Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: uXVeZ+JuUX2SPtKNIHx7WFjDL81+4v9BsWWd2Y58JYc=
Subject key identifier: A8:A8:E5:FF:2D:42:77:01:3B:40:EA:D3:89:43:42:CD:7F:8E:CD:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66E944FDF9D1769C1E322C7CEB5F6D0F9AA51677
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Tue 19 Aug 2025 17:00:02 +0000
ROA not before: Tue 19 Aug 2025 17:00:02 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:e9:44:fd:f9:d1:76:9c:1e:32:2c:7c:eb:5f:6d:0f:9a:a5:16:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 19 17:00:02 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=a7b31ce9bd54b8631867920af21b71fbfd34dd30ed603da01dce6dcf853aabbd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:23:14:8c:4f:22:04:cb:e3:14:0c:aa:fc:ec:
fe:cf:ad:76:d4:c3:b3:b9:c1:8f:bf:d4:a3:e8:cf:
8c:07:43:b4:c8:b9:54:82:aa:5c:c3:ca:ad:5f:12:
7d:e4:25:a7:4a:7a:7f:46:7f:e7:0b:82:05:5c:d9:
31:d3:ac:24:a0:ee:c2:7a:02:5c:e4:15:4b:0d:4d:
97:74:a3:1d:72:ae:e1:02:83:8e:5a:73:e2:29:b6:
98:88:48:29:b7:d3:e3:03:b6:2f:ad:0b:a8:d7:8f:
9c:a8:66:af:7a:d9:ce:4a:02:6f:6f:38:0a:7b:84:
68:ac:08:50:be:3e:3e:71:f4:f3:8f:23:dd:bb:5d:
0e:45:a2:32:88:09:bc:9d:56:f8:8b:6b:dd:04:63:
7a:08:6e:af:de:0c:77:ab:46:f4:76:08:2e:6a:7e:
79:00:20:b6:11:d8:69:7d:5d:66:9b:96:db:ac:fa:
4b:46:f9:20:29:a9:06:3d:1d:c1:8d:91:4f:d3:df:
1b:53:bb:e6:66:95:76:3d:77:09:3f:b7:a8:24:2c:
b2:6f:89:22:39:75:65:24:fa:72:e7:5a:db:e8:57:
23:07:7f:a7:cb:c9:d6:5b:fe:78:c2:f7:07:57:a8:
a0:5d:02:15:30:42:65:17:9b:8b:67:43:3b:ab:ec:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A8:E5:FF:2D:42:77:01:3B:40:EA:D3:89:43:42:CD:7F:8E:CD:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
00:fc:7c:a4:23:da:ed:bf:76:4d:c7:b6:40:16:46:56:13:5d:
1f:54:e6:97:9a:47:2a:bc:69:2b:84:a8:df:24:c8:43:17:56:
8d:57:e7:a1:7b:c0:c2:f0:c5:4f:a5:2a:bc:27:52:e8:5f:84:
33:c8:2b:57:ab:f7:32:dd:ea:b8:af:1e:39:27:b4:9b:46:63:
ee:a6:16:46:44:e7:ce:38:81:d6:90:80:fd:5e:92:45:c3:1a:
a9:84:a0:5e:ce:59:75:10:f0:a1:7d:dc:86:cc:d6:15:78:2d:
8e:6c:bf:6a:23:21:bb:c1:69:25:a7:0a:58:b5:75:f8:8b:87:
dc:8f:30:8a:8e:f2:2f:3e:8c:78:44:15:ce:1c:82:01:0e:31:
84:ce:6c:ff:0b:4f:b1:2d:f2:a0:5e:d2:40:5d:5f:3a:c7:8e:
fd:01:94:10:d7:f3:16:24:fa:6c:eb:15:96:8c:34:42:cd:7b:
af:9e:1f:59:57:a1:df:cc:84:92:67:65:35:64:ee:27:82:8c:
a5:a0:39:ca:3d:81:dc:85:ce:2d:4e:4e:6b:77:3e:17:f1:7c:
a1:c0:03:97:fe:57:b7:99:d9:75:8e:c7:17:25:74:28:b4:7f:
7c:d1:8b:4c:57:62:b0:95:8f:2c:7f:fc:17:c1:a1:31:48:92:
38:d6:2b:0c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZulE/fnRdpweMix8619tD5qlFncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTkxNzAwMDJaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3YjMxY2U5YmQ1NGI4NjMxODY3OTIwYWYyMWI3MWZiZmQzNGRkMzBlZDYw
M2RhMDFkY2U2ZGNmODUzYWFiYmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOwjFIxPIgTL4xQMqvzs/s+tdtTDs7nBj7/Uo+jPjAdDtMi5VIKqXMPKrV8S
feQlp0p6f0Z/5wuCBVzZMdOsJKDuwnoCXOQVSw1Nl3SjHXKu4QKDjlpz4im2mIhI
KbfT4wO2L60LqNePnKhmr3rZzkoCb284CnuEaKwIUL4+PnH0848j3btdDkWiMogJ
vJ1W+Itr3QRjeghur94Md6tG9HYILmp+eQAgthHYaX1dZpuW26z6S0b5ICmpBj0d
wY2RT9PfG1O75maVdj13CT+3qCQssm+JIjl1ZST6cuda2+hXIwd/p8vJ1lv+eML3
B1eooF0CFTBCZRebi2dDO6vs2AMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSoqOX/
LUJ3ATtA6tOJQ0LNf47NxzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEAAPx8pCPa7b92Tce2QBZGVhNdH1Tml5pHKrxpK4So
3yTIQxdWjVfnoXvAwvDFT6UqvCdS6F+EM8grV6v3Mt3quK8eOSe0m0Zj7qYWRkTn
zjiB1pCA/V6SRcMaqYSgXs5ZdRDwoX3chszWFXgtjmy/aiMhu8FpJacKWLV1+IuH
3I8wio7yLz6MeEQVzhyCAQ4xhM5s/wtPsS3yoF7SQF1fOseO/QGUENfzFiT6bOsV
low0Qs17r54fWVeh38yEkmdlNWTuJ4KMpaA5yj2B3IXOLU5Oa3c+F/F8ocADl/5X
t5nZdY7HFyV0KLR/fNGLTFdisJWPLH/8F8GhMUiSONYrDA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:39 2025 by rpki-client