Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
File: 80e298e3-975b-4cea-9586-8d04a37a53a2.roa (raw, json)
Hash identifier: 3C6dz77sgs/57FWjtLGMzSkQ9xMIypueLuq1u1Bbf/o=
Subject key identifier: 13:32:8F:75:10:06:CD:B0:C8:32:88:25:59:D9:E5:F5:CA:54:41:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D76965D72BA61B46DC4B0EB137170B239B71163
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
Signing time: Mon 28 Jul 2025 16:10:03 +0000
ROA not before: Mon 28 Jul 2025 16:10:03 +0000
ROA not after: Mon 01 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:76:96:5d:72:ba:61:b4:6d:c4:b0:eb:13:71:70:b2:39:b7:11:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 28 16:10:03 2025 GMT
Not After : Sep 1 23:59:59 2025 GMT
Subject: serialNumber=7bcf3ca196b2f800528819cf6b892da0faa95e514035f4f1f9659eb1f8afefe8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b4:06:9a:75:d8:f6:55:16:55:27:c6:d9:62:
c4:bd:99:cf:b8:12:e8:0e:ad:21:f9:17:9d:8b:11:
29:b4:ed:9d:6a:c0:56:9d:b8:b8:9f:43:99:d6:03:
1a:98:72:04:e2:0d:d5:bf:88:02:17:9d:27:f2:25:
39:38:24:36:26:ea:77:8c:ce:13:ed:15:bc:e3:bf:
80:a8:02:3b:7d:c6:14:f0:c6:02:0a:08:6c:f4:d2:
bd:ee:41:49:31:20:20:d7:0e:8b:24:71:df:ec:a2:
b7:89:4a:f5:5d:16:52:75:29:b3:85:2c:8b:d2:ac:
e5:3d:e1:d2:be:73:3c:d2:ce:75:b0:a3:ec:fa:e5:
37:b0:a5:b1:42:d9:00:aa:63:71:e1:75:cf:1f:36:
c3:97:81:9d:bb:03:51:ba:61:45:bd:cf:d7:b5:9b:
a2:92:45:5c:05:e4:48:5a:3a:2e:75:24:3b:a9:bb:
06:dd:e8:72:1d:32:cf:79:45:40:5d:f0:03:e8:e8:
37:fd:d1:6e:a2:aa:fa:07:ba:be:5a:07:4b:db:fc:
e4:6e:61:ea:33:ca:fe:11:35:d2:d6:a4:88:06:01:
28:59:d4:7b:09:2b:cf:23:fa:d3:8b:e4:8c:f6:1e:
d0:5f:20:5b:68:af:05:28:b4:90:da:69:1b:ca:98:
a3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:32:8F:75:10:06:CD:B0:C8:32:88:25:59:D9:E5:F5:CA:54:41:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:cc:1a:b5:18:8b:6a:7a:20:ec:a0:2b:72:f2:5a:22:38:5c:
a3:fb:c9:c3:0d:31:b4:07:79:e0:52:4c:20:67:3c:69:91:96:
b9:ba:95:d9:de:94:be:b8:ac:03:89:23:5f:23:ff:0b:52:5b:
97:8d:18:7a:74:ef:b5:ed:81:c0:aa:e6:43:23:f9:bd:78:d9:
c3:ac:ab:89:5c:45:f0:f0:dd:ba:3e:3f:14:3f:c2:31:39:0e:
a2:e8:17:40:9b:e3:98:46:e2:63:a9:7e:b2:95:87:9f:ea:a4:
43:e0:65:6e:26:fa:4c:f7:9b:14:16:c3:2a:d7:56:5a:ad:77:
56:75:73:f4:2b:82:cd:7a:3c:6c:6f:61:fa:00:7e:ce:ee:1d:
b2:d1:72:f4:0b:84:10:59:07:d7:5f:44:ce:1b:97:fe:a2:a7:
62:a1:08:a8:04:b0:2e:52:84:7b:8c:29:30:66:2b:1c:1f:d0:
c3:df:1e:24:e9:43:0b:bc:51:1b:d6:ce:f5:82:7a:f3:97:4d:
bf:a9:1f:ed:8d:1e:cf:98:2f:e7:2f:be:58:79:7b:81:ba:18:
cc:82:a5:55:d5:15:41:bb:60:dc:68:a7:3c:aa:9a:62:6c:de:
7a:fa:3e:11:d3:66:4d:d9:37:d0:46:a4:40:c1:c4:7d:b2:00:
7f:58:5e:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTXaWXXK6YbRtxLDrE3Fwsjm3EWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjgxNjEwMDNaFw0yNTA5MDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiY2YzY2ExOTZiMmY4MDA1Mjg4MTljZjZiODkyZGEwZmFhOTVlNTE0MDM1
ZjRmMWY5NjU5ZWIxZjhhZmVmZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKe0Bpp12PZVFlUnxtlixL2Zz7gS6A6tIfkXnYsRKbTtnWrAVp24uJ9DmdYD
GphyBOIN1b+IAhedJ/IlOTgkNibqd4zOE+0VvOO/gKgCO33GFPDGAgoIbPTSve5B
STEgINcOiyRx3+yit4lK9V0WUnUps4Usi9Ks5T3h0r5zPNLOdbCj7PrlN7ClsULZ
AKpjceF1zx82w5eBnbsDUbphRb3P17WbopJFXAXkSFo6LnUkO6m7Bt3och0yz3lF
QF3wA+joN/3RbqKq+ge6vloHS9v85G5h6jPK/hE10takiAYBKFnUewkrzyP604vk
jPYe0F8gW2ivBSi0kNppG8qYo6UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQTMo91
EAbNsMgyiCVZ2eX1ylRBbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBlMjk4ZTMtOTc1Yi00Y2VhLTk1ODYtOGQwNGEzN2E1M2EyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADldMA0G
CSqGSIb3DQEBCwUAA4IBAQC5zBq1GItqeiDsoCty8loiOFyj+8nDDTG0B3ngUkwg
ZzxpkZa5upXZ3pS+uKwDiSNfI/8LUluXjRh6dO+17YHAquZDI/m9eNnDrKuJXEXw
8N26Pj8UP8IxOQ6i6BdAm+OYRuJjqX6ylYef6qRD4GVuJvpM95sUFsMq11ZarXdW
dXP0K4LNejxsb2H6AH7O7h2y0XL0C4QQWQfXX0TOG5f+oqdioQioBLAuUoR7jCkw
ZiscH9DD3x4k6UMLvFEb1s71gnrzl02/qR/tjR7PmC/nL75YeXuBuhjMgqVV1RVB
u2DcaKc8qppibN56+j4R02ZN2TfQRqRAwcR9sgB/WF7G
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:43:40 2025 by rpki-client