Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: j3N3Fxtn/adE3ml8/ehr7IgvpUDcKQAnLrCyPQsVR/M=
Subject key identifier: 94:D3:FC:A5:3C:61:5F:75:0F:AE:E9:2E:01:49:15:8F:22:44:2E:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F5461A0D3765C30D028029F976C5348D857AF2E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Fri 11 Jul 2025 20:50:43 +0000
ROA not before: Fri 11 Jul 2025 20:50:43 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:54:61:a0:d3:76:5c:30:d0:28:02:9f:97:6c:53:48:d8:57:af:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:43 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=c119271a7a3edf66266fb106111da1028e3b5e31adc9cc77343a800fea97c0f4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f3:3b:d6:99:e5:3b:85:2a:4d:58:b4:bb:ac:
1d:e2:60:65:d8:87:0a:50:6d:1a:4b:b7:00:53:81:
3c:f4:09:a9:5e:96:28:f7:59:c8:86:2c:cd:ad:68:
0b:02:c7:6b:3c:06:3e:5b:0e:7b:fd:8c:71:62:f2:
88:2d:c7:c3:77:b8:7f:bc:e6:86:0f:c4:e5:9c:2c:
f0:49:58:ec:a6:58:2b:42:46:1c:ac:12:7a:a7:ed:
7b:5c:27:a0:84:8d:73:0e:47:19:9d:d7:b3:b6:90:
c0:2c:1b:97:b3:69:48:ec:dd:89:08:0c:1d:92:24:
db:fb:58:86:cb:85:d8:a1:f4:52:17:c5:d2:e2:08:
9f:b8:05:74:ee:8c:c3:10:44:b8:76:86:21:fd:30:
85:ae:28:c9:54:56:de:ea:22:00:a1:7b:fc:62:21:
07:85:47:d7:98:59:16:bc:1a:1e:e7:f8:56:00:82:
05:3b:fa:75:69:98:29:c3:c0:3a:3f:7f:75:70:39:
ff:95:c3:fa:bd:bb:a5:14:43:5d:81:34:b1:47:48:
a0:e4:30:78:df:85:25:bc:9f:ed:59:26:24:db:eb:
cb:50:50:67:50:2e:ec:53:c6:3a:8f:43:fe:42:d6:
6d:03:a3:3b:00:56:ff:80:1e:66:d9:cf:50:a0:4e:
23:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D3:FC:A5:3C:61:5F:75:0F:AE:E9:2E:01:49:15:8F:22:44:2E:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
76:0a:b9:74:9a:f7:0c:9c:af:8b:32:11:ea:a2:2c:e7:ed:a6:
9b:a7:53:21:88:a0:46:dc:f8:4e:f3:a2:2f:57:22:45:bc:85:
e9:b8:b4:e1:96:84:76:2c:c5:f2:5d:39:4e:22:ca:3c:39:a6:
6b:3f:02:e7:5b:f2:ad:5f:79:79:69:54:d6:e4:33:74:04:86:
5b:92:0c:bb:81:84:82:d9:28:86:17:dc:c3:a1:36:65:27:25:
91:49:03:ae:b7:a6:cf:dd:2f:6e:84:dd:48:84:e5:f6:19:a8:
d3:27:dc:58:c7:82:79:8e:c7:28:f0:fe:76:32:4b:5e:95:b5:
eb:fd:8f:cf:4c:d0:ee:69:9d:50:a4:e3:ff:4e:99:72:ce:06:
9d:1e:94:bb:8a:10:da:67:cf:cc:e5:42:a8:b7:a9:1b:c2:d6:
9f:3a:c3:be:14:5d:28:48:18:37:e7:e9:a7:ad:63:74:5c:24:
71:97:8f:32:50:f2:85:dd:52:38:5d:6d:89:8a:5b:1f:13:e5:
91:fd:48:de:21:ad:83:c3:80:56:fc:a2:aa:8e:ac:9a:3b:31:
3c:c8:44:b8:73:c9:9c:cf:c9:36:e6:3c:12:6a:e3:1a:52:83:
16:17:23:ce:c9:5c:51:60:93:ea:a5:1a:62:af:c0:b6:16:92:
93:5f:ec:74
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX1RhoNN2XDDQKAKfl2xTSNhXry4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMTkyNzFhN2EzZWRmNjYyNjZmYjEwNjExMWRhMTAyOGUzYjVlMzFhZGM5
Y2M3NzM0M2E4MDBmZWE5N2MwZjQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvzO9aZ5TuFKk1YtLusHeJgZdiHClBtGku3AFOBPPQJqV6WKPdZyIYsza1o
CwLHazwGPlsOe/2McWLyiC3Hw3e4f7zmhg/E5Zws8ElY7KZYK0JGHKwSeqfte1wn
oISNcw5HGZ3Xs7aQwCwbl7NpSOzdiQgMHZIk2/tYhsuF2KH0UhfF0uIIn7gFdO6M
wxBEuHaGIf0wha4oyVRW3uoiAKF7/GIhB4VH15hZFrwaHuf4VgCCBTv6dWmYKcPA
Oj9/dXA5/5XD+r27pRRDXYE0sUdIoOQweN+FJbyf7VkmJNvry1BQZ1Au7FPGOo9D
/kLWbQOjOwBW/4AeZtnPUKBOIzMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSU0/yl
PGFfdQ+u6S4BSRWPIkQuwjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAdgq5dJr3DJyvizIR6qIs5+2mm6dTIYigRtz4TvOi
L1ciRbyF6bi04ZaEdizF8l05TiLKPDmmaz8C51vyrV95eWlU1uQzdASGW5IMu4GE
gtkohhfcw6E2ZSclkUkDrremz90vboTdSITl9hmo0yfcWMeCeY7HKPD+djJLXpW1
6/2Pz0zQ7mmdUKTj/06Zcs4GnR6Uu4oQ2mfPzOVCqLepG8LWnzrDvhRdKEgYN+fp
p61jdFwkcZePMlDyhd1SOF1tiYpbHxPlkf1I3iGtg8OAVvyiqo6smjsxPMhEuHPJ
nM/JNuY8EmrjGlKDFhcjzslcUWCT6qUaYq/AthaSk1/sdA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:18:19 2025 by rpki-client