Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
File: 69988e45-d4fb-4896-be53-951c20d12c48.roa (raw, json)
Hash identifier: bnkjOVdwAq1k1ePIVlsx6kWzXwuUfgWWGH7z1p5NkLo=
Subject key identifier: 2F:F9:0B:C8:39:05:C6:9B:C7:09:F2:2F:A3:00:F8:7D:64:B8:8E:BF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 586C1F6ECD0BAD9DDB8BA38255362AD35271CDE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
Signing time: Fri 11 Jul 2025 20:50:11 +0000
ROA not before: Fri 11 Jul 2025 20:50:11 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a11:47c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:6c:1f:6e:cd:0b:ad:9d:db:8b:a3:82:55:36:2a:d3:52:71:cd:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:11 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=57e84b0178faad9e6d598f686e200c495dea4fae4ce840f414a03bafda8a1cf3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:16:eb:54:6f:7f:94:dc:da:2e:a5:e8:17:bb:
cb:4f:47:dd:5f:58:8c:87:6c:9a:32:20:21:65:64:
2e:e6:ae:38:8e:da:b7:2d:98:57:3d:ef:b0:79:3f:
a1:a1:73:44:df:66:b1:c6:9d:21:51:44:4c:e3:9a:
f0:dc:26:62:10:51:42:b7:57:44:c8:71:cb:93:a3:
e9:16:fb:17:97:0a:50:f0:db:27:98:82:bb:64:ec:
ac:91:84:fe:fa:85:37:27:99:71:dc:4b:95:7c:94:
8f:23:30:45:a6:46:fb:bf:78:8a:fb:ed:11:68:41:
07:30:39:c9:25:2e:a4:09:20:32:e7:3d:64:bc:a6:
9d:1f:07:45:c1:0f:1a:56:33:a0:6b:40:e7:91:c7:
51:c3:74:ec:23:b5:58:b3:59:6d:4d:86:d8:e8:2f:
50:1a:4d:5d:00:66:5e:87:7a:fe:df:8f:66:2c:56:
9f:6d:df:63:47:3f:d3:23:ef:de:7e:50:6f:f3:e7:
b7:30:fe:f2:c5:c0:41:b3:07:ec:09:35:b4:12:0d:
72:b5:b4:e6:cb:54:95:84:cd:a9:22:21:70:ed:22:
3d:43:c3:c9:d3:d7:a9:9a:45:5c:75:c2:18:54:0f:
91:55:b7:fe:dc:31:f2:51:05:be:c0:f8:a0:29:a7:
c0:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F9:0B:C8:39:05:C6:9B:C7:09:F2:2F:A3:00:F8:7D:64:B8:8E:BF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/69988e45-d4fb-4896-be53-951c20d12c48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:47c0::/29
Signature Algorithm: sha256WithRSAEncryption
95:bd:f4:64:2d:67:0a:11:b9:3f:ff:97:b9:30:8d:16:09:90:
6d:aa:8d:8b:57:8d:5c:29:7d:d5:cf:39:07:7b:76:fa:98:4a:
71:53:2d:ac:d1:d2:ab:e5:60:07:69:5d:a4:a3:27:c9:d6:c9:
2c:ed:e2:2f:ca:d4:ac:8f:cb:a9:82:ae:cb:29:59:c0:07:8a:
db:b1:c0:41:16:84:9a:6a:e9:1c:31:53:20:6d:51:ab:9c:c6:
ea:c2:10:e9:56:ed:1c:30:68:70:fd:99:38:ce:55:3a:92:4d:
d8:a2:12:d2:51:1d:db:ad:e5:68:47:93:06:e2:5f:67:e9:bc:
f4:e1:fa:b7:b0:d4:f9:65:a3:23:c4:43:56:42:fd:9b:97:f2:
14:f3:a4:18:83:30:cc:af:89:d7:b9:70:6c:6a:cc:3e:f1:97:
7d:3b:2d:1b:3d:32:c3:e7:ac:43:c5:bf:dc:14:b7:80:a1:cd:
1a:af:54:be:51:cd:34:93:9e:bd:a3:b5:66:1f:b4:af:a1:3c:
93:9f:0b:1e:0f:bc:d6:c4:d7:44:f4:4f:00:90:af:78:79:09:
ae:df:23:f9:01:d5:db:25:98:09:0c:18:24:da:c2:aa:ac:f4:
f3:ac:6d:01:18:34:03:0a:13:bc:06:ba:98:26:67:de:0d:f9:
ae:11:a8:c7
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUWGwfbs0LrZ3bi6OCVTYq01JxzegwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3ZTg0YjAxNzhmYWFkOWU2ZDU5OGY2ODZlMjAwYzQ5NWRlYTRmYWU0Y2U4
NDBmNDE0YTAzYmFmZGE4YTFjZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkW61Rvf5Tc2i6l6Be7y09H3V9YjIdsmjIgIWVkLuauOI7aty2YVz3vsHk/
oaFzRN9mscadIVFETOOa8NwmYhBRQrdXRMhxy5Oj6Rb7F5cKUPDbJ5iCu2TsrJGE
/vqFNyeZcdxLlXyUjyMwRaZG+794ivvtEWhBBzA5ySUupAkgMuc9ZLymnR8HRcEP
GlYzoGtA55HHUcN07CO1WLNZbU2G2OgvUBpNXQBmXod6/t+PZixWn23fY0c/0yPv
3n5Qb/PntzD+8sXAQbMH7Ak1tBINcrW05stUlYTNqSIhcO0iPUPDydPXqZpFXHXC
GFQPkVW3/twx8lEFvsD4oCmnwKECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQv+QvI
OQXGm8cJ8i+jAPh9ZLiOvzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk5ODhlNDUtZDRmYi00ODk2LWJlNTMtOTUxYzIwZDEyYzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFAyoRR8Aw
DQYJKoZIhvcNAQELBQADggEBAJW99GQtZwoRuT//l7kwjRYJkG2qjYtXjVwpfdXP
OQd7dvqYSnFTLazR0qvlYAdpXaSjJ8nWySzt4i/K1KyPy6mCrsspWcAHituxwEEW
hJpq6RwxUyBtUaucxurCEOlW7RwwaHD9mTjOVTqSTdiiEtJRHdut5WhHkwbiX2fp
vPTh+rew1PlloyPEQ1ZC/ZuX8hTzpBiDMMyvide5cGxqzD7xl307LRs9MsPnrEPF
v9wUt4ChzRqvVL5RzTSTnr2jtWYftK+hPJOfCx4PvNbE10T0TwCQr3h5Ca7fI/kB
1dslmAkMGCTawqqs9POsbQEYNAMKE7wGupgmZ94N+a4RqMc=
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:30:32 2025 by rpki-client