFbHp5rctx+iFfsFG4PGykl
uYn/uYv5IArUKWfQWjdPZ7x9kNgPYvQphh1aJrmOUj5xMWbXAon7XSomXO2yGkPY
RjNnfubiw9TtRPJGvkonUiheLiIDSbDPuQdUdiGQGYBsR63/VkSq0YN26PcmeOH2
r4DbA+6STghnWjNTQF9OWia9fnb/FGSUm21xaEdnK98VJ2cmabYxvh3M5kPy/wlW
n/kLB0Ls05sw9TZPJuRSvApvEf015b9N4P4AzxU3BDM/4oK9EFSLwS2wjKorBeZU
N7NSNjy5a5PkvRN+B4fLFCBwwm8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTkJ1AC
M4dvP5nY54SgRQG19UybYTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEAv7fHt7Ic92SonDvkyHu8jSSvN3/TfWONHIFF
1NH3hzI77jytof7sGKedHSbAXB/POfAJ8+iTfcOGOnDwBtZOTDmJ7XiUkhZdGanJ
H1lwRFg+HaFGzUWgHLb8g6WE4m12u/FCoSGTxB4iY9o63M1wqZkNeEm59mBIXhd8
CTUcXrno9WWYNl24lpcabQ91TeM1mCN+EeNoIwk1TeyZEFViU1tmDmmECJcGLe0e
dvXcUV5jbiHTSHgg27VjhcYpX+HjZzkE6zrXLgeABZV76q8qoPBajhghdorMuNQS
vy7pBJZjMxMcRB2AGpa5m5aXYVvTN2GrhznDxH5nNHa1dOlvDQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:19:39 2025 by rpki-client