
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json)
Hash identifier: 2G19+6cAMg+X+VWHI+9swujxYlpg/730GY4Vo6BGZnQ=
Subject key identifier: 32:5A:92:75:18:EA:79:2B:C6:B1:9E:F4:E0:78:A5:96:AB:BD:15:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24E0BBB224A25AE25D782FA48A9D50AE63970447
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
Signing time: Fri 11 Jul 2025 21:00:49 +0000
ROA not before: Fri 11 Jul 2025 21:00:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:e0:bb:b2:24:a2:5a:e2:5d:78:2f:a4:8a:9d:50:ae:63:97:04:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=46f14936b18d3ada17f577ab82b1fc2e26a30297d83e819922401a7c3d38bdfd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:14:be:34:e5:e6:08:6a:bc:bd:fb:0d:aa:0e:
9b:75:20:11:48:f8:b1:f5:b1:28:2b:44:4e:1e:37:
ab:58:b0:14:32:4d:67:8c:9e:9f:4a:d9:5e:f5:da:
fb:70:48:2c:b1:bd:a0:85:b9:5d:8f:c6:2a:eb:f0:
af:90:d7:eb:bc:ac:38:d4:2f:75:12:ce:23:c4:20:
86:aa:15:90:8c:35:38:0e:3a:d4:f2:d6:38:c1:f3:
31:dc:75:16:11:59:14:3a:c1:7a:6c:9f:35:51:4e:
bb:ef:91:df:4c:84:24:62:e6:1f:b5:5e:b3:ae:6e:
6e:74:58:38:61:e3:fa:d6:eb:71:84:3c:e6:14:ec:
22:6d:41:cb:a5:cf:7c:89:73:97:14:7a:ea:91:8d:
f8:96:42:9e:ac:05:d2:17:c4:d7:b5:71:0d:24:9e:
f6:9d:fb:e8:8e:c3:03:86:25:27:e1:a7:11:12:b9:
da:d6:c0:48:f2:e1:7d:2d:62:89:5e:e3:ed:a2:3d:
a1:7f:be:ec:67:a3:ff:62:89:11:0b:86:44:ff:61:
c1:61:e4:54:73:ce:82:94:90:1b:cf:e2:86:90:dd:
f1:62:34:07:76:40:b3:1c:d2:4d:c7:a0:2f:86:17:
95:c2:c1:e8:ed:6f:6a:9e:1d:07:db:81:a4:67:75:
a6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5A:92:75:18:EA:79:2B:C6:B1:9E:F4:E0:78:A5:96:AB:BD:15:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:0b:a1:63:f3:6f:41:45:6e:37:25:e9:32:cb:71:a2:6a:f4:
d9:62:a6:11:99:04:d7:e4:aa:81:76:71:1e:66:42:6d:08:81:
75:33:fc:6f:3c:ec:bb:c9:72:a7:44:60:fa:0a:8f:46:92:61:
3c:a0:2a:51:40:1c:e6:83:39:d6:88:7b:f9:bc:ca:c8:7c:0b:
58:d6:87:1f:d1:89:75:46:f2:be:70:bc:87:68:3c:0f:7a:36:
ac:d9:3d:1a:f9:d1:f0:1c:65:bf:67:2b:e1:9e:98:d6:7c:66:
30:ef:78:eb:f4:61:5e:aa:6f:1f:23:cd:72:9b:a0:11:12:78:
f7:65:0a:82:68:06:f1:c5:a4:47:bd:5a:18:15:01:3e:27:7e:
32:3e:39:80:dd:aa:0b:6d:9f:19:ca:05:6a:00:2a:4a:5c:ee:
51:84:9f:52:d5:c2:fb:7e:d7:9a:15:50:c7:28:29:95:6e:04:
e4:d8:68:80:8e:f5:2c:53:56:ca:ad:99:6f:0e:35:1f:89:5c:
f1:95:f9:54:b6:01:80:2e:5f:1c:d0:b6:ac:23:0c:d9:d5:93:
52:fa:a3:ae:bd:5f:fb:62:5e:27:2b:d0:29:e2:02:a3:17:45:
ec:59:33:48:eb:03:3c:0a:5a:26:8f:d0:a1:56:76:4f:4e:3f:
0f:07:c2:39
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJOC7siSiWuJdeC+kip1QrmOXBEcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ZjE0OTM2YjE4ZDNhZGExN2Y1NzdhYjgyYjFmYzJlMjZhMzAyOTdkODNl
ODE5OTIyNDAxYTdjM2QzOGJkZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJIUvjTl5ghqvL37DaoOm3UgEUj4sfWxKCtETh43q1iwFDJNZ4yen0rZXvXa
+3BILLG9oIW5XY/GKuvwr5DX67ysONQvdRLOI8QghqoVkIw1OA461PLWOMHzMdx1
FhFZFDrBemyfNVFOu++R30yEJGLmH7Ves65ubnRYOGHj+tbrcYQ85hTsIm1By6XP
fIlzlxR66pGN+JZCnqwF0hfE17VxDSSe9p376I7DA4YlJ+GnERK52tbASPLhfS1i
iV7j7aI9oX++7Gej/2KJEQuGRP9hwWHkVHPOgpSQG8/ihpDd8WI0B3ZAsxzSTceg
L4YXlcLB6O1vap4dB9uBpGd1poECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQyWpJ1
GOp5K8axnvTgeKWWq70V6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQAAC6Fj829BRW43Jekyy3GiavTZYqYRmQTX5KqBdnEe
ZkJtCIF1M/xvPOy7yXKnRGD6Co9GkmE8oCpRQBzmgznWiHv5vMrIfAtY1ocf0Yl1
RvK+cLyHaDwPejas2T0a+dHwHGW/ZyvhnpjWfGYw73jr9GFeqm8fI81ym6AREnj3
ZQqCaAbxxaRHvVoYFQE+J34yPjmA3aoLbZ8ZygVqACpKXO5RhJ9S1cL7fteaFVDH
KCmVbgTk2GiAjvUsU1bKrZlvDjUfiVzxlflUtgGALl8c0LasIwzZ1ZNS+qOuvV/7
Yl4nK9Ap4gKjF0XsWTNI6wM8Clomj9ChVnZPTj8PB8I5
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:16:44 2025 by rpki-client