Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
File: fc353215-935f-47d2-9298-767ccc0eae1a.roa (raw, json)
Hash identifier: H76aMOKl6Gae4nBEGyxAUGy+w2brqX0LZUZcV/Fcwfw=
Subject key identifier: E7:FD:E2:4B:44:EF:64:6A:D7:FE:CA:C5:BD:48:9F:F9:64:E6:4A:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 764C804114EFCBA9AA22F097A4CBBE393F33479A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
Signing time: Fri 11 Jul 2025 21:00:52 +0000
ROA not before: Fri 11 Jul 2025 21:00:52 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.151.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:4c:80:41:14:ef:cb:a9:aa:22:f0:97:a4:cb:be:39:3f:33:47:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 21:00:52 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=4a6e1ccf84bfc54c8d8054e5dcebe8c9a6626af3de86325467f4d94af88068ac, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6b:19:97:93:bd:6b:0d:3b:06:b3:02:67:fc:
46:b6:15:92:95:8f:83:ea:87:21:b8:30:f3:6a:a2:
d2:e2:dc:43:a8:33:83:d4:84:8a:39:22:49:c9:ba:
9a:07:67:31:38:97:3f:00:e0:27:fa:5c:c7:a9:e9:
ae:a1:0a:05:7c:ba:b6:79:5d:03:b9:ec:8f:0f:3e:
22:be:a0:f3:fa:f5:05:8c:9f:3e:c8:d8:4f:fb:e7:
51:3f:d6:02:67:5c:68:11:c0:3f:c4:54:b9:bd:21:
df:72:97:dc:a0:5d:24:0a:bb:e7:ae:8f:c6:94:f9:
27:f6:d4:1a:65:3f:2e:39:e2:cf:70:c3:a6:04:08:
57:77:b3:be:00:6c:fb:0f:df:54:db:4d:ec:02:a2:
1b:71:6a:8e:ca:77:9e:87:c5:80:be:6a:1a:c8:73:
57:2f:1f:32:eb:4c:27:ac:76:c0:24:a0:ac:8e:81:
99:22:66:d5:0c:4f:1e:7b:4a:4c:21:08:04:b0:27:
ae:e2:08:fd:92:e8:25:0d:a9:18:6e:f9:33:09:4b:
17:0c:e3:9b:a6:4a:5e:cb:1c:5a:ae:29:98:f6:81:
34:c1:17:f2:14:0c:bb:f1:d3:2c:4b:76:89:dd:06:
ba:b3:67:ce:4d:f2:24:8e:7e:ae:d0:ec:5d:24:e2:
d6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:FD:E2:4B:44:EF:64:6A:D7:FE:CA:C5:BD:48:9F:F9:64:E6:4A:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fc353215-935f-47d2-9298-767ccc0eae1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7e:1b:8a:98:c4:03:43:0c:02:f5:42:a6:60:35:bc:be:29:59:
cd:a2:4c:c8:b3:d7:5f:b7:7d:56:f7:fa:ce:ab:b1:23:5c:3c:
4a:6e:84:b3:40:4e:ca:c4:6c:9b:d3:1f:bc:fe:2d:da:3d:7e:
89:e3:f8:1e:2b:76:85:ec:5d:e4:8f:bd:0c:1f:04:c3:e2:0c:
59:1d:d2:b1:2f:51:17:9e:2e:3c:36:0c:d2:a1:18:76:fa:25:
90:b6:cb:19:43:4f:24:ce:66:e6:2f:2b:ab:84:59:4b:66:57:
24:a6:90:46:ce:be:60:12:85:ad:fc:67:f0:d9:a6:51:3b:ef:
38:94:32:36:8d:68:19:82:38:bb:5f:e0:cc:05:75:8e:f3:c1:
d9:58:d8:44:1d:4e:9e:d7:ba:38:3f:4c:91:a3:3d:f9:fd:24:
4b:54:20:41:1e:5e:3c:09:f9:7d:c6:c6:87:f8:bc:e7:64:19:
aa:22:6a:76:1a:7f:8b:a0:9a:26:c9:e4:37:55:68:77:26:ff:
99:1f:0c:c7:f7:32:a5:fd:8b:1c:7c:8e:8b:59:a4:2f:7d:78:
8e:a9:7b:7f:65:65:60:a1:23:ad:4c:95:ff:18:23:9d:28:42:
0d:bd:8d:40:d5:cc:62:b1:a2:8b:bd:f2:d8:11:2e:11:db:c0:
e6:d6:6e:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdkyAQRTvy6mqIvCXpMu+OT8zR5owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMTAwNTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhNmUxY2NmODRiZmM1NGM4ZDgwNTRlNWRjZWJlOGM5YTY2MjZhZjNkZTg2
MzI1NDY3ZjRkOTRhZjg4MDY4YWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlrGZeTvWsNOwazAmf8RrYVkpWPg+qHIbgw82qi0uLcQ6gzg9SEijkiScm6
mgdnMTiXPwDgJ/pcx6nprqEKBXy6tnldA7nsjw8+Ir6g8/r1BYyfPsjYT/vnUT/W
AmdcaBHAP8RUub0h33KX3KBdJAq7566PxpT5J/bUGmU/Ljniz3DDpgQIV3ezvgBs
+w/fVNtN7AKiG3Fqjsp3nofFgL5qGshzVy8fMutMJ6x2wCSgrI6BmSJm1QxPHntK
TCEIBLAnruII/ZLoJQ2pGG75MwlLFwzjm6ZKXsscWq4pmPaBNMEX8hQMu/HTLEt2
id0GurNnzk3yJI5+rtDsXSTi1tECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTn/eJL
RO9katf+ysW9SJ/5ZOZKmTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmMzNTMyMTUtOTM1Zi00N2QyLTkyOTgtNzY3Y2NjMGVhZTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFWXMA0G
CSqGSIb3DQEBCwUAA4IBAQB+G4qYxANDDAL1QqZgNby+KVnNokzIs9dft31W9/rO
q7EjXDxKboSzQE7KxGyb0x+8/i3aPX6J4/geK3aF7F3kj70MHwTD4gxZHdKxL1EX
ni48NgzSoRh2+iWQtssZQ08kzmbmLyurhFlLZlckppBGzr5gEoWt/Gfw2aZRO+84
lDI2jWgZgji7X+DMBXWO88HZWNhEHU6e17o4P0yRoz35/SRLVCBBHl48Cfl9xsaH
+LznZBmqImp2Gn+LoJomyeQ3VWh3Jv+ZHwzH9zKl/YscfI6LWaQvfXiOqXt/ZWVg
oSOtTJX/GCOdKEINvY1A1cxisaKLvfLYES4R28Dm1m5/
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:48:21 2025 by rpki-client