Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: ddKJRYkUO5t0belJK5o1u2zgurjN76cF6GTag0uy/A4=
Subject key identifier: 70:4A:AA:BF:68:71:A0:1C:0C:8F:8E:A8:A5:6E:51:E3:72:39:05:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4BE0E95181968CFC41C680F873809E213D0C60DB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Mon 21 Jul 2025 17:00:43 +0000
ROA not before: Mon 21 Jul 2025 17:00:43 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:e0:e9:51:81:96:8c:fc:41:c6:80:f8:73:80:9e:21:3d:0c:60:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:43 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=694904c460cf5edd545fd4fe28e7c992b11ab12f2f8eec3bac64ef45783f7feb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:16:35:0f:ea:30:4a:9e:a8:14:d5:00:6e:3e:
c5:12:b2:8d:c9:ec:ed:6f:33:c6:52:d2:d3:9b:85:
6f:44:92:b8:ea:42:04:88:82:94:57:0c:a6:52:b6:
49:a8:56:46:78:17:c1:da:f5:e0:55:85:8c:17:c4:
c6:15:68:29:4d:4a:20:15:eb:8a:3f:62:a7:4f:e0:
37:8b:15:e8:78:3f:c7:c4:c6:e2:01:b9:d0:41:d0:
7b:1d:6f:47:ad:d7:89:81:61:2f:aa:04:58:d8:24:
2a:f0:84:3d:01:15:53:43:93:da:87:7a:f2:ce:87:
b3:88:56:17:62:b8:75:18:e0:99:d3:f8:92:23:4f:
2d:b3:20:24:21:05:dc:4e:7d:ca:2f:ac:55:76:bf:
46:45:b9:b2:5b:64:b9:d1:a5:53:55:2e:43:da:4f:
e5:c9:33:85:a8:64:4d:e5:57:6e:37:9f:b0:af:56:
eb:ea:4e:d6:88:ca:3b:1e:9c:dd:05:23:2e:43:e3:
fc:ca:fa:e9:3e:00:65:fb:13:5e:4c:49:b1:f7:6d:
c0:4a:21:da:89:bf:68:d3:8f:cb:ea:48:95:33:89:
f7:ea:bb:ce:c8:2b:26:08:ec:95:7b:f3:07:56:34:
c6:24:ed:28:8f:c9:40:82:58:c9:c8:7f:c7:a2:e7:
15:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4A:AA:BF:68:71:A0:1C:0C:8F:8E:A8:A5:6E:51:E3:72:39:05:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
97:0c:b9:1e:fb:1e:4e:9b:a5:fd:cc:9d:6b:44:40:c8:f2:66:
b6:6e:34:dd:26:0c:90:6a:74:55:5f:71:34:bb:16:f1:42:8d:
98:3a:9d:50:51:16:32:1c:99:34:67:3e:17:41:65:6a:e9:ac:
9f:58:75:cb:c3:0b:b4:1c:ce:d8:90:8c:0c:51:1d:35:9e:c3:
32:b8:3a:9c:27:c6:e8:9f:c5:4b:78:dc:c3:ce:c7:dc:d0:5c:
94:0d:b3:73:de:4b:d5:75:95:45:91:be:14:25:a0:bd:c4:9e:
24:0e:35:b6:50:52:80:d3:75:8e:70:38:3c:5b:7d:5b:38:a8:
a5:31:bc:76:a8:63:46:e4:32:28:13:a0:59:e8:26:6e:2e:73:
80:83:d9:ef:b8:53:58:8b:21:00:67:1e:2a:bc:18:89:a4:6c:
64:6f:b1:3c:41:13:47:a0:df:c1:89:47:d0:ed:bc:f5:0c:38:
25:8c:bc:5c:5c:85:d6:87:42:b7:76:86:e7:bb:bf:a5:1e:bc:
2f:c7:c3:07:68:79:63:ce:8f:81:fb:6a:f0:f1:8c:74:7f:a2:
d3:5c:f7:fc:fd:8e:b4:2b:91:69:5f:33:3d:f4:a6:b9:91:4e:
2c:a5:80:29:e3:fc:17:32:20:35:1e:87:c6:a4:bb:77:1c:68:
a6:16:9d:69
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUS+DpUYGWjPxBxoD4c4CeIT0MYNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDNaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5NDkwNGM0NjBjZjVlZGQ1NDVmZDRmZTI4ZTdjOTkyYjExYWIxMmYyZjhl
ZWMzYmFjNjRlZjQ1NzgzZjdmZWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM8WNQ/qMEqeqBTVAG4+xRKyjcns7W8zxlLS05uFb0SSuOpCBIiClFcMplK2
SahWRngXwdr14FWFjBfExhVoKU1KIBXrij9ip0/gN4sV6Hg/x8TG4gG50EHQex1v
R63XiYFhL6oEWNgkKvCEPQEVU0OT2od68s6Hs4hWF2K4dRjgmdP4kiNPLbMgJCEF
3E59yi+sVXa/RkW5sltkudGlU1UuQ9pP5ckzhahkTeVXbjefsK9W6+pO1ojKOx6c
3QUjLkPj/Mr66T4AZfsTXkxJsfdtwEoh2om/aNOPy+pIlTOJ9+q7zsgrJgjslXvz
B1Y0xiTtKI/JQIJYych/x6LnFS0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBRwSqq/
aHGgHAyPjqilblHjcjkFBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAJcMuR77Hk6bpf3MnWtEQMjyZrZuNN0mDJBqdFVf
cTS7FvFCjZg6nVBRFjIcmTRnPhdBZWrprJ9YdcvDC7QcztiQjAxRHTWewzK4Opwn
xuifxUt43MPOx9zQXJQNs3PeS9V1lUWRvhQloL3EniQONbZQUoDTdY5wODxbfVs4
qKUxvHaoY0bkMigToFnoJm4uc4CD2e+4U1iLIQBnHiq8GImkbGRvsTxBE0eg38GJ
R9DtvPUMOCWMvFxchdaHQrd2hue7v6UevC/HwwdoeWPOj4H7avDxjHR/otNc9/z9
jrQrkWlfMz30prmRTiylgCnj/BcyIDUeh8aku3ccaKYWnWk=
-----END CERTIFICATE-----
Generated at Tue Aug 5 21:37:30 2025 by rpki-client