Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: 6gH4Qz8F//bZCg/JyNWaBr7ndEw6f/SdN8MCPKEXBgE=
Subject key identifier: A8:90:D8:3A:DC:5E:2D:69:A4:DC:12:6E:F3:1D:D8:2A:32:60:3A:7E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7894EA364F2FE4C0D3438AED6153B792B8AAC08B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Mon 21 Jul 2025 17:00:54 +0000
ROA not before: Mon 21 Jul 2025 17:00:54 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:94:ea:36:4f:2f:e4:c0:d3:43:8a:ed:61:53:b7:92:b8:aa:c0:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:54 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=270be695ad1b85c02f98c9e7caab0d43d124551fb7b8381f8c502ad7b42a9973, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:c0:ab:6a:9d:62:31:95:ec:4a:95:a5:02:
9e:5e:f9:7b:46:8b:9a:96:df:23:c9:49:4a:da:64:
96:b9:6f:51:23:5e:a3:b9:00:16:c8:90:ba:6c:d6:
41:23:17:cb:eb:bd:0d:47:f7:9c:bd:ba:67:ff:29:
e5:b7:bb:27:6c:4f:96:c6:c4:e6:e9:26:fe:4a:2f:
1e:c1:28:9a:95:e0:50:d7:b4:a1:58:25:2d:6b:ab:
fa:da:d9:09:f0:4a:bc:46:f7:7c:c0:4e:31:d3:9b:
88:87:71:30:38:0c:25:14:87:ce:53:fe:e4:91:e7:
a2:ee:2f:f3:bc:d1:8b:10:f5:70:26:7d:c3:58:9d:
b9:f3:58:79:eb:cd:25:63:4f:7c:83:93:a8:32:d1:
2b:24:ab:41:f9:4d:a0:64:53:d1:b4:6b:11:af:0a:
bf:12:30:28:14:ca:33:15:20:ad:1d:01:bc:01:9e:
66:4c:41:c9:01:b2:95:39:bf:6f:75:f4:ea:44:1a:
8b:20:ab:13:63:0d:b2:ff:d4:8e:a3:7b:41:66:ab:
dd:c1:ce:84:d6:15:3c:28:ce:fe:41:15:a7:e2:4f:
4b:d0:6f:71:9d:64:40:91:5d:09:3f:98:30:40:d2:
b1:10:af:1c:e2:eb:2f:c2:d4:4a:9f:4a:a0:bd:1c:
36:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:90:D8:3A:DC:5E:2D:69:A4:DC:12:6E:F3:1D:D8:2A:32:60:3A:7E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c1:22:cb:7c:d5:be:2b:49:e7:66:20:3f:94:29:fb:d9:d8:07:
3b:7f:a5:07:de:7d:7a:3e:80:54:eb:18:78:96:f7:38:08:bb:
f7:f5:84:3b:4d:c8:54:96:b1:9f:7e:55:e4:52:c9:8f:bd:e3:
78:e3:3b:cd:f0:72:35:02:8d:5f:3f:83:e3:67:12:97:89:a2:
bb:09:32:2b:c1:a6:c8:a7:a6:98:7b:e0:47:a6:68:07:74:fc:
64:99:0b:72:f8:88:9a:55:09:36:90:80:e6:08:8b:d7:c4:a2:
82:b8:ee:48:2d:59:c3:6b:e2:64:fb:a2:88:37:c6:7f:76:fa:
4d:24:aa:7e:ee:d4:6e:ca:15:8d:67:37:1e:cd:37:a8:e7:aa:
6c:65:12:7c:a8:32:19:c4:44:fa:7a:46:3b:1e:9a:9a:f5:57:
dc:a4:84:e3:7e:c3:86:0a:1e:34:54:1d:9c:ae:3c:34:c2:85:
55:5a:b0:a3:63:db:dd:5f:61:44:fc:f8:97:cc:6d:88:26:a1:
37:a8:ee:be:c5:38:2a:b1:1a:85:52:15:0d:17:16:44:3f:51:
6f:1a:9b:f1:07:ed:7a:c5:23:f5:e0:8d:d2:75:2e:9f:ca:c4:
19:77:4e:85:47:84:c1:55:4f:df:b5:c6:d7:33:40:ec:3a:71:
7e:92:56:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeJTqNk8v5MDTQ4rtYVO3kriqwIswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNTRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MGJlNjk1YWQxYjg1YzAyZjk4YzllN2NhYWIwZDQzZDEyNDU1MWZiN2I4
MzgxZjhjNTAyYWQ3YjQyYTk5NzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLRwKtqnWIxlexKlaUCnl75e0aLmpbfI8lJStpklrlvUSNeo7kAFsiQumzW
QSMXy+u9DUf3nL26Z/8p5be7J2xPlsbE5ukm/kovHsEompXgUNe0oVglLWur+trZ
CfBKvEb3fMBOMdObiIdxMDgMJRSHzlP+5JHnou4v87zRixD1cCZ9w1idufNYeevN
JWNPfIOTqDLRKySrQflNoGRT0bRrEa8KvxIwKBTKMxUgrR0BvAGeZkxByQGylTm/
b3X06kQaiyCrE2MNsv/UjqN7QWar3cHOhNYVPCjO/kEVp+JPS9BvcZ1kQJFdCT+Y
MEDSsRCvHOLrL8LUSp9KoL0cNoMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSokNg6
3F4taaTcEm7zHdgqMmA6fjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQDBIst81b4rSedmID+UKfvZ2Ac7f6UH3n16PoBU6xh4
lvc4CLv39YQ7TchUlrGfflXkUsmPveN44zvN8HI1Ao1fP4PjZxKXiaK7CTIrwabI
p6aYe+BHpmgHdPxkmQty+IiaVQk2kIDmCIvXxKKCuO5ILVnDa+Jk+6KIN8Z/dvpN
JKp+7tRuyhWNZzcezTeo56psZRJ8qDIZxET6ekY7Hpqa9VfcpITjfsOGCh40VB2c
rjw0woVVWrCjY9vdX2FE/PiXzG2IJqE3qO6+xTgqsRqFUhUNFxZEP1FvGpvxB+16
xSP14I3SdS6fysQZd06FR4TBVU/ftcbXM0DsOnF+klbo
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:40:09 2025 by rpki-client