Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: 3qfm1d4hIOaNUV9JLlcbF22aLdr3raUTM0PSFMzO/xY=
Subject key identifier: 8B:32:51:27:FD:EE:1A:6D:DC:90:68:31:9E:A4:C3:61:34:29:BC:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D7FE95E505BB8B1259C4157CB335C94F2FA230B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Fri 11 Jul 2025 20:50:55 +0000
ROA not before: Fri 11 Jul 2025 20:50:55 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:7f:e9:5e:50:5b:b8:b1:25:9c:41:57:cb:33:5c:94:f2:fa:23:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:55 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=693e9b37ebe8e7212441b891d8db49167577baa28f2c532b235948af0121adec, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:37:1c:a1:58:f0:a7:67:9c:cc:39:e2:22:
f2:b5:be:07:48:ac:a6:bf:d8:6e:6c:44:bf:d7:c0:
ab:29:c5:74:66:ac:57:e4:88:79:58:fd:d9:bf:97:
17:0d:2c:db:1b:b6:83:81:05:b3:86:f6:f9:c7:3f:
1a:91:11:71:a1:9b:2d:64:27:25:0a:32:23:69:d3:
55:bb:cc:8e:a6:7f:21:3b:51:88:8c:92:f8:26:04:
cb:30:56:41:ce:98:ab:b7:f9:be:c7:11:ca:7f:35:
0b:65:50:63:b1:50:63:d2:a3:14:24:f5:57:39:28:
f2:ee:e6:ad:17:e3:cc:67:b7:74:d3:08:bd:b6:71:
84:6b:c9:d0:f1:2e:77:35:ee:81:41:27:ee:97:10:
b5:de:3e:24:5b:ed:58:bf:63:6c:63:18:d3:7a:00:
dd:3e:56:79:79:7a:b3:25:37:98:e6:bb:87:4e:4d:
62:9d:62:9e:85:2c:86:8c:1c:0c:e6:f3:e3:e8:ba:
93:ea:cb:49:00:c1:96:2d:42:ca:df:cb:c8:8c:00:
91:c8:74:04:be:e6:8e:c1:88:65:be:2b:1e:62:57:
97:55:04:f9:92:c6:c5:05:3a:52:23:3a:90:f8:50:
16:af:53:15:ea:14:a4:ad:33:96:83:aa:19:88:05:
97:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:32:51:27:FD:EE:1A:6D:DC:90:68:31:9E:A4:C3:61:34:29:BC:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
01:05:e9:f0:50:82:96:07:ee:64:9b:ef:77:c9:ad:7e:21:17:
bd:fd:e5:4c:8b:f2:a0:0b:db:d5:fc:50:79:66:c7:bc:6e:1d:
cb:5c:76:17:7e:92:43:ac:a9:5b:e3:0e:ce:03:27:44:c7:f2:
bb:22:cb:0b:e8:dd:9f:69:35:1b:fd:7f:a5:24:7c:04:5c:38:
d7:56:c7:cc:2a:00:fd:12:88:a0:32:5c:a8:42:ea:bf:c5:f0:
d3:ac:74:44:44:b3:c2:9c:27:a4:1b:7b:41:ad:50:b5:c7:73:
6f:a0:97:25:51:bb:de:14:ac:e1:5c:10:a4:ca:0b:bf:4f:d7:
f5:80:c2:37:76:be:35:e8:84:8d:de:cd:aa:33:c8:3b:7b:73:
e6:91:9d:48:7c:cd:31:e8:ca:75:c9:0d:53:d4:1a:29:9e:46:
14:34:13:d1:5d:96:51:39:74:cb:a3:d1:12:80:9e:99:d7:94:
43:c6:43:31:5f:de:0f:42:f3:89:0e:05:67:0b:1f:ec:4b:28:
67:31:2b:15:59:db:0a:73:16:25:74:db:77:11:3c:ab:e5:e9:
dd:a6:d0:f1:e7:23:d4:b1:8c:2b:c1:ac:bb:df:d7:e4:64:c4:
1f:e7:0f:3f:64:e4:e2:d0:c2:04:79:ab:9e:4b:08:12:8a:4d:
d7:f5:37:39
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXX/pXlBbuLElnEFXyzNclPL6IwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTVaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY5M2U5YjM3ZWJlOGU3MjEyNDQxYjg5MWQ4ZGI0OTE2NzU3N2JhYTI4ZjJj
NTMyYjIzNTk0OGFmMDEyMWFkZWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiyNxyhWPCnZ5zMOeIi8rW+B0ispr/YbmxEv9fAqynFdGasV+SIeVj92b+X
Fw0s2xu2g4EFs4b2+cc/GpERcaGbLWQnJQoyI2nTVbvMjqZ/ITtRiIyS+CYEyzBW
Qc6Yq7f5vscRyn81C2VQY7FQY9KjFCT1Vzko8u7mrRfjzGe3dNMIvbZxhGvJ0PEu
dzXugUEn7pcQtd4+JFvtWL9jbGMY03oA3T5WeXl6syU3mOa7h05NYp1inoUshowc
DObz4+i6k+rLSQDBli1Cyt/LyIwAkch0BL7mjsGIZb4rHmJXl1UE+ZLGxQU6UiM6
kPhQFq9TFeoUpK0zloOqGYgFl6cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSLMlEn
/e4abdyQaDGepMNhNCm8DTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAAQXp8FCClgfuZJvvd8mtfiEXvf3lTIvyoAvb1fxQ
eWbHvG4dy1x2F36SQ6ypW+MOzgMnRMfyuyLLC+jdn2k1G/1/pSR8BFw411bHzCoA
/RKIoDJcqELqv8Xw06x0RESzwpwnpBt7Qa1Qtcdzb6CXJVG73hSs4VwQpMoLv0/X
9YDCN3a+NeiEjd7NqjPIO3tz5pGdSHzNMejKdckNU9QaKZ5GFDQT0V2WUTl0y6PR
EoCemdeUQ8ZDMV/eD0LziQ4FZwsf7EsoZzErFVnbCnMWJXTbdxE8q+Xp3abQ8ecj
1LGMK8Gsu9/X5GTEH+cPP2Tk4tDCBHmrnksIEopN1/U3OQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:47:36 2025 by rpki-client