
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: jEiFerDdkCnKx77350722xP6r68VwhP5SO3m2j9S3qg=
Subject key identifier: 2C:87:C6:AC:E4:98:C5:07:FF:77:8C:26:D5:98:98:AD:86:59:CF:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F4EA533C140244496A7747EDDBD885E351A34A6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Fri 11 Jul 2025 20:50:49 +0000
ROA not before: Fri 11 Jul 2025 20:50:49 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:4e:a5:33:c1:40:24:44:96:a7:74:7e:dd:bd:88:5e:35:1a:34:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:49 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a8bbaed5615a74fb3f69d243035fbd90583a42e426f4806b8c780e8202a25c3b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6e:94:c6:cd:e6:f7:a6:18:35:47:0d:b4:82:
42:27:8c:ad:0c:d6:97:7b:fa:14:d7:d0:83:98:78:
1a:24:e6:35:94:2f:45:86:2e:6c:fb:f4:4a:66:3f:
ba:90:8c:d9:84:e1:74:2c:0f:f9:88:c9:e6:e6:44:
ab:82:4b:dc:7d:48:41:30:55:d3:f3:9c:66:43:97:
04:87:26:8d:0a:11:ab:ae:8f:f5:18:8a:a6:53:79:
93:4b:4b:c9:5e:93:5b:6c:da:7f:66:33:3b:b8:f3:
c8:0c:25:0e:f4:43:03:eb:a7:fc:d5:bb:e6:df:ba:
ca:80:db:73:9b:bd:53:a7:d4:72:f8:58:68:0d:96:
a4:c3:a0:e6:ca:df:42:af:92:fd:03:4e:a5:aa:a6:
02:45:5a:98:29:1d:b3:2c:76:cf:56:a6:c0:61:01:
02:7c:07:0d:ed:f3:97:cd:6d:33:0e:cd:66:f5:e3:
05:2f:95:a8:99:64:9d:8f:ad:7e:5f:1d:53:e3:cc:
6f:ef:72:02:7f:b9:1c:21:9f:b1:17:3c:14:8e:e7:
b3:28:23:94:28:88:84:ed:27:ca:7c:a4:a6:c4:5a:
14:75:1b:93:c0:26:86:a7:79:91:21:23:bf:a4:c6:
ca:41:a9:97:93:de:ee:74:29:5e:69:01:13:de:49:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:87:C6:AC:E4:98:C5:07:FF:77:8C:26:D5:98:98:AD:86:59:CF:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:ec:bd:29:c0:d6:9b:f5:91:f9:71:db:6b:d3:a8:9f:31:23:
4b:b0:94:f0:73:03:62:33:22:90:80:60:f5:09:79:74:28:1a:
e1:d6:18:47:e1:6d:d7:bd:8b:b4:dc:fc:63:b4:3f:38:f0:b2:
31:39:48:48:17:f8:07:77:7b:3f:ce:6e:dc:e8:ea:3e:fe:3c:
60:18:0e:c3:d5:07:ee:f7:f6:cd:8a:3c:f4:0b:5e:9a:b3:22:
65:8f:ae:56:fa:aa:bc:b8:d3:4f:fb:a8:0b:ae:6d:c0:9b:4f:
d4:0a:a0:1c:d2:9a:48:a7:3c:15:8f:d7:01:15:2a:26:c0:e6:
e2:28:7d:ce:78:23:e6:db:b8:71:56:88:fb:ec:62:9e:dd:39:
15:0e:be:39:b2:4b:dd:43:e3:76:ef:18:34:f2:1b:56:78:20:
44:b8:96:22:19:cc:6f:f1:ee:f2:8b:b3:de:34:f7:5d:63:a3:
49:4a:ee:32:19:16:78:68:7c:d8:7f:cf:f9:9a:40:f2:14:0f:
4e:cb:20:97:e5:4a:94:a6:d7:1a:30:23:81:f7:95:fc:1a:9d:
ed:59:cd:24:78:de:31:07:65:85:1c:62:aa:f0:c8:ea:26:25:
e2:50:6b:c0:5e:d9:5a:95:4f:7c:ba:26:df:91:56:5a:2b:b4:
44:a1:76:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUH06lM8FAJESWp3R+3b2IXjUaNKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNDlaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4YmJhZWQ1NjE1YTc0ZmIzZjY5ZDI0MzAzNWZiZDkwNTgzYTQyZTQyNmY0
ODA2YjhjNzgwZTgyMDJhMjVjM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMhulMbN5vemGDVHDbSCQieMrQzWl3v6FNfQg5h4GiTmNZQvRYYubPv0SmY/
upCM2YThdCwP+YjJ5uZEq4JL3H1IQTBV0/OcZkOXBIcmjQoRq66P9RiKplN5k0tL
yV6TW2zaf2YzO7jzyAwlDvRDA+un/NW75t+6yoDbc5u9U6fUcvhYaA2WpMOg5srf
Qq+S/QNOpaqmAkVamCkdsyx2z1amwGEBAnwHDe3zl81tMw7NZvXjBS+VqJlknY+t
fl8dU+PMb+9yAn+5HCGfsRc8FI7nsygjlCiIhO0nynykpsRaFHUbk8Amhqd5kSEj
v6TGykGpl5Pe7nQpXmkBE95Jw3cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQsh8as
5JjFB/93jCbVmJithlnPTjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQAu7L0pwNab9ZH5cdtr06ifMSNLsJTwcwNiMyKQgGD1
CXl0KBrh1hhH4W3XvYu03PxjtD848LIxOUhIF/gHd3s/zm7c6Oo+/jxgGA7D1Qfu
9/bNijz0C16asyJlj65W+qq8uNNP+6gLrm3Am0/UCqAc0ppIpzwVj9cBFSomwObi
KH3OeCPm27hxVoj77GKe3TkVDr45skvdQ+N27xg08htWeCBEuJYiGcxv8e7yi7Pe
NPddY6NJSu4yGRZ4aHzYf8/5mkDyFA9OyyCX5UqUptcaMCOB95X8Gp3tWc0keN4x
B2WFHGKq8MjqJiXiUGvAXtlalU98uibfkVZaK7REoXZv
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:39 2025 by rpki-client