
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: NjkJTVo+MnqQgUm4cKIVhQWYTIl+2Gl//6H2KCnSyks=
Subject key identifier: 59:3D:EE:61:1A:D4:00:18:B1:88:37:AF:BC:91:17:83:DB:E5:91:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 73E537500B3B3F9C4660D91A9986AF7A6FADE889
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Fri 11 Jul 2025 20:50:04 +0000
ROA not before: Fri 11 Jul 2025 20:50:04 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:e5:37:50:0b:3b:3f:9c:46:60:d9:1a:99:86:af:7a:6f:ad:e8:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:04 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=6a721f5aa96419d7fcb9922368a3f728a90609073308ad79a28bdfade9c42b56, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b7:2c:9c:40:39:4d:13:fb:8d:4c:ab:89:4b:
7b:46:10:e4:ac:d7:d6:dc:08:63:43:d8:fb:bd:bf:
89:68:2e:ff:9c:f1:72:b2:f2:aa:8f:da:31:82:85:
27:34:49:3f:a3:cd:57:a3:de:a4:73:3a:e9:52:ea:
74:63:b3:c8:f6:7a:e0:40:5f:13:0f:31:0e:75:53:
b7:28:15:6a:4e:61:2c:ee:35:e3:99:39:42:11:78:
5c:71:06:15:00:ae:a5:c8:a6:c0:db:1c:8a:3a:1a:
1d:10:83:15:f7:ff:0d:6c:6e:d6:10:31:76:bb:0a:
2f:12:85:41:83:aa:ed:91:2d:9e:9a:9c:15:f8:42:
07:af:33:8f:5b:05:ea:5a:3c:fd:9a:56:44:2b:12:
81:83:16:62:08:3e:6c:38:79:68:e2:87:4e:ad:48:
df:f1:b5:87:c6:ca:88:d2:02:b5:aa:23:1f:95:ea:
05:ec:fb:13:f2:53:57:ea:2b:6b:21:7a:4f:7d:a1:
3e:24:bf:ce:ae:c9:74:94:4a:db:93:f6:f7:49:25:
8a:25:57:78:b6:f5:10:1b:9c:f8:38:77:18:0c:aa:
54:62:58:f0:87:db:47:b4:42:46:b2:d3:9e:7b:0f:
ca:db:c4:8e:77:9b:e6:b2:fc:dd:95:5d:40:a5:3a:
0c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3D:EE:61:1A:D4:00:18:B1:88:37:AF:BC:91:17:83:DB:E5:91:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:08:d0:93:b7:9c:dc:a1:04:1d:b3:f3:84:e4:b8:d7:a7:8c:
6f:4c:18:07:fa:31:b0:37:c7:79:76:88:7d:a0:74:a1:16:af:
64:08:a9:37:f1:79:a8:f9:0a:de:4a:ae:09:cf:66:35:af:9f:
eb:49:01:eb:36:d2:b8:f9:30:fc:c6:7d:d5:73:46:d0:c6:58:
ec:57:23:e5:a8:c7:8c:d8:50:fb:1a:3e:33:69:ea:76:63:f8:
1f:a5:8f:f7:a4:75:81:df:5d:7a:3f:e3:d4:36:20:c8:b2:af:
4f:9d:2f:db:5a:22:8a:33:6d:92:8b:fb:fd:76:14:5f:e0:d6:
67:2a:e7:e5:46:c5:38:ad:30:25:04:5a:20:62:82:ca:f1:65:
58:1d:0d:43:93:22:1f:3e:bc:0e:00:d6:48:11:8b:20:c2:a4:
f3:45:45:0b:47:fe:4f:37:c1:5f:e2:94:50:5f:90:02:ac:97:
ed:69:cb:d5:e3:8e:3a:e7:80:c4:a7:ba:b8:11:64:8b:b8:ca:
a0:0d:cb:95:28:78:9b:87:2a:f4:9e:ab:d8:67:55:6e:31:c4:
dc:bb:96:d3:a4:40:c4:cf:ab:fb:0e:a8:53:3c:e0:cf:ca:b8:
c9:c5:ca:f1:34:e9:7b:fb:4b:fa:41:aa:27:71:5d:a8:24:ad:
3c:cb:3b:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUc+U3UAs7P5xGYNkamYavem+t6IkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhNzIxZjVhYTk2NDE5ZDdmY2I5OTIyMzY4YTNmNzI4YTkwNjA5MDczMzA4
YWQ3OWEyOGJkZmFkZTljNDJiNTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOW3LJxAOU0T+41Mq4lLe0YQ5KzX1twIY0PY+72/iWgu/5zxcrLyqo/aMYKF
JzRJP6PNV6PepHM66VLqdGOzyPZ64EBfEw8xDnVTtygVak5hLO4145k5QhF4XHEG
FQCupcimwNscijoaHRCDFff/DWxu1hAxdrsKLxKFQYOq7ZEtnpqcFfhCB68zj1sF
6lo8/ZpWRCsSgYMWYgg+bDh5aOKHTq1I3/G1h8bKiNICtaojH5XqBez7E/JTV+or
ayF6T32hPiS/zq7JdJRK25P290kliiVXeLb1EBuc+Dh3GAyqVGJY8IfbR7RCRrLT
nnsPytvEjneb5rL83ZVdQKU6DGsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRZPe5h
GtQAGLGIN6+8kReD2+WRiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQA8CNCTt5zcoQQds/OE5LjXp4xvTBgH+jGwN8d5doh9
oHShFq9kCKk38Xmo+QreSq4Jz2Y1r5/rSQHrNtK4+TD8xn3Vc0bQxljsVyPlqMeM
2FD7Gj4zaep2Y/gfpY/3pHWB3116P+PUNiDIsq9PnS/bWiKKM22Si/v9dhRf4NZn
KuflRsU4rTAlBFogYoLK8WVYHQ1DkyIfPrwOANZIEYsgwqTzRUULR/5PN8Ff4pRQ
X5ACrJftacvV444654DEp7q4EWSLuMqgDcuVKHibhyr0nqvYZ1VuMcTcu5bTpEDE
z6v7DqhTPODPyrjJxcrxNOl7+0v6QaoncV2oJK08yzvl
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:44:42 2025 by rpki-client