Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: H/RmB5BrgvtEodU3gy98gRzHMfH2D8oB7v2aTyjbmtg=
Subject key identifier: D5:B3:9B:CE:CD:42:77:C1:C1:26:A5:E2:E5:FB:EF:51:2A:C0:55:8C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F39123158BC3C3BD66226CF75F2DCB33DDAC5FF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Fri 15 Aug 2025 15:50:06 +0000
ROA not before: Fri 15 Aug 2025 15:50:06 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 17:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:39:12:31:58:bc:3c:3b:d6:62:26:cf:75:f2:dc:b3:3d:da:c5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:06 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=9abe1466f0b30486c8c9ea4edc9893d3090b0715914cb6441738543bbdca8052, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f5:fc:2a:b8:ca:ae:e2:72:6c:f3:ab:94:bd:
b7:87:cb:92:83:c9:40:21:f2:14:98:08:c5:25:60:
6a:eb:8a:7f:50:9b:47:52:37:3f:17:f8:1a:36:35:
ca:65:11:f2:d5:9b:3f:f4:af:61:68:53:c8:e4:8f:
b3:59:d6:12:6b:c5:6d:9d:c6:37:15:9c:60:f2:94:
90:48:a1:b3:34:eb:53:6b:37:7a:e4:6c:e4:57:b3:
43:2d:7e:78:a9:70:95:96:39:cc:ac:57:be:63:10:
43:75:c8:52:8a:44:62:19:35:5a:92:7e:69:bf:f5:
6e:7f:c0:2c:f5:ac:09:7c:59:4b:0d:32:6c:28:ae:
71:07:1e:2a:14:e3:4e:80:bc:2a:8d:dc:6e:df:99:
7b:5b:ed:4f:d3:61:e9:31:6f:8e:88:b3:b9:fa:6e:
18:4d:dd:01:30:1c:de:64:27:13:1f:2b:92:f3:6b:
03:ae:f7:66:dd:9c:a3:95:06:7c:bb:5e:4c:32:fc:
12:8a:2f:f8:70:f2:1c:1e:75:f6:8f:5c:5d:37:ef:
84:ae:67:6d:33:d3:da:02:14:f9:90:38:e1:35:8b:
f0:84:bb:0e:bb:cb:0b:c9:6d:87:3e:7c:86:1a:62:
74:ec:32:e7:87:a6:98:55:e9:b6:6c:62:c8:d2:3a:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B3:9B:CE:CD:42:77:C1:C1:26:A5:E2:E5:FB:EF:51:2A:C0:55:8C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
81:53:31:22:79:92:2b:e1:b3:f8:3e:fa:90:1f:e2:54:68:00:
95:19:c8:e3:36:ad:ab:01:21:a2:28:16:0c:35:0a:02:64:16:
63:18:73:ed:57:e5:1b:7b:46:61:72:27:11:ac:27:fb:64:df:
13:d6:67:74:12:58:1a:0c:8e:a1:cd:29:90:61:5e:2f:21:f0:
f2:bc:26:e3:4f:d4:a1:30:60:49:16:8f:fc:41:32:67:41:ac:
ba:9d:4b:ce:6b:e5:d8:41:86:16:0f:4a:0c:0b:0e:a3:82:fe:
53:03:2b:56:48:8d:87:8a:cb:a0:65:e1:2b:8a:25:19:bb:d8:
63:16:f9:32:9c:c0:e8:a3:14:bb:32:e6:f8:87:d8:b9:a3:46:
d7:8c:7e:72:f2:78:fe:e3:37:be:be:23:06:84:33:8f:59:9b:
90:8a:72:7b:8e:3a:ad:1f:56:63:74:41:ca:e8:b6:89:d6:b9:
5a:f2:e1:ec:11:b2:4a:85:f4:c7:bd:69:9d:70:bb:f7:3b:df:
b3:12:b3:ca:98:5d:5c:56:9d:42:7a:72:9f:12:6d:ae:59:77:
36:42:81:34:37:31:29:44:d5:8b:93:22:99:98:23:a6:0b:1c:
5e:d2:be:2c:de:e9:f7:c6:76:7c:20:6a:57:5d:a6:51:bb:22:
d6:21:46:93
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDzkSMVi8PDvWYibPdfLcsz3axf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDZaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhYmUxNDY2ZjBiMzA0ODZjOGM5ZWE0ZWRjOTg5M2QzMDkwYjA3MTU5MTRj
YjY0NDE3Mzg1NDNiYmRjYTgwNTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOX1/Cq4yq7icmzzq5S9t4fLkoPJQCHyFJgIxSVgauuKf1CbR1I3Pxf4GjY1
ymUR8tWbP/SvYWhTyOSPs1nWEmvFbZ3GNxWcYPKUkEihszTrU2s3euRs5FezQy1+
eKlwlZY5zKxXvmMQQ3XIUopEYhk1WpJ+ab/1bn/ALPWsCXxZSw0ybCiucQceKhTj
ToC8Ko3cbt+Ze1vtT9Nh6TFvjoizufpuGE3dATAc3mQnEx8rkvNrA673Zt2co5UG
fLteTDL8Eoov+HDyHB519o9cXTfvhK5nbTPT2gIU+ZA44TWL8IS7DrvLC8lthz58
hhpidOwy54emmFXptmxiyNI6yTMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTVs5vO
zUJ3wcEmpeLl++9RKsBVjDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAgVMxInmSK+Gz+D76kB/iVGgAlRnI4zatqwEhoigW
DDUKAmQWYxhz7VflG3tGYXInEawn+2TfE9ZndBJYGgyOoc0pkGFeLyHw8rwm40/U
oTBgSRaP/EEyZ0Gsup1Lzmvl2EGGFg9KDAsOo4L+UwMrVkiNh4rLoGXhK4olGbvY
Yxb5MpzA6KMUuzLm+IfYuaNG14x+cvJ4/uM3vr4jBoQzj1mbkIpye446rR9WY3RB
yui2ida5WvLh7BGySoX0x71pnXC79zvfsxKzyphdXFadQnpynxJtrll3NkKBNDcx
KUTVi5MimZgjpgscXtK+LN7p98Z2fCBqV12mUbsi1iFGkw==
-----END CERTIFICATE-----
Generated at Thu Aug 21 22:13:29 2025 by rpki-client