Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: SxJrO+bNH4fO1loQv9R5gNTPR9WDFecb5aKrEJacvnM=
Subject key identifier: 35:2B:74:9E:38:67:B4:63:E6:3C:85:2F:A0:9F:63:6F:D9:17:C7:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4984A1CFFFD778B5D386BDAE7016E541D75FD919
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Fri 11 Jul 2025 20:50:56 +0000
ROA not before: Fri 11 Jul 2025 20:50:56 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:84:a1:cf:ff:d7:78:b5:d3:86:bd:ae:70:16:e5:41:d7:5f:d9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:56 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=0a42590e018bfde328a3b3f7e8b191da559f52819441b2067c3a8bd48866ee1f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:43:04:d8:d9:8f:a0:50:5a:81:08:69:9e:b8:
0f:4e:55:82:c4:b7:ea:23:0d:ba:31:e4:41:e5:cb:
45:9f:c9:68:7f:78:5a:c4:49:90:5a:90:df:21:c2:
b1:6b:a5:b0:d5:b3:ae:fc:1c:9c:b4:03:20:cb:c2:
2e:db:fc:34:11:71:63:4f:8b:38:10:8f:fc:9f:51:
12:a2:80:5a:1d:ba:40:a3:13:68:11:bd:d8:2f:ea:
8a:f7:70:4a:75:49:43:e3:e7:13:9b:83:02:98:95:
02:df:97:57:d3:b8:45:ae:6f:a3:95:80:4a:b8:95:
44:36:6b:6d:4b:70:c5:f5:01:39:ad:f4:85:bb:fe:
8f:ae:56:e7:ca:1f:f3:a6:f4:f8:67:2a:66:1d:a0:
6b:ba:a4:bc:38:71:ff:5d:02:ca:0e:3c:fc:bc:c8:
82:ce:71:76:e9:30:15:72:00:61:60:c3:18:52:3f:
42:06:94:5f:28:55:f6:02:d9:ff:b1:af:41:11:85:
67:8d:1f:76:4d:29:69:28:29:a2:c2:1e:d5:07:65:
48:ee:89:97:81:6d:f0:f3:86:b4:e9:e0:8c:e1:a8:
59:a4:36:6b:60:a3:3e:67:09:f0:72:d1:8d:ce:9d:
9c:e6:ce:99:80:e4:c2:a6:50:86:d6:d3:19:f9:6c:
00:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:2B:74:9E:38:67:B4:63:E6:3C:85:2F:A0:9F:63:6F:D9:17:C7:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:c8:e5:40:1f:d4:3b:4a:28:18:17:ba:47:fe:29:b0:c2:2e:
ba:45:00:df:aa:5b:17:cc:b6:d3:38:88:3a:92:f4:b2:2c:6b:
29:a7:7b:6d:63:42:16:81:d6:d0:81:63:85:f6:70:da:f8:05:
34:1e:7d:1e:be:a2:54:3d:b6:72:53:35:16:45:3d:27:85:f2:
bc:49:22:d7:d0:7e:22:b7:31:fb:ba:6f:0d:b2:d0:1c:b3:7b:
1c:dc:6f:7a:0e:37:72:8e:11:a8:45:c0:0c:0a:b5:42:5e:19:
6c:bd:fa:d0:61:61:c8:23:25:be:7a:af:7a:0a:3b:8e:d9:00:
38:44:95:3e:b0:bc:ca:06:2b:fe:3e:11:47:57:76:46:ee:cf:
24:15:a5:c6:27:1f:40:cf:56:72:47:f4:1b:a1:fb:f7:b9:47:
70:dc:a0:08:3d:f0:d3:16:d1:59:7b:6b:df:88:b4:01:3e:65:
a9:0d:d0:6e:01:12:39:b8:c7:55:79:ff:c0:2a:88:4c:e1:d7:
0c:21:06:2b:63:82:9a:8f:16:f8:2f:87:8c:24:4d:5e:e6:72:
cc:4f:44:a7:98:81:3e:f8:1d:d7:e3:72:8a:7c:f3:4d:f9:b0:
3e:e3:dd:65:72:cd:90:db:a2:57:f1:6a:78:aa:38:7a:ae:cb:
5a:15:ab:d7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSYShz//XeLXThr2ucBblQddf2RkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhNDI1OTBlMDE4YmZkZTMyOGEzYjNmN2U4YjE5MWRhNTU5ZjUyODE5NDQx
YjIwNjdjM2E4YmQ0ODg2NmVlMWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBDBNjZj6BQWoEIaZ64D05VgsS36iMNujHkQeXLRZ/JaH94WsRJkFqQ3yHC
sWulsNWzrvwcnLQDIMvCLtv8NBFxY0+LOBCP/J9REqKAWh26QKMTaBG92C/qivdw
SnVJQ+PnE5uDApiVAt+XV9O4Ra5vo5WASriVRDZrbUtwxfUBOa30hbv+j65W58of
86b0+GcqZh2ga7qkvDhx/10Cyg48/LzIgs5xdukwFXIAYWDDGFI/QgaUXyhV9gLZ
/7GvQRGFZ40fdk0paSgposIe1QdlSO6Jl4Ft8POGtOngjOGoWaQ2a2CjPmcJ8HLR
jc6dnObOmYDkwqZQhtbTGflsADcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1K3Se
OGe0Y+Y8hS+gn2Nv2RfHszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEALsjlQB/UO0ooGBe6R/4psMIuukUA36pbF8y20ziI
OpL0sixrKad7bWNCFoHW0IFjhfZw2vgFNB59Hr6iVD22clM1FkU9J4XyvEki19B+
Ircx+7pvDbLQHLN7HNxveg43co4RqEXADAq1Ql4ZbL360GFhyCMlvnqvego7jtkA
OESVPrC8ygYr/j4RR1d2Ru7PJBWlxicfQM9Wckf0G6H797lHcNygCD3w0xbRWXtr
34i0AT5lqQ3QbgESObjHVXn/wCqITOHXDCEGK2OCmo8W+C+HjCRNXuZyzE9Ep5iB
Pvgd1+NyinzzTfmwPuPdZXLNkNuiV/FqeKo4eq7LWhWr1w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:29:09 2025 by rpki-client