Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: WQlEuH8K0Q8isUX7Ru5zqCF7kQE6XR8w4E+o/tXOzs4=
Subject key identifier: E4:C9:8B:2A:65:8B:66:94:21:3B:DF:08:B8:65:2C:FC:F3:32:32:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 40AE1ECAEDBD647251F289040456630800277F70
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Fri 11 Jul 2025 20:51:02 +0000
ROA not before: Fri 11 Jul 2025 20:51:02 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ae:1e:ca:ed:bd:64:72:51:f2:89:04:04:56:63:08:00:27:7f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:51:02 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7c45a667c65a401c1fdba175e462d141357a1da9eb4fd9dfc980ec573c370683, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:37:a6:23:db:e0:cd:43:c0:9b:a8:e1:75:
fc:b2:74:06:a5:06:b8:6a:4c:f3:95:c9:3e:3d:c2:
0f:88:d8:ce:db:d0:1d:1a:90:dc:a3:e9:5e:d4:dd:
4a:98:26:bf:ff:9c:a9:79:1e:1c:d4:d3:94:39:42:
bb:85:f4:2d:17:70:e3:78:17:0d:a9:ba:51:9e:9e:
ef:f7:c6:da:ed:c2:ae:10:e8:cf:a0:2d:67:ed:d8:
6d:76:c0:d5:be:b3:31:9c:13:49:2a:70:4f:a3:3c:
e8:dc:2c:b8:8f:72:95:69:7b:f7:d6:96:a3:c7:cd:
c3:f0:7f:f1:8b:da:d4:a5:7e:3b:6f:8d:6c:f5:79:
8a:8c:64:1c:3a:60:ec:dd:32:66:7d:19:cf:d5:07:
68:e7:d1:12:32:bf:6c:14:3f:ea:80:69:f0:57:17:
bd:0a:82:6c:6f:e0:7b:6e:48:de:41:0b:7c:be:17:
48:e7:77:9a:a3:c7:eb:c9:f1:6d:d9:b4:2c:8f:17:
6e:36:23:5a:48:35:bd:57:f4:c2:44:13:fb:55:87:
ad:85:a5:97:1e:88:ce:23:a5:29:01:ed:3f:d2:dd:
fd:30:3f:6d:64:28:31:ce:07:3f:0d:c7:be:f8:78:
43:8b:55:0a:57:93:d8:49:97:1d:4e:84:80:04:0b:
ae:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C9:8B:2A:65:8B:66:94:21:3B:DF:08:B8:65:2C:FC:F3:32:32:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:c2:e3:82:f6:d1:9f:e7:90:95:c2:02:d4:97:5a:59:bc:9f:
08:d2:4a:0e:10:81:a1:05:f5:2e:41:9b:01:1b:af:17:cc:13:
01:85:f2:4d:22:59:d2:e2:c2:66:a6:c8:b3:83:fb:fa:21:52:
80:bc:9e:f0:c6:b9:f8:f1:6e:be:ff:9d:9f:7a:16:83:af:2f:
7d:30:fa:dd:1c:a7:eb:02:85:24:1b:a4:c4:e0:69:5b:63:82:
93:f3:00:f3:a2:97:21:df:c1:89:60:69:34:13:50:f7:d0:4f:
4c:ae:a1:73:2c:74:71:40:5d:f9:84:7a:f4:1d:ef:82:63:c7:
d2:97:48:de:58:fe:46:9d:53:b1:98:ba:59:54:52:55:8d:e1:
0a:ab:dc:c0:a5:a1:b3:f9:97:93:0f:0a:49:79:34:8a:4e:74:
29:9c:be:e4:60:d5:81:bc:6a:ed:42:6b:33:52:51:09:44:43:
f1:54:75:d5:a1:3c:8e:14:89:04:f4:5b:d8:aa:be:d4:17:61:
29:10:dd:88:3b:36:22:0f:62:60:0e:f1:b5:86:fe:86:a2:29:
54:e1:a0:c4:45:10:fe:63:e9:0f:10:1c:29:5a:8f:a3:35:16:
06:75:27:69:c7:09:19:6d:ba:98:47:3f:1d:b9:f2:0b:a6:47:
ef:6a:a3:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQK4eyu29ZHJR8okEBFZjCAAnf3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUxMDJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdjNDVhNjY3YzY1YTQwMWMxZmRiYTE3NWU0NjJkMTQxMzU3YTFkYTllYjRm
ZDlkZmM5ODBlYzU3M2MzNzA2ODMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKL+N6Yj2+DNQ8CbqOF1/LJ0BqUGuGpM85XJPj3CD4jYztvQHRqQ3KPpXtTd
Spgmv/+cqXkeHNTTlDlCu4X0LRdw43gXDam6UZ6e7/fG2u3CrhDoz6AtZ+3YbXbA
1b6zMZwTSSpwT6M86NwsuI9ylWl799aWo8fNw/B/8Yva1KV+O2+NbPV5ioxkHDpg
7N0yZn0Zz9UHaOfREjK/bBQ/6oBp8FcXvQqCbG/ge25I3kELfL4XSOd3mqPH68nx
bdm0LI8XbjYjWkg1vVf0wkQT+1WHrYWllx6IziOlKQHtP9Ld/TA/bWQoMc4HPw3H
vvh4Q4tVCleT2EmXHU6EgAQLrpcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTkyYsq
ZYtmlCE73wi4ZSz88zIyizAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQCtwuOC9tGf55CVwgLUl1pZvJ8I0koOEIGhBfUuQZsB
G68XzBMBhfJNIlnS4sJmpsizg/v6IVKAvJ7wxrn48W6+/52fehaDry99MPrdHKfr
AoUkG6TE4GlbY4KT8wDzopch38GJYGk0E1D30E9MrqFzLHRxQF35hHr0He+CY8fS
l0jeWP5GnVOxmLpZVFJVjeEKq9zApaGz+ZeTDwpJeTSKTnQpnL7kYNWBvGrtQmsz
UlEJREPxVHXVoTyOFIkE9FvYqr7UF2EpEN2IOzYiD2JgDvG1hv6GoilU4aDERRD+
Y+kPEBwpWo+jNRYGdSdpxwkZbbqYRz8dufILpkfvaqNI
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:09:03 2025 by rpki-client