Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: 1dD0T1RqwFA22CkFOKsx3hf3kRrHn56K/ca3BnIvgIw=
Subject key identifier: DE:BC:88:01:5D:99:C1:11:F6:C6:8E:4A:61:91:3D:43:38:7B:FA:AE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08465A2636457CA82524E8C63DA562FB1266707E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Tue 05 Aug 2025 20:21:36 +0000
ROA not before: Tue 05 Aug 2025 20:21:36 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:46:5a:26:36:45:7c:a8:25:24:e8:c6:3d:a5:62:fb:12:66:70:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:36 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=1748af2c66eff59b29643e55c7a53e57ad58df9d88831f48b03528f3fab7833c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a8:96:28:a7:f2:77:85:fb:fd:53:00:1d:d3:
36:44:72:d1:50:f4:e8:af:76:9d:0c:2d:af:ab:27:
a3:ed:53:0d:76:56:dc:36:79:98:d6:3b:c4:66:c7:
1d:d8:51:94:b7:25:4c:aa:83:88:5f:a6:f8:b8:1f:
8d:8b:58:70:17:02:26:6a:64:df:40:c8:1e:2d:b5:
77:01:6d:8e:4f:52:69:f1:39:c9:36:6c:12:93:19:
ee:7d:74:f0:d1:74:d4:c1:27:5f:af:6e:f1:94:51:
4a:08:6c:48:8c:c8:9d:64:e7:1d:07:15:a7:8e:e0:
9e:42:d7:38:d6:85:af:eb:46:e7:32:43:c4:42:fa:
57:6b:6a:9f:5b:8e:52:ea:da:f1:0a:e3:75:36:78:
0f:5d:57:03:cd:aa:d9:ce:7f:ae:5c:0e:ea:6c:28:
c7:b2:f9:06:18:ab:a9:8f:b6:c1:cb:24:3a:6f:52:
7e:95:c2:f2:9a:25:f9:92:26:8c:18:c8:ce:71:94:
cb:3f:80:ac:fa:d9:8c:df:d1:95:0b:3a:1f:ce:c5:
21:49:28:fc:82:f4:6c:3d:ae:66:52:88:64:ed:8c:
9a:4c:0f:dc:4a:ff:f8:8c:7e:e6:af:f8:61:16:7f:
2a:38:da:e4:ab:83:2e:69:12:cf:8c:ab:c6:42:a6:
55:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BC:88:01:5D:99:C1:11:F6:C6:8E:4A:61:91:3D:43:38:7B:FA:AE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2b:61:db:b9:e7:88:69:ac:bd:07:b6:72:f8:83:f6:32:7d:3c:
2c:af:c6:9f:69:8f:89:fd:24:6d:36:79:95:f7:86:85:27:60:
f6:39:38:e5:5b:c1:b2:22:b5:95:a7:6d:0e:a0:9a:c2:07:a2:
fa:7c:c4:af:11:34:d0:94:5c:49:df:2c:ba:81:37:0a:7a:88:
9f:90:bd:1f:2e:08:79:34:e5:e2:ce:72:61:73:df:75:3a:18:
92:c0:69:6b:9b:b3:41:79:c1:83:30:14:64:79:0f:77:7c:a5:
02:30:8e:f2:1a:c6:cf:80:26:fa:e4:fa:2c:ae:04:14:94:8d:
08:55:c5:85:ce:3e:11:b4:e4:3b:9c:a6:e0:37:0f:61:b2:ed:
c0:a1:09:cd:17:82:bc:6a:31:26:c7:f8:b9:95:04:e1:fe:41:
ea:34:2b:c1:e8:12:7f:34:ed:ec:a6:da:1a:75:72:93:4a:c5:
ea:2d:54:4e:f9:72:b5:a4:1f:20:46:db:39:fe:05:b9:31:94:
b7:24:fe:d8:1f:10:23:7d:2e:6f:e6:80:7f:d3:b4:c0:b0:86:
21:9a:01:99:08:3b:4e:6c:fd:f6:d1:47:9c:4f:c1:ae:34:7a:
73:08:b2:14:45:5f:60:6e:c2:1f:37:7d:50:4e:ad:63:60:cc:
77:4b:8a:d2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCEZaJjZFfKglJOjGPaVi+xJmcH4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzZaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3NDhhZjJjNjZlZmY1OWIyOTY0M2U1NWM3YTUzZTU3YWQ1OGRmOWQ4ODgz
MWY0OGIwMzUyOGYzZmFiNzgzM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGoliin8neF+/1TAB3TNkRy0VD06K92nQwtr6sno+1TDXZW3DZ5mNY7xGbH
HdhRlLclTKqDiF+m+LgfjYtYcBcCJmpk30DIHi21dwFtjk9SafE5yTZsEpMZ7n10
8NF01MEnX69u8ZRRSghsSIzInWTnHQcVp47gnkLXONaFr+tG5zJDxEL6V2tqn1uO
Uura8QrjdTZ4D11XA82q2c5/rlwO6mwox7L5BhirqY+2wcskOm9SfpXC8pol+ZIm
jBjIznGUyz+ArPrZjN/RlQs6H87FIUko/IL0bD2uZlKIZO2MmkwP3Er/+Ix+5q/4
YRZ/Kjja5KuDLmkSz4yrxkKmVWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTevIgB
XZnBEfbGjkphkT1DOHv6rjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQArYdu554hprL0HtnL4g/YyfTwsr8afaY+J/SRtNnmV
94aFJ2D2OTjlW8GyIrWVp20OoJrCB6L6fMSvETTQlFxJ3yy6gTcKeoifkL0fLgh5
NOXiznJhc991OhiSwGlrm7NBecGDMBRkeQ93fKUCMI7yGsbPgCb65PosrgQUlI0I
VcWFzj4RtOQ7nKbgNw9hsu3AoQnNF4K8ajEmx/i5lQTh/kHqNCvB6BJ/NO3sptoa
dXKTSsXqLVRO+XK1pB8gRts5/gW5MZS3JP7YHxAjfS5v5oB/07TAsIYhmgGZCDtO
bP320UecT8GuNHpzCLIURV9gbsIfN31QTq1jYMx3S4rS
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:59 2025 by rpki-client