Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: qy1mA1vXjd3AGQn/4s2xj6SobBT1poeGeOReNwGo9Dc=
Subject key identifier: 1E:35:DD:F9:18:66:48:0D:3F:70:D0:22:45:A3:0B:1E:3D:7F:66:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C38BE2AF3117CFB40C352783F88AE063FC09911
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Mon 14 Jul 2025 15:40:49 +0000
ROA not before: Mon 14 Jul 2025 15:40:49 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:38:be:2a:f3:11:7c:fb:40:c3:52:78:3f:88:ae:06:3f:c0:99:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:49 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=53faa2d588793c1b5ce0acfec39f9de57ed09e54533d4c2d9cdf538a584bdca6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d6:6f:64:b2:7c:74:24:1d:1b:d6:d1:04:a7:
7f:c1:8e:16:b8:f5:60:bd:fb:a1:5d:c7:5a:52:7a:
91:32:e1:36:05:cb:ff:c6:2a:36:92:6c:23:3a:df:
bb:79:f6:33:c1:fa:21:53:be:6c:c7:f3:a6:1e:57:
55:1a:2e:82:a3:7f:41:cb:64:bd:0c:74:50:43:66:
c2:fc:78:6b:e7:bf:c5:05:9c:52:69:00:7b:ab:8f:
c1:c4:f8:d8:e9:d0:cd:fc:da:8e:7d:b4:70:d6:f3:
84:c8:86:80:45:cc:4f:81:a0:41:71:7e:92:69:4f:
d6:84:aa:35:39:64:2a:49:62:8e:74:23:fe:4d:a2:
de:02:98:bf:8b:c6:80:a4:17:23:50:2e:f0:19:d9:
29:e2:71:25:1e:19:27:1e:e2:f9:de:95:30:41:0d:
38:0b:27:f1:a1:b6:dc:30:24:c3:99:a8:83:25:83:
49:e8:62:71:05:a7:f8:a6:f1:5a:ab:05:93:c0:92:
ee:5f:d3:49:86:d8:15:c2:38:12:56:2c:9c:56:43:
52:7c:fd:9f:1c:29:9f:81:fd:a5:4d:2a:c3:42:90:
0b:35:5d:a8:fe:32:b3:c3:b9:22:eb:44:5c:8f:25:
28:6f:5a:1e:a8:df:7c:4e:d8:93:69:c5:6e:62:33:
7a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:35:DD:F9:18:66:48:0D:3F:70:D0:22:45:A3:0B:1E:3D:7F:66:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
56:33:31:b1:69:20:cb:28:03:08:ce:2e:87:1e:a4:6d:10:4e:
2e:f1:15:12:46:05:a8:b1:ec:c7:df:6b:44:cd:c9:7a:5c:22:
e2:0b:84:97:7c:1a:08:c6:1d:f8:a8:ac:f5:15:5b:ca:3c:f8:
69:cc:94:e3:13:a6:08:52:27:fa:11:99:18:1a:fe:86:ab:99:
0f:0e:a9:c6:56:41:01:e5:2c:8d:64:a5:94:39:b7:a8:21:67:
9e:39:99:ee:3a:d2:b3:fc:24:d6:60:c9:12:9c:8b:fd:1e:a2:
2c:5a:e8:57:04:10:4f:1e:e9:c1:d8:b3:07:bd:7f:a4:b5:f1:
d3:a4:ba:df:79:85:19:aa:bf:76:66:39:64:73:59:ca:8b:23:
2e:b9:64:57:7c:53:56:fd:d5:64:fd:b4:44:0e:06:39:51:aa:
2e:08:7e:e0:e8:f3:74:7e:fb:41:c9:1f:04:a3:e7:c1:64:f5:
21:13:18:8b:76:20:e4:b4:a7:24:72:55:f2:86:a7:8a:73:e7:
db:14:bd:90:14:fd:d4:77:60:5a:3a:a6:c0:bd:b6:a0:e7:55:
55:8c:55:e1:62:d0:be:46:23:9f:27:25:b7:14:d6:ff:8f:4a:
37:51:dc:d8:a4:9e:af:e0:43:4a:f4:a6:40:54:b7:32:4b:39:
56:87:8e:bd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfDi+KvMRfPtAw1J4P4iuBj/AmREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwNDlaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUzZmFhMmQ1ODg3OTNjMWI1Y2UwYWNmZWMzOWY5ZGU1N2VkMDllNTQ1MzNk
NGMyZDljZGY1MzhhNTg0YmRjYTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKXWb2SyfHQkHRvW0QSnf8GOFrj1YL37oV3HWlJ6kTLhNgXL/8YqNpJsIzrf
u3n2M8H6IVO+bMfzph5XVRougqN/QctkvQx0UENmwvx4a+e/xQWcUmkAe6uPwcT4
2OnQzfzajn20cNbzhMiGgEXMT4GgQXF+kmlP1oSqNTlkKklijnQj/k2i3gKYv4vG
gKQXI1Au8BnZKeJxJR4ZJx7i+d6VMEENOAsn8aG23DAkw5mogyWDSehicQWn+Kbx
WqsFk8CS7l/TSYbYFcI4ElYsnFZDUnz9nxwpn4H9pU0qw0KQCzVdqP4ys8O5IutE
XI8lKG9aHqjffE7Yk2nFbmIzesMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQeNd35
GGZIDT9w0CJFowsePX9mzTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAVjMxsWkgyygDCM4uhx6kbRBOLvEVEkYFqLHsx99r
RM3Jelwi4guEl3waCMYd+Kis9RVbyjz4acyU4xOmCFIn+hGZGBr+hquZDw6pxlZB
AeUsjWSllDm3qCFnnjmZ7jrSs/wk1mDJEpyL/R6iLFroVwQQTx7pwdizB71/pLXx
06S633mFGaq/dmY5ZHNZyosjLrlkV3xTVv3VZP20RA4GOVGqLgh+4OjzdH77Qckf
BKPnwWT1IRMYi3Yg5LSnJHJV8oaninPn2xS9kBT91HdgWjqmwL22oOdVVYxV4WLQ
vkYjnycltxTW/49KN1Hc2KSer+BDSvSmQFS3Mks5VoeOvQ==
-----END CERTIFICATE-----
Generated at Mon Jul 21 05:41:57 2025 by rpki-client