Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: liUooyMvp4I6vD+mJw5TNTz103qTqs9Hzs7zxo6Wvng=
Subject key identifier: 66:E1:86:19:71:84:50:84:17:47:40:7C:85:5E:FB:81:FF:CD:26:23
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B91724A9C488387E3152A458C80A54C0D621402
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Tue 09 Sep 2025 16:10:08 +0000
ROA not before: Tue 09 Sep 2025 16:10:08 +0000
ROA not after: Tue 14 Oct 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 09:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:91:72:4a:9c:48:83:87:e3:15:2a:45:8c:80:a5:4c:0d:62:14:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 9 16:10:08 2025 GMT
Not After : Oct 14 23:59:59 2025 GMT
Subject: serialNumber=c41fdb512e4f9c40ae4d05b780638ca1c732f8be8eee5bf62df1462dc13dcbc6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:66:84:02:81:fb:d7:95:6a:f6:8f:0f:a1:c8:
2f:8a:30:89:33:2a:72:70:11:2f:37:40:44:c9:2e:
3d:a1:3b:0e:13:31:bf:9c:8f:63:d6:f3:3a:89:5e:
22:a4:ef:82:c0:df:ed:77:23:98:e8:3e:cc:da:53:
4f:09:6e:84:db:6e:3f:34:c2:8a:2d:de:e4:18:04:
11:2c:38:08:6c:eb:c8:09:80:36:b9:eb:71:15:26:
70:e0:92:4a:63:14:8c:a2:9f:ba:cd:20:9a:0e:da:
88:be:56:f1:08:83:a1:df:02:d2:35:58:78:2d:cb:
a6:59:a4:ed:43:46:10:50:12:ae:fb:69:a2:30:59:
91:cc:0e:82:56:68:64:38:5e:73:5e:25:b2:7a:ee:
fa:8c:a8:2c:01:c8:07:a6:d8:b8:bd:3c:d8:32:30:
ca:2a:72:72:29:18:96:9b:36:d5:86:5a:09:55:17:
29:06:66:1c:03:8e:85:6d:46:16:7d:02:e2:74:46:
aa:77:e2:f3:67:75:b3:3d:e3:dc:fa:96:ce:02:84:
30:7d:be:66:70:d8:7f:03:6d:a5:ba:4a:46:3c:fb:
63:56:7e:44:9e:03:01:32:b3:bb:ba:ff:b8:df:b9:
85:54:61:3a:e7:74:a0:f7:3d:8d:93:f6:2e:c9:1e:
01:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:E1:86:19:71:84:50:84:17:47:40:7C:85:5E:FB:81:FF:CD:26:23
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
65:e5:ce:47:7e:76:68:bb:78:43:b0:88:b8:e8:b2:6f:57:fe:
ce:13:41:2b:42:2f:a6:13:50:2d:39:c3:97:a3:be:61:90:6f:
d1:f7:e1:25:37:36:ac:e1:06:96:45:33:06:95:2b:b5:44:9d:
0a:22:7b:a6:40:45:a1:c6:ee:7e:0c:22:ee:ab:1f:dd:f2:42:
2a:f0:46:bd:0a:a3:47:17:79:07:bd:39:f9:df:64:3d:1f:58:
6b:ca:72:2f:54:0a:be:a0:25:63:4e:8d:7b:b4:d2:86:d8:c3:
21:74:3e:03:30:a3:fd:1b:22:b3:62:30:30:0c:b7:fe:96:12:
7e:7a:ef:ee:71:08:9e:71:ff:de:5a:5e:27:9c:35:54:f7:fc:
cb:07:15:21:73:23:ff:3b:1e:b3:f4:f7:68:56:d1:8c:6e:95:
b4:60:d9:e0:50:e5:53:88:3d:ee:d1:68:2e:01:e0:98:63:5c:
87:08:80:e7:6d:8a:0e:27:ad:16:62:1b:06:53:7f:20:9e:22:
a6:94:64:6e:48:c9:93:4f:26:83:19:09:6d:f7:9c:f7:6d:d8:
e2:f5:af:9f:5a:43:c3:4e:25:6a:d8:cb:36:f2:85:67:a2:51:
a6:65:fa:5b:88:27:b1:5c:24:35:70:ae:de:14:28:3f:f1:55:
ae:9c:37:42
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO5FySpxIg4fjFSpFjIClTA1iFAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDkxNjEwMDhaFw0yNTEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0MWZkYjUxMmU0ZjljNDBhZTRkMDViNzgwNjM4Y2ExYzczMmY4YmU4ZWVl
NWJmNjJkZjE0NjJkYzEzZGNiYzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKtmhAKB+9eVavaPD6HIL4owiTMqcnARLzdARMkuPaE7DhMxv5yPY9bzOole
IqTvgsDf7XcjmOg+zNpTTwluhNtuPzTCii3e5BgEESw4CGzryAmANrnrcRUmcOCS
SmMUjKKfus0gmg7aiL5W8QiDod8C0jVYeC3Lplmk7UNGEFASrvtpojBZkcwOglZo
ZDhec14lsnru+oyoLAHIB6bYuL082DIwyipycikYlps21YZaCVUXKQZmHAOOhW1G
Fn0C4nRGqnfi82d1sz3j3PqWzgKEMH2+ZnDYfwNtpbpKRjz7Y1Z+RJ4DATKzu7r/
uN+5hVRhOud0oPc9jZP2LskeARUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRm4YYZ
cYRQhBdHQHyFXvuB/80mIzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAZeXOR352aLt4Q7CIuOiyb1f+zhNBK0IvphNQLTnD
l6O+YZBv0ffhJTc2rOEGlkUzBpUrtUSdCiJ7pkBFocbufgwi7qsf3fJCKvBGvQqj
Rxd5B705+d9kPR9Ya8pyL1QKvqAlY06Ne7TShtjDIXQ+AzCj/Rsis2IwMAy3/pYS
fnrv7nEInnH/3lpeJ5w1VPf8ywcVIXMj/zses/T3aFbRjG6VtGDZ4FDlU4g97tFo
LgHgmGNchwiA522KDietFmIbBlN/IJ4ippRkbkjJk08mgxkJbfec923Y4vWvn1pD
w04latjLNvKFZ6JRpmX6W4gnsVwkNXCu3hQoP/FVrpw3Qg==
-----END CERTIFICATE-----
Generated at Thu Sep 18 12:03:23 2025 by rpki-client