Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: 9EuGJJ4zFLLrcXxBAiUgHBl3oekZd0DpRpB4d6FU3d8=
Subject key identifier: AB:35:0F:09:1D:3F:4B:0B:8D:B0:83:9F:D7:81:9F:BA:54:FE:88:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C1F5E107B27EF8043E755048A0BE47005F42FB8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Fri 11 Jul 2025 21:00:46 +0000
ROA not before: Fri 11 Jul 2025 21:00:46 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:1f:5e:10:7b:27:ef:80:43:e7:55:04:8a:0b:e4:70:05:f4:2f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:46 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=deda7712479e75a9789f04bd3c8635029da6fe6716752a97bbb090426b2ba85a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:52:e2:88:fa:3a:fb:78:79:16:9d:e4:cb:b1:
1f:df:b7:85:9c:f2:f7:f6:65:89:fa:96:61:ef:37:
36:a0:38:ac:2f:25:e8:47:de:f6:42:8f:45:02:fd:
84:e0:54:9f:37:15:9b:66:b4:b1:9e:3b:c5:35:b6:
0b:d1:9d:8c:09:26:52:4f:01:6f:72:cc:45:65:31:
fe:06:b7:19:bf:00:c6:0e:76:ec:9a:2c:f0:ac:32:
fb:d4:f8:44:ee:fa:a3:df:a5:d7:53:40:0e:2d:fc:
30:a4:0b:df:fa:41:be:77:1d:f3:bd:f1:69:b1:9c:
d3:5a:b1:2a:69:0b:e2:f6:4b:fc:c8:bc:96:58:33:
fd:e8:5e:be:60:33:20:ca:56:38:d1:29:ba:39:e9:
8e:f1:8a:3e:40:c8:fe:76:12:33:29:f8:70:0d:f7:
9b:27:a4:ff:87:2a:8b:f5:b0:6c:48:d0:4b:3c:d5:
32:cd:e7:27:71:44:28:83:6f:cf:79:86:b1:4b:b0:
17:24:fe:54:7d:83:93:2d:c1:80:d6:8e:5c:22:a9:
9c:c0:26:3a:f0:3a:fa:3f:90:93:80:70:9a:53:e8:
48:24:3b:8f:e5:29:16:c5:52:58:64:8a:24:8d:45:
37:2e:6d:11:98:d2:74:a9:c8:fe:eb:22:17:e1:5f:
85:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:35:0F:09:1D:3F:4B:0B:8D:B0:83:9F:D7:81:9F:BA:54:FE:88:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
41:86:7f:5c:83:1f:85:93:81:85:cd:69:da:44:6f:d1:8a:3c:
75:66:44:2e:92:a2:81:81:a4:a9:32:ba:8a:f2:e5:18:2f:a3:
e3:13:bd:b8:d0:72:d3:8a:23:99:ad:a1:e0:35:b0:27:4a:d5:
23:3d:b1:fe:04:c8:d4:7e:71:83:70:51:bd:78:55:89:4e:7f:
97:0f:db:b6:1c:5b:0b:28:18:cc:cd:dd:95:2c:94:b9:53:81:
0b:24:84:1e:71:df:45:d5:1c:a0:46:99:56:ea:a4:60:f0:a2:
9d:0e:54:69:ef:4c:cf:ec:64:c3:1d:ce:a2:61:69:9f:ab:36:
28:71:62:14:0f:ba:df:46:d3:71:b1:55:41:6f:6d:92:4b:d6:
52:af:a2:cd:7e:70:80:87:20:82:36:b6:1a:d1:87:4f:0a:62:
7f:6e:6e:9b:df:c5:57:e5:45:c6:07:a1:e2:cb:1b:da:3a:cc:
44:53:98:53:d8:8d:79:93:c4:30:be:f6:39:61:c7:8f:0c:42:
c6:ff:de:b6:02:43:83:e4:55:0e:71:01:10:62:1b:46:83:79:
15:bc:3e:e7:a1:e2:3b:c7:f7:a5:cf:94:a4:e2:ea:3e:78:27:
6d:0d:f1:83:ae:47:e2:c2:aa:06:0d:fe:ed:0f:6b:d4:33:9a:
be:dd:63:83
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXB9eEHsn74BD51UEigvkcAX0L7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNDZaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlZGE3NzEyNDc5ZTc1YTk3ODlmMDRiZDNjODYzNTAyOWRhNmZlNjcxNjc1
MmE5N2JiYjA5MDQyNmIyYmE4NWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANxS4oj6Ovt4eRad5MuxH9+3hZzy9/ZlifqWYe83NqA4rC8l6Efe9kKPRQL9
hOBUnzcVm2a0sZ47xTW2C9GdjAkmUk8Bb3LMRWUx/ga3Gb8Axg527Jos8Kwy+9T4
RO76o9+l11NADi38MKQL3/pBvncd873xabGc01qxKmkL4vZL/Mi8llgz/ehevmAz
IMpWONEpujnpjvGKPkDI/nYSMyn4cA33myek/4cqi/WwbEjQSzzVMs3nJ3FEKINv
z3mGsUuwFyT+VH2Dky3BgNaOXCKpnMAmOvA6+j+Qk4BwmlPoSCQ7j+UpFsVSWGSK
JI1FNy5tEZjSdKnI/usiF+FfhfECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSrNQ8J
HT9LC42wg5/XgZ+6VP6IODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQBBhn9cgx+Fk4GFzWnaRG/Rijx1ZkQukqKBgaSpMrqK
8uUYL6PjE7240HLTiiOZraHgNbAnStUjPbH+BMjUfnGDcFG9eFWJTn+XD9u2HFsL
KBjMzd2VLJS5U4ELJIQecd9F1RygRplW6qRg8KKdDlRp70zP7GTDHc6iYWmfqzYo
cWIUD7rfRtNxsVVBb22SS9ZSr6LNfnCAhyCCNrYa0YdPCmJ/bm6b38VX5UXGB6Hi
yxvaOsxEU5hT2I15k8QwvvY5YcePDELG/962AkOD5FUOcQEQYhtGg3kVvD7noeI7
x/elz5Sk4uo+eCdtDfGDrkfiwqoGDf7tD2vUM5q+3WOD
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:31:28 2025 by rpki-client