Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: bnQE+2C9xSnp+YRUBLR7jWz6spAIRzNV1h1o2Q3Mk5c=
Subject key identifier: 06:2D:E8:25:7B:D3:08:09:C2:7C:B3:EA:92:8B:79:2C:8D:A0:6F:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 12BAC6B4B1E6F607395540045A8219E762C73B50
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Fri 11 Jul 2025 20:50:58 +0000
ROA not before: Fri 11 Jul 2025 20:50:58 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:ba:c6:b4:b1:e6:f6:07:39:55:40:04:5a:82:19:e7:62:c7:3b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:58 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7bb4cfb93f372309708f9cffd9a2f376d41ca4b1060e5e8f51b7bfc3c85c62ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:40:82:7d:77:7b:92:0c:bd:98:3b:e0:33:19:
6e:c2:d3:38:54:3f:59:73:5d:c7:b1:68:1d:4a:75:
8c:66:ae:34:55:84:c1:19:ab:b8:2d:45:6a:fe:38:
da:0d:f3:b8:db:1d:61:56:67:f7:98:50:a2:88:5b:
9e:c1:1d:ad:ad:25:6b:56:5f:6c:11:fa:da:a1:60:
30:5c:86:6d:77:cf:ec:0c:5c:a4:35:59:2d:78:a8:
74:9e:ec:c7:c6:6e:39:98:44:35:f4:19:44:cf:ed:
3b:a1:f1:2b:45:5c:da:4d:55:4e:df:77:e6:0b:3d:
5a:75:cc:8a:c9:22:be:ff:f2:c7:c1:00:2b:8e:bf:
9b:4a:7d:56:f9:43:06:1c:1c:42:66:95:25:8d:ce:
43:f8:b7:0d:3c:e1:e3:f9:0e:43:a4:d7:d6:f2:24:
ef:08:db:f0:b0:1d:59:0c:c4:90:08:7d:a7:bd:0b:
05:73:b9:e5:59:cf:d6:31:47:73:21:59:db:5a:5a:
70:0c:a1:98:a2:34:22:30:25:61:aa:30:2c:fb:6c:
de:2b:63:2c:43:d6:a7:81:f1:3f:48:63:00:81:aa:
61:98:92:bc:94:e4:6a:41:30:cf:ff:63:2d:5f:d2:
7b:1d:d4:a0:16:00:75:aa:ad:0d:58:8c:dc:90:3b:
3d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2D:E8:25:7B:D3:08:09:C2:7C:B3:EA:92:8B:79:2C:8D:A0:6F:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:bb:33:f7:2d:9e:dd:20:db:6a:d9:33:9c:a7:c6:38:15:c0:
44:f9:43:86:96:b4:88:4b:74:23:75:cb:d5:ea:c6:dc:79:70:
3c:70:a6:8c:cd:d9:97:bc:9e:f8:67:7c:00:25:65:67:a2:58:
7b:7e:d1:6c:de:ad:e6:fc:36:64:32:8a:01:11:0a:b3:0f:47:
7a:7a:3c:ab:f4:45:30:b3:de:b1:39:10:5f:86:54:19:df:15:
be:34:c0:88:ef:a0:ab:a0:fe:3c:63:43:4d:53:1b:dc:d9:75:
0e:ad:57:3d:8a:f6:ad:84:c4:8b:5c:87:5d:c3:0e:9f:21:41:
b2:fe:e2:7c:2b:ec:76:bd:d7:1e:05:09:4f:9a:94:1d:98:d8:
d3:65:6b:75:1a:25:95:cc:f9:27:a4:fe:6c:f4:6a:5a:fe:e7:
0b:39:2e:d7:b3:25:33:fb:1b:9a:d0:f6:c6:f8:28:d4:86:d9:
ba:7c:e0:d7:34:78:16:60:e3:4f:af:9b:da:ec:76:16:31:02:
b7:35:45:a1:1b:ac:76:8c:be:a7:d6:7b:99:d1:c3:ff:b3:ae:
cf:25:87:32:d9:9a:08:cf:f4:b3:67:33:93:bc:15:1f:ff:64:
e4:28:45:20:31:8d:3a:d0:23:2d:1b:a1:87:bf:55:df:91:74:
90:12:f9:95
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUErrGtLHm9gc5VUAEWoIZ52LHO1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNThaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiYjRjZmI5M2YzNzIzMDk3MDhmOWNmZmQ5YTJmMzc2ZDQxY2E0YjEwNjBl
NWU4ZjUxYjdiZmMzYzg1YzYyYmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNAgn13e5IMvZg74DMZbsLTOFQ/WXNdx7FoHUp1jGauNFWEwRmruC1Fav44
2g3zuNsdYVZn95hQoohbnsEdra0la1ZfbBH62qFgMFyGbXfP7AxcpDVZLXiodJ7s
x8ZuOZhENfQZRM/tO6HxK0Vc2k1VTt935gs9WnXMiskivv/yx8EAK46/m0p9VvlD
BhwcQmaVJY3OQ/i3DTzh4/kOQ6TX1vIk7wjb8LAdWQzEkAh9p70LBXO55VnP1jFH
cyFZ21pacAyhmKI0IjAlYaowLPts3itjLEPWp4HxP0hjAIGqYZiSvJTkakEwz/9j
LV/Sex3UoBYAdaqtDViM3JA7PRECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQGLegl
e9MICcJ8s+qSi3ksjaBvXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAqrsz9y2e3SDbatkznKfGOBXARPlDhpa0iEt0I3XL
1erG3HlwPHCmjM3Zl7ye+Gd8ACVlZ6JYe37RbN6t5vw2ZDKKAREKsw9Heno8q/RF
MLPesTkQX4ZUGd8VvjTAiO+gq6D+PGNDTVMb3Nl1Dq1XPYr2rYTEi1yHXcMOnyFB
sv7ifCvsdr3XHgUJT5qUHZjY02VrdRollcz5J6T+bPRqWv7nCzku17MlM/sbmtD2
xvgo1IbZunzg1zR4FmDjT6+b2ux2FjECtzVFoRusdoy+p9Z7mdHD/7OuzyWHMtma
CM/0s2czk7wVH/9k5ChFIDGNOtAjLRuhh79V35F0kBL5lQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:47:31 2025 by rpki-client