Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
File: 95019996-0ef4-4f98-90e2-dd7efc004375.roa (raw, json)
Hash identifier: x5flBtSkSUx3koi7X6nu5EljMRehiWt7GXGAD1FYpZg=
Subject key identifier: 57:64:5A:08:09:49:A7:A6:E0:EC:45:AB:FF:32:93:54:54:DA:A9:B5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15B3A1F55ABAB582E51A93697DB777C50FF40083
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
Signing time: Fri 11 Jul 2025 20:50:51 +0000
ROA not before: Fri 11 Jul 2025 20:50:51 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.244.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:b3:a1:f5:5a:ba:b5:82:e5:1a:93:69:7d:b7:77:c5:0f:f4:00:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:51 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=5b6ef96c4ac9ae46cbde3f3a754f1c8ac7560cc822a79dfc03c685a2b70b4fd2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:90:d8:6f:fc:79:eb:17:f4:f5:c7:c3:9e:
fe:7c:e9:5c:15:9f:11:24:f6:50:a6:0c:1f:96:21:
a6:3a:53:00:fb:c1:75:1d:fe:bc:20:ce:15:2d:90:
17:e0:bf:30:b4:3e:4a:40:f3:81:33:66:89:26:8a:
28:06:4c:ef:b0:81:97:b0:7f:9e:42:37:43:cf:b4:
41:15:23:f9:f2:1f:e8:6f:4e:2b:11:a1:0a:3a:03:
45:8d:78:05:c5:84:d4:c5:3c:a0:05:77:33:ef:9b:
be:fe:59:c0:a4:14:82:9f:da:9a:fd:64:36:02:56:
60:e0:ad:16:14:0d:02:5c:10:d4:92:73:74:70:19:
4e:c3:5c:6b:41:58:26:0c:eb:e0:01:05:55:07:9e:
bc:c4:a3:c5:60:71:dd:8b:bd:d9:73:42:fb:a2:82:
bf:b4:d8:5c:ee:8b:17:69:c5:ab:0a:c6:69:b0:68:
9a:f2:3f:28:cc:13:3a:c6:06:42:04:a0:5e:92:88:
a7:cf:4e:b0:e4:4e:48:ef:c6:55:4c:79:02:47:61:
0d:2d:8d:74:67:54:c5:38:22:bb:b7:e3:51:b1:69:
a3:29:22:eb:61:b8:f0:00:ba:a1:da:12:cb:08:39:
19:d9:db:b1:d2:78:a1:e8:c2:bc:3f:84:a1:b3:33:
29:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:64:5A:08:09:49:A7:A6:E0:EC:45:AB:FF:32:93:54:54:DA:A9:B5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95019996-0ef4-4f98-90e2-dd7efc004375.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:93:a2:f8:85:3f:91:29:1a:5a:2e:a0:c5:95:18:7c:a6:be:
aa:be:31:51:db:53:db:e1:42:2a:f5:17:0c:80:bc:a2:06:33:
a0:37:6c:ca:82:e7:a3:16:70:7e:6e:84:1e:00:90:49:87:d1:
9d:4f:ce:48:75:a5:fd:d2:86:43:16:1a:3e:c1:ca:08:5d:80:
13:41:c4:26:e8:dd:cf:83:1b:31:4b:7f:be:0a:64:04:1f:47:
aa:b0:32:4c:54:58:22:d7:6b:cf:fb:da:be:93:df:f1:65:00:
4d:7a:60:bd:28:dc:80:79:38:49:bc:8a:a6:b7:98:d9:06:1f:
c1:bd:72:ff:06:26:21:c1:7c:12:4e:5d:2b:b8:90:00:e5:37:
bc:f6:4f:28:c0:52:d6:87:18:c2:f4:8f:92:93:6d:cb:3c:c8:
36:d2:ac:ab:8a:4b:f4:dc:c3:a9:5b:b1:52:e8:df:c6:ae:ce:
02:13:a2:fe:21:68:12:1a:57:44:ea:35:72:69:a0:e1:b9:76:
11:b6:3c:b9:1a:9c:f7:04:36:9f:06:e5:a8:75:fa:b7:41:6f:
81:fc:f7:b7:cb:34:43:ed:51:38:46:fd:2e:1a:c4:25:65:a9:
4a:64:a6:07:ee:8f:9d:0c:72:e9:d3:7a:ac:ff:6e:4b:5f:86:
9b:2c:79:7e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFbOh9Vq6tYLlGpNpfbd3xQ/0AIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTFaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDViNmVmOTZjNGFjOWFlNDZjYmRlM2YzYTc1NGYxYzhhYzc1NjBjYzgyMmE3
OWRmYzAzYzY4NWEyYjcwYjRmZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ58kNhv/HnrF/T1x8Oe/nzpXBWfEST2UKYMH5YhpjpTAPvBdR3+vCDOFS2Q
F+C/MLQ+SkDzgTNmiSaKKAZM77CBl7B/nkI3Q8+0QRUj+fIf6G9OKxGhCjoDRY14
BcWE1MU8oAV3M++bvv5ZwKQUgp/amv1kNgJWYOCtFhQNAlwQ1JJzdHAZTsNca0FY
Jgzr4AEFVQeevMSjxWBx3Yu92XNC+6KCv7TYXO6LF2nFqwrGabBomvI/KMwTOsYG
QgSgXpKIp89OsOROSO/GVUx5AkdhDS2NdGdUxTgiu7fjUbFpoyki62G48AC6odoS
ywg5GdnbsdJ4oejCvD+EobMzKb0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRXZFoI
CUmnpuDsRav/MpNUVNqptTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTUwMTk5OTYtMGVmNC00Zjk4LTkwZTItZGQ3ZWZjMDA0Mzc1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/0MA0G
CSqGSIb3DQEBCwUAA4IBAQBck6L4hT+RKRpaLqDFlRh8pr6qvjFR21Pb4UIq9RcM
gLyiBjOgN2zKguejFnB+boQeAJBJh9GdT85IdaX90oZDFho+wcoIXYATQcQm6N3P
gxsxS3++CmQEH0eqsDJMVFgi12vP+9q+k9/xZQBNemC9KNyAeThJvIqmt5jZBh/B
vXL/BiYhwXwSTl0ruJAA5Te89k8owFLWhxjC9I+Sk23LPMg20qyrikv03MOpW7FS
6N/Grs4CE6L+IWgSGldE6jVyaaDhuXYRtjy5Gpz3BDafBuWodfq3QW+B/Pe3yzRD
7VE4Rv0uGsQlZalKZKYH7o+dDHLp03qs/25LX4abLHl+
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:18:41 2025 by rpki-client