Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: AfNzpWwP2jVwOynJquBxgsV7yvuFxlyFGSmCAplmspU=
Subject key identifier: 47:30:4F:C4:41:EC:63:0D:53:CF:E8:3B:38:EB:6E:FD:94:FD:1B:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 33CB6BBB8D064CF9376EA299DCB46A9A0EFB06AC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Fri 15 Aug 2025 15:50:04 +0000
ROA not before: Fri 15 Aug 2025 15:50:04 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:cb:6b:bb:8d:06:4c:f9:37:6e:a2:99:dc:b4:6a:9a:0e:fb:06:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:04 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=41f1fffff0598be58b7b93370decd6acbefb44e720847f416d8daaf3199ac4ef, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:21:e1:66:9a:75:ce:ca:73:44:55:82:3f:ea:
40:af:f6:03:10:82:90:1b:bf:00:60:32:60:a5:fc:
36:c4:fe:fb:b3:54:56:fc:4d:95:74:ea:2d:9c:5b:
2e:84:a5:a5:69:a1:a7:46:24:33:ac:85:1d:dc:21:
c2:d0:d5:74:1e:92:53:95:ef:e2:3f:fc:ab:b2:d3:
05:39:9a:ea:a5:26:2a:8c:ff:d5:a0:95:d4:84:c4:
6a:fd:f4:9d:11:c8:ed:0e:32:e2:aa:ce:cf:a5:0c:
05:5c:75:df:1f:fe:f3:5d:63:0e:57:29:42:44:4d:
58:f3:1b:07:8a:83:13:9a:9a:d0:41:44:24:04:e4:
92:00:f4:86:a7:a5:e2:61:1b:09:b1:3f:12:81:bf:
67:73:56:42:cb:6c:a0:98:9b:50:19:7b:83:74:9e:
a4:e2:1c:81:4b:4b:e6:58:16:e1:b4:0a:bc:4e:9b:
9e:2c:94:61:b8:f1:bd:92:a6:01:e0:34:03:69:e4:
c0:a3:d6:bb:b8:a2:c1:74:6d:8c:9c:a6:7e:a4:19:
44:95:94:da:be:38:9a:02:e7:e5:85:9a:25:5a:b3:
80:8a:f4:a3:15:1b:42:77:a5:86:aa:d2:33:90:3b:
dc:84:5d:8c:a3:52:4d:ec:00:a9:74:27:53:be:a3:
d7:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:30:4F:C4:41:EC:63:0D:53:CF:E8:3B:38:EB:6E:FD:94:FD:1B:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
19:ec:bc:50:1c:26:eb:57:83:99:58:2b:59:8d:10:dd:f2:a6:
4a:66:49:c2:ed:81:f9:4f:19:e9:a2:30:e8:79:84:f0:e1:06:
79:6b:8b:48:fe:20:fd:2c:e1:54:29:47:5d:81:b6:3b:26:51:
07:5f:31:1d:9f:ab:17:2f:5b:f1:9b:44:13:e5:c9:a4:cd:13:
15:e8:aa:ca:73:34:f5:70:6d:b8:5e:2d:7a:f4:12:cb:11:5a:
74:b3:b1:2c:8f:c8:48:15:0f:86:02:a8:c1:be:4c:00:6a:2e:
2b:43:71:1b:77:d4:09:1a:6e:57:88:ac:57:e1:88:9e:08:56:
c1:da:79:9d:ed:eb:09:b6:6e:fc:64:0f:dd:33:7f:88:b5:b4:
9e:7f:57:26:eb:6f:67:f9:91:45:e5:79:eb:22:e5:8d:08:85:
2c:67:43:76:0f:39:53:ed:a9:24:a6:f5:b4:cb:3e:38:8c:f5:
f3:ad:70:72:13:15:51:64:51:cf:d6:29:fb:4c:28:c3:c3:95:
67:36:bb:91:88:82:20:5e:54:ff:99:c4:13:65:27:ce:b2:43:
49:fb:c5:56:f3:10:76:09:35:4b:a7:bf:14:72:5d:fa:86:cd:
05:46:6d:2e:4e:78:ff:51:c6:b6:84:78:cd:e7:4d:7e:57:80:
81:e3:db:6d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUM8tru40GTPk3bqKZ3LRqmg77BqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDRaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxZjFmZmZmZjA1OThiZTU4YjdiOTMzNzBkZWNkNmFjYmVmYjQ0ZTcyMDg0
N2Y0MTZkOGRhYWYzMTk5YWM0ZWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgh4Waadc7Kc0RVgj/qQK/2AxCCkBu/AGAyYKX8NsT++7NUVvxNlXTqLZxb
LoSlpWmhp0YkM6yFHdwhwtDVdB6SU5Xv4j/8q7LTBTma6qUmKoz/1aCV1ITEav30
nRHI7Q4y4qrOz6UMBVx13x/+811jDlcpQkRNWPMbB4qDE5qa0EFEJATkkgD0hqel
4mEbCbE/EoG/Z3NWQstsoJibUBl7g3SepOIcgUtL5lgW4bQKvE6bniyUYbjxvZKm
AeA0A2nkwKPWu7iiwXRtjJymfqQZRJWU2r44mgLn5YWaJVqzgIr0oxUbQnelhqrS
M5A73IRdjKNSTewAqXQnU76j18ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRHME/E
QexjDVPP6Ds46279lP0brzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAGey8UBwm61eDmVgrWY0Q3fKmSmZJwu2B+U8Z6aIw
6HmE8OEGeWuLSP4g/SzhVClHXYG2OyZRB18xHZ+rFy9b8ZtEE+XJpM0TFeiqynM0
9XBtuF4tevQSyxFadLOxLI/ISBUPhgKowb5MAGouK0NxG3fUCRpuV4isV+GInghW
wdp5ne3rCbZu/GQP3TN/iLW0nn9XJutvZ/mRReV56yLljQiFLGdDdg85U+2pJKb1
tMs+OIz1861wchMVUWRRz9Yp+0wow8OVZza7kYiCIF5U/5nEE2UnzrJDSfvFVvMQ
dgk1S6e/FHJd+obNBUZtLk54/1HGtoR4zedNfleAgePbbQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:52 2025 by rpki-client