Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: vxMi2d/oEwyBndczznC7vh/rEtdddAlg2kQfNZFfwX4=
Subject key identifier: 22:06:DC:DF:35:A5:1B:7E:CA:53:EB:CF:5B:FF:17:B7:86:09:65:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0232E5AC8B72111DB8E2728C1566EAA21C65E0B6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Fri 11 Jul 2025 20:50:47 +0000
ROA not before: Fri 11 Jul 2025 20:50:47 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:32:e5:ac:8b:72:11:1d:b8:e2:72:8c:15:66:ea:a2:1c:65:e0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:47 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=9a14e69edf24047b22152a0743cf6311f102c2e8f365d27a4805d419776c5318, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:0d:cc:41:5e:f4:38:bc:7e:0c:2b:d3:9b:21:
51:9b:d9:7e:d3:21:e7:68:66:53:17:51:92:6c:3a:
53:c0:dd:fc:1a:f6:2c:6e:ae:2f:58:e2:2d:6b:24:
41:f9:7b:a8:47:c9:43:50:4b:3b:d9:a9:cd:76:5e:
ae:1d:62:73:d1:f4:9d:ca:f4:86:66:69:86:55:d7:
f0:51:38:f3:d3:23:ca:3b:1e:65:7f:15:9c:65:ab:
3f:23:bf:32:77:fb:48:80:20:9d:44:dd:b3:cf:78:
ee:a6:ee:4b:a8:b0:49:9a:ba:23:e9:a1:46:5f:91:
7e:37:02:6d:2e:50:7c:6f:c9:68:43:55:c2:90:c9:
4a:33:32:77:07:5f:ec:f2:13:77:0a:1d:b8:5a:d1:
f0:36:e7:e3:f7:ef:e5:e3:14:f1:08:cd:ab:3c:aa:
42:37:0b:03:fe:ac:8e:81:33:ab:9c:9e:67:b0:54:
bf:8e:2a:dc:a0:03:5f:98:c2:b0:ff:c1:1c:ec:9d:
b4:8c:27:ec:e0:0a:db:b4:5e:8a:71:45:f8:11:26:
4a:3f:95:02:c6:d1:6c:a8:44:5f:fe:94:13:ad:b6:
52:75:17:51:7d:da:b6:9a:3a:9b:1e:6f:23:3f:2a:
c7:16:70:61:5a:d7:a2:d2:42:75:46:90:17:e6:1a:
85:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:06:DC:DF:35:A5:1B:7E:CA:53:EB:CF:5B:FF:17:B7:86:09:65:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b4:cf:a2:4b:68:e0:87:87:f4:e3:3d:9e:73:4b:c8:88:32:c7:
9a:d7:6e:65:2a:70:25:fb:08:2a:d2:f2:54:8f:44:5d:67:70:
f5:9c:27:c0:5a:7e:43:d6:0b:4d:b8:fb:29:9a:b8:72:2d:8c:
34:56:ae:76:b0:e9:6e:0f:f0:7f:8c:01:b4:be:f2:68:80:8e:
65:09:28:1f:3f:f9:55:66:6e:81:35:ae:4b:b4:75:b3:9e:ba:
0a:2a:80:54:e0:96:8d:e9:6e:93:b4:7c:d1:51:29:b0:5b:9a:
92:93:56:f8:d1:3f:67:fa:5e:5d:6c:47:ef:dd:7d:e5:f4:10:
ce:df:c7:83:5a:12:da:40:c4:0c:e4:a0:a7:04:be:0a:e4:46:
d1:22:ae:0e:85:22:e1:40:59:ec:00:24:74:45:c4:85:3d:8e:
3b:3a:dd:50:4d:a0:22:76:d9:aa:7c:63:3e:f6:a2:df:bc:d2:
68:a3:ca:18:00:85:ae:48:39:e7:0c:8e:5e:cf:49:37:40:39:
53:42:cd:2b:c6:0b:0c:d5:76:76:15:16:60:bf:dc:b2:09:f3:
51:f8:a8:13:d9:d3:e1:57:11:f5:bb:44:9d:5d:64:6e:5b:df:
f0:87:64:cb:3b:29:7f:e7:ce:dc:42:c4:96:b7:33:ae:08:8e:
32:55:be:12
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAjLlrItyER244nKMFWbqohxl4LYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNDdaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhMTRlNjllZGYyNDA0N2IyMjE1MmEwNzQzY2Y2MzExZjEwMmMyZThmMzY1
ZDI3YTQ4MDVkNDE5Nzc2YzUzMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANUNzEFe9Di8fgwr05shUZvZftMh52hmUxdRkmw6U8Dd/Br2LG6uL1jiLWsk
Qfl7qEfJQ1BLO9mpzXZerh1ic9H0ncr0hmZphlXX8FE489MjyjseZX8VnGWrPyO/
Mnf7SIAgnUTds8947qbuS6iwSZq6I+mhRl+RfjcCbS5QfG/JaENVwpDJSjMydwdf
7PITdwoduFrR8Dbn4/fv5eMU8QjNqzyqQjcLA/6sjoEzq5yeZ7BUv44q3KADX5jC
sP/BHOydtIwn7OAK27ReinFF+BEmSj+VAsbRbKhEX/6UE622UnUXUX3atpo6mx5v
Iz8qxxZwYVrXotJCdUaQF+YahXcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQiBtzf
NaUbfspT689b/xe3hgllJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQC0z6JLaOCHh/TjPZ5zS8iIMsea125lKnAl+wgq0vJU
j0RdZ3D1nCfAWn5D1gtNuPspmrhyLYw0Vq52sOluD/B/jAG0vvJogI5lCSgfP/lV
Zm6BNa5LtHWznroKKoBU4JaN6W6TtHzRUSmwW5qSk1b40T9n+l5dbEfv3X3l9BDO
38eDWhLaQMQM5KCnBL4K5EbRIq4OhSLhQFnsACR0RcSFPY47Ot1QTaAidtmqfGM+
9qLfvNJoo8oYAIWuSDnnDI5ez0k3QDlTQs0rxgsM1XZ2FRZgv9yyCfNR+KgT2dPh
VxH1u0SdXWRuW9/wh2TLOyl/587cQsSWtzOuCI4yVb4S
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:29:17 2025 by rpki-client