Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: EqP+BSi2aly+NoMCI+eBwmY/rMGMESqClBPpkmAn8rI=
Subject key identifier: 2C:37:7B:AC:8C:A9:46:93:D5:A3:A5:7F:8D:DD:FD:72:BE:E5:EB:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EDB4372282EEA32E3812EDD501F4BD773FBD14A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Mon 21 Jul 2025 17:00:43 +0000
ROA not before: Mon 21 Jul 2025 17:00:43 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:db:43:72:28:2e:ea:32:e3:81:2e:dd:50:1f:4b:d7:73:fb:d1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:43 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=3cbae290b86beb140ec15b8fad27ff951ed8ab34089253c54fe045523f2e51cd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e0:df:fa:5d:bf:ff:95:b7:89:e1:8d:2f:4c:
c7:ae:52:6b:fe:cb:49:c0:fc:bd:4d:e9:e5:50:f7:
4f:b0:a9:68:c1:8f:09:85:71:44:80:d7:d9:26:fd:
29:92:ce:44:b8:10:f3:dc:43:e0:2e:10:a0:ff:ea:
a3:77:74:3b:5d:8a:65:3b:0f:09:9d:0a:e4:b7:42:
f0:7b:45:b3:ed:f5:64:23:79:03:85:8e:34:45:22:
82:16:f3:15:f5:06:8e:49:d2:4a:e0:99:0c:98:d9:
2d:4b:b2:98:b2:ba:5d:d9:81:b1:14:44:c3:4b:2f:
40:2a:45:99:45:bb:4c:27:01:1b:d4:a9:8c:5e:97:
2c:13:09:ed:89:6a:29:8c:ab:cb:13:e1:10:02:11:
a8:7d:f3:0c:d6:ef:1e:25:3c:eb:bf:14:24:41:12:
95:09:10:13:17:c0:f7:ef:bc:45:9d:f0:fc:6d:fb:
78:f8:71:6c:5e:f5:0e:c3:24:43:1d:a1:ee:6d:52:
1a:ee:32:75:51:e5:55:27:ee:c4:d6:ec:74:a4:6c:
e5:85:52:a7:08:bb:b0:28:3f:bf:90:d8:a5:d9:4c:
93:38:2f:d7:39:73:1c:42:79:ed:6c:5c:d0:66:cb:
d1:78:46:85:a9:70:fd:ec:16:13:59:0f:aa:f2:24:
1a:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:37:7B:AC:8C:A9:46:93:D5:A3:A5:7F:8D:DD:FD:72:BE:E5:EB:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
9a:37:f5:b8:d7:20:01:af:a9:f8:6c:4d:6e:93:2b:c1:fb:d2:
dc:7b:bb:0b:ef:71:70:91:74:53:c9:82:47:ce:41:60:b2:07:
5d:b7:88:69:f9:cc:24:20:c4:23:1a:f8:ba:a6:bb:3d:ae:b8:
31:ea:cd:56:8b:31:d9:5a:6c:76:f3:86:ff:c2:a6:de:16:ed:
1e:4a:6d:fe:75:76:c3:63:a8:9a:1a:3d:ff:14:a8:6c:32:b6:
2e:93:e9:9d:b4:d2:64:6b:60:23:66:02:90:f6:00:f0:8b:7e:
6e:0a:48:c0:15:b5:7f:17:7e:b9:47:23:9c:fa:66:29:1d:7b:
cb:43:fb:8b:55:86:c8:7c:4b:dd:27:2c:7c:93:2c:97:0b:64:
88:62:1e:a2:a6:ec:2e:f6:fa:e4:63:7e:f1:d8:20:99:c9:c9:
0b:fe:64:c3:0b:e8:2f:57:db:64:36:15:58:9c:3f:48:17:f8:
f7:b4:7a:17:eb:df:a4:34:ec:98:ba:38:54:2c:e2:93:c3:43:
61:ae:57:89:11:38:74:11:50:87:f3:3d:09:b5:d7:5e:58:4c:
c8:5f:03:4b:eb:b9:5a:f0:d0:f9:db:cb:a1:a1:de:5b:fd:6a:
21:77:52:91:3d:a2:55:a2:f7:3e:e6:62:94:b1:a5:9c:bc:9c:
2f:4d:4b:eb
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUTttDcigu6jLjgS7dUB9L13P70UowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDNaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjYmFlMjkwYjg2YmViMTQwZWMxNWI4ZmFkMjdmZjk1MWVkOGFiMzQwODky
NTNjNTRmZTA0NTUyM2YyZTUxY2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvg3/pdv/+Vt4nhjS9Mx65Sa/7LScD8vU3p5VD3T7CpaMGPCYVxRIDX2Sb9
KZLORLgQ89xD4C4QoP/qo3d0O12KZTsPCZ0K5LdC8HtFs+31ZCN5A4WONEUighbz
FfUGjknSSuCZDJjZLUuymLK6XdmBsRREw0svQCpFmUW7TCcBG9SpjF6XLBMJ7Ylq
KYyryxPhEAIRqH3zDNbvHiU8678UJEESlQkQExfA9++8RZ3w/G37ePhxbF71DsMk
Qx2h7m1SGu4ydVHlVSfuxNbsdKRs5YVSpwi7sCg/v5DYpdlMkzgv1zlzHEJ57Wxc
0GbL0XhGhalw/ewWE1kPqvIkGrsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQsN3us
jKlGk9WjpX+N3f1yvuXrlzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAmjf1uNcgAa+p+GxNbpMrwfvS3Hu7C+9xcJF0
U8mCR85BYLIHXbeIafnMJCDEIxr4uqa7Pa64MerNVosx2VpsdvOG/8Km3hbtHkpt
/nV2w2Oomho9/xSobDK2LpPpnbTSZGtgI2YCkPYA8It+bgpIwBW1fxd+uUcjnPpm
KR17y0P7i1WGyHxL3ScsfJMslwtkiGIeoqbsLvb65GN+8dggmcnJC/5kwwvoL1fb
ZDYVWJw/SBf497R6F+vfpDTsmLo4VCzik8NDYa5XiRE4dBFQh/M9CbXXXlhMyF8D
S+u5WvDQ+dvLoaHeW/1qIXdSkT2iVaL3PuZilLGlnLycL01L6w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:41:29 2025 by rpki-client