Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: NZAhyZd+87NafsOIdJvBAd4uuJ/jFErq86s9kLpGbaQ=
Subject key identifier: 96:FA:18:59:EC:FE:C3:FF:C3:5B:FB:07:62:7A:C6:3C:8D:32:04:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02BAD0323D399C2D1A3C61DE66BA176A6CC82FED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Mon 21 Jul 2025 17:00:38 +0000
ROA not before: Mon 21 Jul 2025 17:00:38 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:ba:d0:32:3d:39:9c:2d:1a:3c:61:de:66:ba:17:6a:6c:c8:2f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:38 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=0dbc2cf5dcf5dd73444b42ed7f522e2e8515d1c02ab1913b9553c5cc87857d79, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:38:65:69:0d:e1:40:a9:cc:0e:ae:63:7b:
9d:9a:ba:d7:fb:5a:11:04:fe:ae:ba:9a:42:c7:d9:
02:92:6f:13:ec:f8:50:bc:74:9e:ca:43:03:e9:40:
70:d2:75:0d:cc:44:f3:62:a6:57:94:71:d4:ff:06:
a7:6d:ab:17:8d:5f:79:f9:47:42:66:8f:6d:8d:61:
7d:ea:62:dd:f4:c7:01:df:4f:90:70:40:8c:55:8a:
9f:97:bd:12:ef:96:6c:7a:b0:c9:2a:75:0e:09:e1:
9b:06:61:da:6b:50:34:94:60:ae:9a:77:06:99:74:
4d:da:ff:f5:20:4d:55:c0:b8:2b:b2:e7:24:d1:67:
0d:1c:29:d1:c9:11:b9:0b:cb:92:3a:96:dc:5e:35:
4a:f7:06:57:cb:dc:50:58:88:6d:15:a2:3d:b8:5e:
f0:90:59:f7:71:67:37:7e:43:6e:b5:e9:03:b8:7e:
1d:bb:af:ba:ae:29:56:c3:17:95:0f:4a:32:72:3d:
a5:c3:0d:3d:74:1d:7e:08:a0:c5:be:79:25:d5:dd:
21:4c:85:b8:95:82:c6:76:a8:f9:c3:37:fb:a0:c1:
22:05:84:5e:07:bc:69:75:7b:78:0c:2e:d1:c5:09:
e1:61:6d:7a:d7:a1:f2:c2:0c:4a:ed:e3:9d:e7:aa:
cf:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:FA:18:59:EC:FE:C3:FF:C3:5B:FB:07:62:7A:C6:3C:8D:32:04:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
20:b0:1e:69:f7:49:56:44:28:32:6a:fe:c4:20:17:99:c6:ea:
93:0c:e2:80:ae:54:80:20:ba:14:00:c0:b6:ec:2e:84:90:cc:
3b:a0:ca:f4:a0:58:81:5d:9e:f0:2f:5c:3c:32:a5:c5:92:36:
c7:45:d7:1d:30:54:b3:63:71:b2:16:73:ab:a2:1d:a1:77:91:
63:a2:df:b6:1a:3c:cf:90:af:f4:2f:72:ad:0e:9e:44:f6:55:
2b:8e:5b:c4:0f:da:48:ac:9a:2a:36:73:96:f3:c7:fe:f9:32:
58:6b:95:7f:e9:f6:d6:74:14:3d:31:35:15:aa:d4:bc:fb:13:
f9:8f:20:0b:d9:52:8a:8d:13:d2:97:c6:74:3a:5a:60:13:ac:
12:2a:5e:98:4c:1a:60:83:e7:94:9b:a6:93:26:bd:f6:d9:a6:
1b:a6:0e:95:c9:5a:86:4d:9f:73:42:f2:84:37:91:bb:de:21:
a2:73:1b:c1:20:52:e9:22:7d:36:3a:5f:c8:81:f3:99:71:15:
1c:3f:9a:8c:87:58:cf:1b:86:dc:d6:b3:02:51:c4:14:bd:b6:
7c:b9:4f:ac:ab:0f:1c:86:a0:80:56:62:06:0d:ae:a1:43:f2:
48:d7:76:1d:2d:e1:5e:58:4e:51:50:2b:ab:f3:5f:02:6c:63:
4a:a8:62:c2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUArrQMj05nC0aPGHeZroXamzIL+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwMzhaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBkYmMyY2Y1ZGNmNWRkNzM0NDRiNDJlZDdmNTIyZTJlODUxNWQxYzAyYWIx
OTEzYjk1NTNjNWNjODc4NTdkNzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAXOGVpDeFAqcwOrmN7nZq61/taEQT+rrqaQsfZApJvE+z4ULx0nspDA+lA
cNJ1DcxE82KmV5Rx1P8Gp22rF41feflHQmaPbY1hfepi3fTHAd9PkHBAjFWKn5e9
Eu+WbHqwySp1DgnhmwZh2mtQNJRgrpp3Bpl0Tdr/9SBNVcC4K7LnJNFnDRwp0ckR
uQvLkjqW3F41SvcGV8vcUFiIbRWiPbhe8JBZ93FnN35DbrXpA7h+Hbuvuq4pVsMX
lQ9KMnI9pcMNPXQdfgigxb55JdXdIUyFuJWCxnao+cM3+6DBIgWEXge8aXV7eAwu
0cUJ4WFteteh8sIMSu3jneeqzz0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSW+hhZ
7P7D/8Nb+wdiesY8jTIExDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQAgsB5p90lWRCgyav7EIBeZxuqTDOKArlSAILoUAMC2
7C6EkMw7oMr0oFiBXZ7wL1w8MqXFkjbHRdcdMFSzY3GyFnOroh2hd5Fjot+2GjzP
kK/0L3KtDp5E9lUrjlvED9pIrJoqNnOW88f++TJYa5V/6fbWdBQ9MTUVqtS8+xP5
jyAL2VKKjRPSl8Z0OlpgE6wSKl6YTBpgg+eUm6aTJr322aYbpg6VyVqGTZ9zQvKE
N5G73iGicxvBIFLpIn02Ol/IgfOZcRUcP5qMh1jPG4bc1rMCUcQUvbZ8uU+sqw8c
hqCAVmIGDa6hQ/JI13YdLeFeWE5RUCur818CbGNKqGLC
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:23:05 2025 by rpki-client