Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: nts1N86DsRTyOoGt9Ngj0qYyopHdHjN1PBZxBlNbM30=
Subject key identifier: 28:BF:7F:5F:CB:08:BD:2F:97:B3:4A:25:DA:14:9B:CF:0A:48:2B:C6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 555DE7A1CC0528DA3E44AA1CB92B10B6C6FDA50D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Mon 21 Jul 2025 17:00:40 +0000
ROA not before: Mon 21 Jul 2025 17:00:40 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:5d:e7:a1:cc:05:28:da:3e:44:aa:1c:b9:2b:10:b6:c6:fd:a5:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:40 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=d0ea507ec420658121f61586b9a9b9c62856d22d3b4b5c7fbd467c1df0aee25e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:90:31:fe:bc:0c:fa:0a:58:d1:d0:1d:f5:ad:
46:26:bf:14:d1:91:4d:e9:fc:17:33:e4:b6:2c:86:
f6:12:2d:2f:a9:28:aa:2e:76:3c:2d:a0:75:21:6f:
e8:64:b2:59:54:e1:54:6f:51:05:e5:01:ec:45:e6:
24:d2:d3:c6:b9:b4:b0:74:8f:1e:9a:32:d6:32:d5:
01:2a:bd:a8:b6:c9:4b:eb:7e:96:08:dc:d0:f4:f2:
2c:79:d6:c4:ba:36:19:ae:14:73:50:65:56:e1:6a:
fb:4c:3b:a8:81:c1:88:fa:64:a5:74:e8:9c:c8:ec:
15:7b:be:48:39:02:11:d3:18:67:f3:a1:5a:fb:be:
11:e0:c0:d3:8e:21:40:09:8f:bc:8d:fa:8c:96:9b:
0d:b3:31:2b:dc:97:9a:ec:bc:1d:e7:7e:34:e3:b5:
fb:28:7e:de:1d:66:8a:b6:fe:16:99:d6:64:54:ae:
95:0d:53:c7:6d:40:17:97:68:7d:b0:e7:16:8d:c8:
5e:3e:e4:5f:93:58:d4:d6:4c:4d:4c:2b:fa:fa:c1:
51:c2:ad:9e:00:09:45:1e:3d:5a:8c:bf:c0:6e:7c:
3f:1e:cc:e6:1b:89:02:53:51:a4:5c:87:a1:07:10:
97:6c:18:e7:97:27:84:66:dd:b4:73:35:c3:d8:d8:
78:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BF:7F:5F:CB:08:BD:2F:97:B3:4A:25:DA:14:9B:CF:0A:48:2B:C6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
38:98:57:5e:4e:7f:d7:db:68:b1:98:a8:4b:6d:3e:44:5a:b9:
bc:85:4e:ae:7e:2b:23:10:e5:fd:9b:c0:9f:5e:2d:9e:ad:23:
5c:7b:8f:78:b2:25:87:22:69:8e:95:82:69:f4:65:be:d4:e2:
e2:b4:e8:cc:3c:f7:a1:de:11:9a:61:69:d2:da:44:bd:b9:3a:
8a:a0:d2:31:ec:0c:f4:a9:4a:89:71:18:30:64:b1:a5:a8:10:
bc:1c:07:05:09:33:bf:8e:fa:a7:80:51:5f:83:e2:0d:c8:98:
35:37:8c:e7:8f:b4:93:76:4d:5c:f6:8d:65:c5:50:8f:77:00:
db:8b:62:22:1c:63:13:81:3c:f9:e0:03:4e:41:47:b7:26:89:
eb:d9:8e:f2:84:d4:a1:e3:d4:b4:7c:ff:6c:f3:83:8e:22:5d:
a3:55:c7:81:c6:df:7b:f2:41:2c:bc:80:94:4a:f3:09:0b:f7:
f9:27:9c:5f:a1:c1:d5:79:d8:1b:af:8d:97:19:55:53:49:5b:
00:c2:6c:80:b1:fe:f0:7c:b8:a2:a1:f0:7c:57:5f:83:8c:80:
6e:4f:c1:bd:1c:5f:58:db:ca:1c:d1:ad:b7:05:ff:fd:87:c3:
4b:d1:1b:c0:f5:32:d9:9a:c0:f4:f3:34:db:b9:63:62:2b:dc:
38:5f:30:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVV3nocwFKNo+RKocuSsQtsb9pQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwZWE1MDdlYzQyMDY1ODEyMWY2MTU4NmI5YTliOWM2Mjg1NmQyMmQzYjRi
NWM3ZmJkNDY3YzFkZjBhZWUyNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKyQMf68DPoKWNHQHfWtRia/FNGRTen8FzPktiyG9hItL6koqi52PC2gdSFv
6GSyWVThVG9RBeUB7EXmJNLTxrm0sHSPHpoy1jLVASq9qLbJS+t+lgjc0PTyLHnW
xLo2Ga4Uc1BlVuFq+0w7qIHBiPpkpXTonMjsFXu+SDkCEdMYZ/OhWvu+EeDA044h
QAmPvI36jJabDbMxK9yXmuy8Hed+NOO1+yh+3h1mirb+FpnWZFSulQ1Tx21AF5do
fbDnFo3IXj7kX5NY1NZMTUwr+vrBUcKtngAJRR49Woy/wG58Px7M5huJAlNRpFyH
oQcQl2wY55cnhGbdtHM1w9jYeMUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQov39f
ywi9L5ezSiXaFJvPCkgrxjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAOJhXXk5/19tosZioS20+RFq5vIVOrn4rIxDl/ZvA
n14tnq0jXHuPeLIlhyJpjpWCafRlvtTi4rTozDz3od4RmmFp0tpEvbk6iqDSMewM
9KlKiXEYMGSxpagQvBwHBQkzv476p4BRX4PiDciYNTeM54+0k3ZNXPaNZcVQj3cA
24tiIhxjE4E8+eADTkFHtyaJ69mO8oTUoePUtHz/bPODjiJdo1XHgcbfe/JBLLyA
lErzCQv3+SecX6HB1XnYG6+NlxlVU0lbAMJsgLH+8Hy4oqHwfFdfg4yAbk/BvRxf
WNvKHNGttwX//YfDS9EbwPUy2ZrA9PM027ljYivcOF8wzQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:47:01 2025 by rpki-client