Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: TlLZ9PuussuajwE0TSljzJ71/WN3Kt8AQzED+7Ot0Zs=
Subject key identifier: FC:18:B0:34:15:FD:59:6E:F5:14:84:4F:55:48:50:CF:18:09:E3:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5603557E6F550110B40F8A93C45472C79E4EBEF2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Mon 21 Jul 2025 17:00:42 +0000
ROA not before: Mon 21 Jul 2025 17:00:42 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:03:55:7e:6f:55:01:10:b4:0f:8a:93:c4:54:72:c7:9e:4e:be:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:42 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=2f1bdca544984da2074f78d4cf206185c024b77d4440bf59cebe22c7aac2e2fe, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bd:f0:43:ed:bf:7c:cd:a6:cd:2b:37:69:ba:
6c:54:15:f5:36:02:f8:fa:d6:d9:9f:b9:69:b2:a7:
71:9c:21:b4:34:f6:26:ba:18:fb:d3:d2:f3:8d:68:
9d:77:68:8f:12:bd:26:82:67:7f:3c:6e:d8:95:14:
56:19:22:21:02:d6:ee:86:44:fd:a0:92:9d:cf:20:
63:e5:1f:83:f5:34:ed:47:cd:9b:09:bc:12:f2:bf:
5f:cd:9d:8f:d2:1c:df:7c:a4:cb:3e:05:e2:69:44:
2a:e5:13:82:1e:b1:c3:88:52:ec:92:da:dc:88:2f:
d6:0e:8d:03:23:20:7c:1e:00:40:0b:66:a8:1b:0c:
ca:cd:37:d6:80:dd:7c:88:54:25:ee:63:85:86:95:
64:80:03:72:05:7c:43:6d:a9:52:f9:a7:d3:27:bf:
b9:b4:d2:f3:f3:f9:1a:f8:88:ba:b1:dc:60:81:2b:
91:59:76:e6:ff:a0:46:fb:3f:30:dd:69:46:69:da:
89:c0:b4:18:5d:40:45:f1:4e:1b:1c:f6:30:b5:fc:
76:99:a4:de:ee:56:74:44:3d:fe:f4:66:c0:e5:10:
c1:3c:fa:ea:ea:7b:b3:29:4c:85:04:35:94:30:64:
8a:c0:0e:82:a6:5f:45:d9:57:ee:e7:09:ef:af:09:
30:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:18:B0:34:15:FD:59:6E:F5:14:84:4F:55:48:50:CF:18:09:E3:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:63:43:84:ae:4d:68:bf:d9:8d:85:64:09:f4:bc:44:9a:af:
c5:db:1e:09:35:c2:43:07:cc:20:0c:8b:c8:72:b3:4e:01:ee:
3c:67:69:e6:9a:3d:74:fd:86:e2:22:65:42:c6:ea:cf:6c:e1:
26:db:b0:b8:b0:d8:15:04:e1:6a:4e:98:65:70:69:a5:7a:76:
a5:fd:f3:ef:be:35:0c:9b:ba:3e:6f:74:62:d4:a3:09:0f:6e:
39:7d:5d:03:45:8f:eb:d0:bb:fe:d3:f3:17:4e:73:8e:c4:a9:
dd:0b:8c:88:f3:e3:88:f6:c8:a1:14:64:ca:3e:c8:6c:cb:51:
9d:33:53:4d:b3:88:6c:1e:5e:69:99:04:2a:20:81:5c:b4:bd:
d9:b7:71:ae:8e:85:1d:b7:a3:0d:7a:e6:d3:82:9b:c8:73:16:
ba:2e:61:ce:74:aa:bf:f1:ea:63:24:8e:a2:2c:43:f1:77:de:
19:a1:ec:b0:e0:6e:90:e0:94:86:b7:87:bf:fd:e3:40:31:91:
85:ef:00:48:9f:c7:72:9b:74:e1:f1:c4:a3:ff:12:b5:ec:30:
97:a3:29:07:b7:d6:7f:d6:e8:75:2d:c4:16:cc:4f:d2:e4:8e:
6d:3b:de:2b:87:45:c7:04:95:aa:cb:e5:d6:2b:33:7d:50:44:
ac:5a:5a:34
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVgNVfm9VARC0D4qTxFRyx55OvvIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwNDJaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmMWJkY2E1NDQ5ODRkYTIwNzRmNzhkNGNmMjA2MTg1YzAyNGI3N2Q0NDQw
YmY1OWNlYmUyMmM3YWFjMmUyZmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALu98EPtv3zNps0rN2m6bFQV9TYC+PrW2Z+5abKncZwhtDT2JroY+9PS841o
nXdojxK9JoJnfzxu2JUUVhkiIQLW7oZE/aCSnc8gY+Ufg/U07UfNmwm8EvK/X82d
j9Ic33ykyz4F4mlEKuUTgh6xw4hS7JLa3Igv1g6NAyMgfB4AQAtmqBsMys031oDd
fIhUJe5jhYaVZIADcgV8Q22pUvmn0ye/ubTS8/P5GviIurHcYIErkVl25v+gRvs/
MN1pRmnaicC0GF1ARfFOGxz2MLX8dpmk3u5WdEQ9/vRmwOUQwTz66up7sylMhQQ1
lDBkisAOgqZfRdlX7ucJ768JMEkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8GLA0
Ff1ZbvUUhE9VSFDPGAnj5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQCQY0OErk1ov9mNhWQJ9LxEmq/F2x4JNcJDB8wgDIvI
crNOAe48Z2nmmj10/YbiImVCxurPbOEm27C4sNgVBOFqTphlcGmlenal/fPvvjUM
m7o+b3Ri1KMJD245fV0DRY/r0Lv+0/MXTnOOxKndC4yI8+OI9sihFGTKPshsy1Gd
M1NNs4hsHl5pmQQqIIFctL3Zt3GujoUdt6MNeubTgpvIcxa6LmHOdKq/8epjJI6i
LEPxd94Zoeyw4G6Q4JSGt4e//eNAMZGF7wBIn8dym3Th8cSj/xK17DCXoykHt9Z/
1uh1LcQWzE/S5I5tO94rh0XHBJWqy+XWKzN9UESsWlo0
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:36:49 2025 by rpki-client