Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: egIwcKVhmyGYtP1TiC/IG8zDIexrCGtPMKSfC1yZocY=
Subject key identifier: FD:A5:CB:91:55:94:16:CD:87:10:F7:95:39:8C:C0:3E:37:BA:20:D0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 71729E8E932FC9DD38396DFD6C2C963A16628A31
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Tue 09 Sep 2025 16:10:07 +0000
ROA not before: Tue 09 Sep 2025 16:10:07 +0000
ROA not after: Tue 14 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:72:9e:8e:93:2f:c9:dd:38:39:6d:fd:6c:2c:96:3a:16:62:8a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 9 16:10:07 2025 GMT
Not After : Oct 14 23:59:59 2025 GMT
Subject: serialNumber=b099d53aaef9b15965d1169f8bbea8ed01219b4a2f79635d40fd92f71a873e6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7b:47:7d:19:d4:4a:77:f2:51:a3:34:9c:ad:
f3:14:24:47:82:21:70:14:f0:d3:9b:09:09:8d:6d:
4c:c2:a9:ad:f4:72:b3:18:47:0f:8f:b2:d5:0d:e8:
cb:6f:70:78:a8:7c:aa:ff:a1:d1:53:33:6b:67:4f:
bc:b9:f2:6c:58:e1:a7:22:a5:5c:30:7e:e2:1e:b4:
5f:6a:50:6e:9e:24:fc:05:b7:25:ac:d5:e4:2a:71:
0c:31:30:f2:90:cb:e1:db:a6:ad:f9:ed:3b:2f:92:
48:3d:2a:d4:c0:b8:cc:54:ab:6d:ed:e4:0d:0b:2f:
c8:da:27:28:df:0f:bf:62:74:31:d3:07:56:3f:fe:
0b:40:19:3f:23:4e:4e:ed:b9:9f:87:aa:a3:e8:bf:
2d:07:8c:63:c5:b2:a1:48:c3:59:24:db:1e:d9:ec:
7c:dd:2a:62:a7:1b:f4:be:b3:1f:ae:ae:97:33:54:
4d:54:d4:4b:43:8f:56:52:7e:0c:7f:9b:eb:4b:c5:
80:08:dc:6e:59:4e:57:60:b1:90:c3:36:97:f7:0c:
97:7c:1e:bd:4b:cd:8b:e6:f2:4a:c0:11:fe:72:1f:
13:46:0a:3d:2d:8d:54:8d:c9:17:57:d5:9f:fe:e8:
e2:61:92:6d:d7:ba:de:6c:42:d8:d2:9f:5c:85:42:
12:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:A5:CB:91:55:94:16:CD:87:10:F7:95:39:8C:C0:3E:37:BA:20:D0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
68:16:1a:04:04:b7:f7:31:e7:72:61:17:52:5b:3d:32:08:50:
cc:cb:b4:0e:e0:1c:ac:dc:1b:4e:dc:2b:e2:20:d7:05:b6:61:
f2:40:fc:50:0c:1d:d6:e2:b4:69:69:0e:6f:0d:42:05:d2:16:
0f:ab:63:15:39:7e:15:dd:3b:c2:74:7d:e5:17:e5:b3:fb:55:
83:a6:07:64:75:0c:bd:53:46:55:11:69:b3:19:de:ed:1d:c5:
a2:96:35:14:18:d6:cf:1f:62:e5:5c:47:a8:d3:32:38:da:55:
e4:50:4e:33:31:9f:d2:9c:f9:a6:e0:da:41:1b:89:4f:d5:ce:
62:be:95:19:59:b3:d0:8d:ac:1a:c0:40:b8:76:71:84:0a:a8:
93:03:47:ef:e5:f8:24:f1:33:0f:23:80:dd:db:5e:4b:ed:13:
d5:3e:94:1c:f8:05:a3:3a:f2:88:d2:97:1f:5e:2a:7e:32:ca:
34:14:22:43:69:5a:20:55:e9:9e:7c:b7:0a:7e:bd:3b:98:4f:
bd:1d:db:2b:d0:1c:00:cb:c0:ad:6b:c5:a7:2e:a5:bb:99:e9:
66:5b:8e:1b:01:0a:2a:8a:47:d7:ec:2e:24:5f:5e:3b:68:5b:
3d:ba:89:e8:0d:37:2b:09:a3:f1:6f:a2:af:b1:48:d4:ca:21:
74:f3:db:f1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcXKejpMvyd04OW39bCyWOhZiijEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDkxNjEwMDdaFw0yNTEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwOTlkNTNhYWVmOWIxNTk2NWQxMTY5ZjhiYmVhOGVkMDEyMTliNGEyZjc5
NjM1ZDQwZmQ5MmY3MWE4NzNlNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIp7R30Z1Ep38lGjNJyt8xQkR4IhcBTw05sJCY1tTMKprfRysxhHD4+y1Q3o
y29weKh8qv+h0VMza2dPvLnybFjhpyKlXDB+4h60X2pQbp4k/AW3JazV5CpxDDEw
8pDL4dumrfntOy+SSD0q1MC4zFSrbe3kDQsvyNonKN8Pv2J0MdMHVj/+C0AZPyNO
Tu25n4eqo+i/LQeMY8WyoUjDWSTbHtnsfN0qYqcb9L6zH66ulzNUTVTUS0OPVlJ+
DH+b60vFgAjcbllOV2CxkMM2l/cMl3wevUvNi+bySsAR/nIfE0YKPS2NVI3JF1fV
n/7o4mGSbde63mxC2NKfXIVCEiMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT9pcuR
VZQWzYcQ95U5jMA+N7og0DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAaBYaBAS39zHncmEXUls9MghQzMu0DuAcrNwbTtwr
4iDXBbZh8kD8UAwd1uK0aWkObw1CBdIWD6tjFTl+Fd07wnR95Rfls/tVg6YHZHUM
vVNGVRFpsxne7R3FopY1FBjWzx9i5VxHqNMyONpV5FBOMzGf0pz5puDaQRuJT9XO
Yr6VGVmz0I2sGsBAuHZxhAqokwNH7+X4JPEzDyOA3dteS+0T1T6UHPgFozryiNKX
H14qfjLKNBQiQ2laIFXpnny3Cn69O5hPvR3bK9AcAMvArWvFpy6lu5npZluOGwEK
KopH1+wuJF9eO2hbPbqJ6A03Kwmj8W+ir7FI1MohdPPb8Q==
-----END CERTIFICATE-----
Generated at Tue Sep 16 03:49:39 2025 by rpki-client