Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: 3FdOf6iOdjSR+0KE71dF5guoRtgF/ua+Vn0hnk3eOXs=
Subject key identifier: A3:00:62:58:20:D4:88:B1:16:8B:40:9C:AC:C4:31:1E:6A:B1:71:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2B16CDF04AF8365A26D45949EEFFA2687C8E9851
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Fri 11 Jul 2025 20:50:46 +0000
ROA not before: Fri 11 Jul 2025 20:50:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:16:cd:f0:4a:f8:36:5a:26:d4:59:49:ee:ff:a2:68:7c:8e:98:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=7eb1aa3b745f835a329bbb87fe8285283ed34ef636170adc758a42604c577b22, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:16:87:ea:db:33:da:e7:fd:44:5e:d8:a0:3a:
06:8c:bd:54:6a:90:f4:3e:95:30:fb:3a:c4:62:70:
f8:5c:ec:92:e6:d8:db:f0:61:69:85:56:93:b7:a7:
7d:8e:6e:d6:09:f1:54:53:c2:22:b4:9b:b3:0a:52:
22:91:cd:98:e4:1c:b3:39:1c:3c:b2:5e:35:93:bd:
88:e3:bb:09:b1:ec:3c:af:f7:3d:b9:80:f5:0a:4d:
78:b2:40:bd:ea:62:44:d7:77:7c:cd:77:3b:a7:8c:
74:72:16:e5:2b:99:47:7c:65:76:b2:51:3e:29:7e:
a5:c9:1f:b1:5d:a2:5a:4a:49:02:49:92:60:8c:5d:
c6:f9:d5:8c:e7:d1:35:42:12:d5:48:cd:da:cb:57:
95:04:6d:bf:57:ba:7f:5f:95:e9:8b:6d:bc:5b:3a:
ed:2f:ff:69:fd:13:da:8a:0d:58:7e:20:87:08:66:
9e:d3:12:52:0a:46:fa:c6:79:24:bf:1a:05:5e:96:
73:43:44:ad:54:4f:9e:d6:4b:79:90:75:11:60:8e:
6f:88:e6:66:5f:2c:30:82:9d:a7:6f:15:84:82:0b:
0e:c8:7d:8a:54:a2:85:ef:d5:5a:68:18:4f:be:a3:
0b:5e:8e:35:dc:42:3c:46:74:a1:16:37:72:70:5e:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:00:62:58:20:D4:88:B1:16:8B:40:9C:AC:C4:31:1E:6A:B1:71:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
88:62:78:25:d3:49:6c:4b:8b:cf:7c:13:be:3a:65:d8:90:0b:
37:65:93:ca:5b:0e:65:a2:5c:7d:91:7b:86:05:6e:df:27:39:
83:cc:b3:ff:b3:92:b8:d3:e9:35:58:ff:81:79:95:ea:aa:88:
66:41:e6:17:ae:bd:fd:48:ff:e1:4e:93:6d:41:d2:7f:cc:48:
27:09:8b:30:e4:cb:c1:24:79:3e:7b:ab:23:6f:cc:6d:f7:48:
d3:07:dc:e4:90:e9:53:2d:29:e2:fd:0c:c0:38:e7:3e:4e:fc:
af:6d:32:39:64:d3:4c:1c:5b:67:bc:03:b2:2f:b1:f2:e7:f8:
c7:8e:ee:77:e6:89:de:5a:94:35:5b:ea:67:66:f8:29:c9:04:
8d:47:ac:5f:35:7a:86:82:b1:32:fc:d3:fe:f0:b1:25:14:7c:
f0:4e:13:6d:94:f8:08:09:1b:19:27:3c:db:1a:d7:85:cd:39:
d4:77:5c:1e:2f:fa:bf:97:9f:67:16:a4:a5:22:c2:49:87:16:
4c:c6:dc:d5:5e:36:4a:22:e5:2d:9a:0d:4f:40:16:82:47:22:
29:da:6c:47:db:65:7c:61:4c:ed:0e:2d:59:33:45:35:d5:ec:
29:f9:d5:b4:a1:5e:6a:48:c4:5e:29:51:c4:32:8a:1c:e8:8e:
78:dd:8f:5b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKxbN8Er4Nlom1FlJ7v+iaHyOmFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlYjFhYTNiNzQ1ZjgzNWEzMjliYmI4N2ZlODI4NTI4M2VkMzRlZjYzNjE3
MGFkYzc1OGE0MjYwNGM1NzdiMjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPMWh+rbM9rn/URe2KA6Boy9VGqQ9D6VMPs6xGJw+FzskubY2/BhaYVWk7en
fY5u1gnxVFPCIrSbswpSIpHNmOQcszkcPLJeNZO9iOO7CbHsPK/3PbmA9QpNeLJA
vepiRNd3fM13O6eMdHIW5SuZR3xldrJRPil+pckfsV2iWkpJAkmSYIxdxvnVjOfR
NUIS1UjN2stXlQRtv1e6f1+V6YttvFs67S//af0T2ooNWH4ghwhmntMSUgpG+sZ5
JL8aBV6Wc0NErVRPntZLeZB1EWCOb4jmZl8sMIKdp28VhIILDsh9ilSihe/VWmgY
T76jC16ONdxCPEZ0oRY3cnBe960CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSjAGJY
INSIsRaLQJysxDEearFxTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAiGJ4JdNJbEuLz3wTvjpl2JALN2WTylsOZaJcfZF7
hgVu3yc5g8yz/7OSuNPpNVj/gXmV6qqIZkHmF669/Uj/4U6TbUHSf8xIJwmLMOTL
wSR5PnurI2/MbfdI0wfc5JDpUy0p4v0MwDjnPk78r20yOWTTTBxbZ7wDsi+x8uf4
x47ud+aJ3lqUNVvqZ2b4KckEjUesXzV6hoKxMvzT/vCxJRR88E4TbZT4CAkbGSc8
2xrXhc051HdcHi/6v5efZxakpSLCSYcWTMbc1V42SiLlLZoNT0AWgkciKdpsR9tl
fGFM7Q4tWTNFNdXsKfnVtKFeakjEXilRxDKKHOiOeN2PWw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:48:57 2025 by rpki-client