Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: HPtvgCvWqP82bhSClBiySdSSgFqUqUPxeREbzlgDrfQ=
Subject key identifier: A6:23:3B:80:A1:23:60:F5:F6:96:93:3D:3C:68:1B:D0:55:32:D7:86
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0209E43FDF7B76ACCE97A651A98440B8EDF79910
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Mon 06 Oct 2025 18:10:02 +0000
ROA not before: Mon 06 Oct 2025 18:10:02 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:09:e4:3f:df:7b:76:ac:ce:97:a6:51:a9:84:40:b8:ed:f7:99:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:02 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=d46397b94378aa3e7f2c5c023245b573716de5b03f8e42d5cdb7b7b3a8ddae94, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d3:ca:78:f1:ab:79:92:4c:d5:2d:39:2d:64:
69:5b:fb:5d:03:79:03:11:bd:10:27:8b:b0:00:08:
79:c1:62:f2:94:5c:d0:17:1c:59:63:60:2f:55:db:
76:68:32:af:a8:b7:fd:e9:79:9c:bc:83:ed:e7:cc:
1d:c5:06:4a:6b:db:0b:b9:3f:0f:63:61:d1:6d:4f:
63:84:42:b4:b8:c6:db:d6:ea:7b:16:02:9a:d4:72:
d8:be:d5:7e:00:31:7f:ea:c5:79:a6:a7:16:68:f2:
a0:2c:90:84:08:b6:0c:61:9d:6b:04:8b:51:ef:bc:
a9:bb:23:84:e4:5c:1b:cb:ba:6d:4b:ac:68:b2:2c:
db:37:32:cb:a3:86:ad:5f:9d:47:e7:db:d4:d9:b8:
26:ae:09:a8:d4:2a:b3:41:80:ec:a2:94:51:23:32:
9c:17:26:3e:bb:85:bd:9a:83:4e:19:c4:13:94:d8:
c8:4f:32:a3:2b:43:ee:7b:8c:ec:87:62:16:41:9a:
fb:06:3a:3a:ec:54:e9:33:3b:ab:39:66:19:72:65:
13:a7:73:89:6e:98:75:11:87:1a:e9:7b:c1:30:fc:
67:b8:e3:49:44:4a:2f:78:f3:97:9c:8c:1a:7f:b4:
a6:b1:84:89:5e:b1:a2:e0:26:f5:c7:16:21:4e:49:
9e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:23:3B:80:A1:23:60:F5:F6:96:93:3D:3C:68:1B:D0:55:32:D7:86
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:e0:c1:06:15:3d:60:b9:1e:cb:8f:8c:95:cb:9e:61:e4:ac:
25:4a:61:ef:f0:ea:3e:c3:5e:be:3c:4d:27:1a:fd:93:7d:a1:
35:2e:5d:47:d3:5f:dc:59:74:e7:bb:d9:a6:71:b1:b8:39:2f:
66:0b:70:77:b7:73:4e:21:90:7e:3a:e1:27:a8:f0:87:dc:2d:
70:df:9a:69:2a:16:04:b4:c4:7b:78:b0:a2:d6:8c:91:29:39:
54:25:34:16:9d:23:ba:b3:b6:e5:ea:32:c6:a1:6e:f9:11:6b:
38:37:5b:e2:8d:eb:b7:3a:6e:7f:e3:62:bb:5b:f8:86:e5:4e:
2f:7b:ad:3e:01:aa:6b:16:a4:ba:66:bf:a8:17:19:5a:39:ba:
7e:ba:9a:b9:5d:f3:66:1a:e7:15:b3:e2:21:3b:36:c2:41:ca:
d5:9b:37:1e:a3:8d:f9:41:5a:82:8f:c3:4e:15:0b:01:15:92:
dd:d5:b5:4d:1e:c8:da:59:92:e6:30:d1:eb:1b:6c:81:2e:68:
16:5a:4f:3a:f2:72:de:a3:54:11:e0:c8:f5:2e:db:58:e3:5f:
1c:a6:93:a3:d5:9d:2d:4b:19:f0:35:43:76:f1:c3:5c:1f:12:
72:04:8e:05:28:7c:6c:dc:04:22:dc:95:1b:a5:29:48:d3:93:
5f:28:af:94
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAgnkP997dqzOl6ZRqYRAuO33mRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMDJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0NjM5N2I5NDM3OGFhM2U3ZjJjNWMwMjMyNDViNTczNzE2ZGU1YjAzZjhl
NDJkNWNkYjdiN2IzYThkZGFlOTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHTynjxq3mSTNUtOS1kaVv7XQN5AxG9ECeLsAAIecFi8pRc0BccWWNgL1Xb
dmgyr6i3/el5nLyD7efMHcUGSmvbC7k/D2Nh0W1PY4RCtLjG29bqexYCmtRy2L7V
fgAxf+rFeaanFmjyoCyQhAi2DGGdawSLUe+8qbsjhORcG8u6bUusaLIs2zcyy6OG
rV+dR+fb1Nm4Jq4JqNQqs0GA7KKUUSMynBcmPruFvZqDThnEE5TYyE8yoytD7nuM
7IdiFkGa+wY6OuxU6TM7qzlmGXJlE6dziW6YdRGHGul7wTD8Z7jjSURKL3jzl5yM
Gn+0prGEiV6xouAm9ccWIU5JnpUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSmIzuA
oSNg9faWkz08aBvQVTLXhjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAHODBBhU9YLkey4+MlcueYeSsJUph7/DqPsNevjxN
Jxr9k32hNS5dR9Nf3Fl057vZpnGxuDkvZgtwd7dzTiGQfjrhJ6jwh9wtcN+aaSoW
BLTEe3iwotaMkSk5VCU0Fp0jurO25eoyxqFu+RFrODdb4o3rtzpuf+Niu1v4huVO
L3utPgGqaxakuma/qBcZWjm6frqauV3zZhrnFbPiITs2wkHK1Zs3HqON+UFago/D
ThULARWS3dW1TR7I2lmS5jDR6xtsgS5oFlpPOvJy3qNUEeDI9S7bWONfHKaTo9Wd
LUsZ8DVDdvHDXB8ScgSOBSh8bNwEItyVG6UpSNOTXyivlA==
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:42:43 2025 by rpki-client