Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: chMkNJ7NtnAOL+P4VVxANxd4Ej8NhOg1rshvoPi0jCc=
Subject key identifier: F1:15:1A:A1:4C:AD:A3:F0:03:6B:0D:09:46:90:C0:52:FE:C9:E6:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D7103129A72E071F6712D23BC71BEF4B4733F6E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Sat 09 Aug 2025 00:30:04 +0000
ROA not before: Sat 09 Aug 2025 00:30:04 +0000
ROA not after: Sat 13 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:71:03:12:9a:72:e0:71:f6:71:2d:23:bc:71:be:f4:b4:73:3f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 9 00:30:04 2025 GMT
Not After : Sep 13 23:59:59 2025 GMT
Subject: serialNumber=571908fcbfbbb5ec63ca38475d6d0147ae0d24d22d93c22758da1b088b5a181d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fc:a2:f7:7a:23:74:11:dc:80:d7:73:22:db:
b2:39:24:c2:42:d9:f1:03:1a:2c:03:4b:03:d6:77:
69:42:f4:29:83:c0:d5:44:1e:9a:c5:56:90:4f:c4:
04:f8:66:d6:dc:1c:a6:ed:b4:43:f3:30:b6:b6:16:
56:29:c2:62:3d:a6:27:2e:5a:9f:d2:83:38:e5:26:
a3:25:ab:41:1a:85:5c:34:f5:b4:88:ea:f5:ae:f9:
53:23:93:95:58:e8:2d:34:bb:1c:d1:90:0a:d0:17:
1b:51:e2:0e:e5:44:63:d0:ee:f4:ad:b1:5d:c1:ae:
01:a4:93:d5:9e:78:16:09:d1:0a:5e:6a:86:02:28:
62:53:df:a9:72:77:a2:95:7f:d3:bd:44:69:b4:90:
a2:f1:68:47:c0:23:fc:c9:1f:74:44:38:02:16:63:
d1:17:8d:21:23:76:3a:5b:72:6e:4f:96:25:9b:8d:
dd:30:fe:8e:2d:1c:ff:53:3a:9d:ec:52:aa:3e:6d:
8f:6e:0d:3d:b7:ce:fe:45:29:cb:bb:13:d5:a1:e5:
28:21:01:fa:30:4a:d4:84:33:21:65:a7:d0:9e:f8:
4a:e1:cd:82:7e:ca:49:ad:98:2d:ed:a3:0a:6d:43:
a6:72:6e:1b:a1:2d:b8:7d:4d:34:47:b6:66:84:28:
63:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:15:1A:A1:4C:AD:A3:F0:03:6B:0D:09:46:90:C0:52:FE:C9:E6:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:75:94:af:7e:e9:05:90:4f:03:a2:61:9a:7c:28:5f:49:ed:
dc:00:6d:58:aa:c4:f2:c5:4e:f7:90:6b:e4:ba:ec:dc:d4:7c:
26:34:4a:4e:eb:66:5a:78:d3:ab:2d:6d:9a:42:63:5b:99:d0:
2b:f9:fd:8c:5c:01:de:76:a5:c4:3e:4a:4e:e3:73:0e:29:76:
02:96:d1:b8:2c:3f:a9:d4:19:97:c9:1c:fd:16:ec:52:a9:36:
97:d7:e2:2b:90:c2:84:7c:45:06:f8:19:47:eb:19:2f:27:8c:
a5:7f:5d:67:ad:9f:1e:97:b7:74:51:26:7b:fb:ed:6b:be:62:
9e:03:b9:70:e8:32:71:d9:b9:bd:81:3d:20:3c:fa:8c:eb:f4:
c2:eb:aa:cc:ef:b7:f9:be:bc:59:67:bc:f3:66:09:ea:f5:64:
77:e4:94:f8:27:ba:09:90:21:71:61:20:9e:45:5e:64:e1:75:
6e:63:6f:3b:1f:11:d0:13:47:6e:ef:7f:bd:79:72:a7:33:1d:
12:a4:77:69:01:0f:67:41:9d:76:e0:02:85:4f:0f:8f:50:3b:
cc:83:25:11:a4:82:e4:2f:5a:9f:43:a7:c5:f3:5f:75:40:f0:
fb:6b:eb:8c:c4:24:11:3f:a8:90:50:cf:3b:bf:85:b6:de:83:
0a:4c:e5:26
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULXEDEppy4HH2cS0jvHG+9LRzP24wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDkwMDMwMDRaFw0yNTA5MTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3MTkwOGZjYmZiYmI1ZWM2M2NhMzg0NzVkNmQwMTQ3YWUwZDI0ZDIyZDkz
YzIyNzU4ZGExYjA4OGI1YTE4MWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANr8ovd6I3QR3IDXcyLbsjkkwkLZ8QMaLANLA9Z3aUL0KYPA1UQemsVWkE/E
BPhm1twcpu20Q/MwtrYWVinCYj2mJy5an9KDOOUmoyWrQRqFXDT1tIjq9a75UyOT
lVjoLTS7HNGQCtAXG1HiDuVEY9Du9K2xXcGuAaST1Z54FgnRCl5qhgIoYlPfqXJ3
opV/071EabSQovFoR8Aj/MkfdEQ4AhZj0ReNISN2Oltybk+WJZuN3TD+ji0c/1M6
nexSqj5tj24NPbfO/kUpy7sT1aHlKCEB+jBK1IQzIWWn0J74SuHNgn7KSa2YLe2j
Cm1DpnJuG6EtuH1NNEe2ZoQoY7MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTxFRqh
TK2j8ANrDQlGkMBS/snmcjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAO3WUr37pBZBPA6JhmnwoX0nt3ABtWKrE8sVO95Br
5Lrs3NR8JjRKTutmWnjTqy1tmkJjW5nQK/n9jFwB3nalxD5KTuNzDil2ApbRuCw/
qdQZl8kc/RbsUqk2l9fiK5DChHxFBvgZR+sZLyeMpX9dZ62fHpe3dFEme/vta75i
ngO5cOgycdm5vYE9IDz6jOv0wuuqzO+3+b68WWe882YJ6vVkd+SU+Ce6CZAhcWEg
nkVeZOF1bmNvOx8R0BNHbu9/vXlypzMdEqR3aQEPZ0GdduAChU8Pj1A7zIMlEaSC
5C9an0OnxfNfdUDw+2vrjMQkET+okFDPO7+Ftt6DCkzlJg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:26 2025 by rpki-client