Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: cavZI7CKB9wAnpql7cu2qIH964507GglHDAmL7TI01Y=
Subject key identifier: 35:78:42:C9:EF:A8:2C:C3:BF:75:08:84:59:35:C6:ED:2C:43:B0:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 028D62CB99ABA7555243D9CAF059E5BE4BEE0A97
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Tue 05 Aug 2025 20:20:43 +0000
ROA not before: Tue 05 Aug 2025 20:20:43 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:8d:62:cb:99:ab:a7:55:52:43:d9:ca:f0:59:e5:be:4b:ee:0a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:43 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=547e2ecce764b9a18fae6577f8639b7895236954d501d0d53f5fa227cbc8abd0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:4f:be:9c:a7:dd:16:b5:f9:0d:fe:66:b4:53:
ad:89:50:8d:be:ff:d9:67:b0:8f:6d:f3:6a:0a:b3:
d2:45:af:b5:c0:11:e2:82:b1:77:4e:4c:46:4e:75:
b9:48:46:46:4d:b0:a8:e7:b6:43:cf:73:b9:4f:f6:
2e:65:bd:46:ce:d6:6c:22:91:90:fa:56:8d:8e:8a:
17:bc:b3:48:79:71:26:4b:05:ab:10:eb:12:06:be:
07:b1:49:ff:05:b3:c9:45:18:8a:e2:f3:d9:72:e5:
8b:82:ac:d4:ed:d9:1d:55:e6:37:95:e8:7c:56:e1:
27:87:70:b3:82:b8:82:50:4a:b3:cd:0d:ea:11:49:
25:81:36:81:92:3f:92:b0:1b:fa:9e:05:10:7c:ec:
31:55:68:a3:0a:84:4f:e3:7e:fa:d3:c1:6a:c5:80:
d4:02:1d:4b:6b:3a:91:34:6d:6a:6c:5d:b3:5f:77:
96:3a:09:af:ca:1d:0b:e6:bb:1f:10:1f:53:1a:c9:
1d:ff:3a:fd:4b:cf:a6:72:23:a7:f4:58:da:5d:cb:
56:eb:52:70:c9:29:9d:ae:a4:43:b9:4e:0f:cd:38:
8b:81:65:1b:b1:29:e1:52:d4:8d:03:c6:2b:58:38:
34:8c:a5:ad:f9:32:f2:6b:27:4f:64:ed:53:84:bd:
ed:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:78:42:C9:EF:A8:2C:C3:BF:75:08:84:59:35:C6:ED:2C:43:B0:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
73:f3:74:08:b5:3a:6c:ca:cb:8e:8b:fb:cd:9d:bf:0e:0f:26:
98:9d:39:25:d8:5a:cc:3c:3e:ba:f9:12:2d:d0:4c:c9:63:8a:
d5:2c:09:76:34:e8:1d:a6:f6:09:78:9d:00:cb:ea:92:58:40:
75:ab:3a:03:9f:82:ff:3e:53:58:74:ac:04:e9:69:69:17:83:
33:3c:d4:7f:7b:45:7e:bb:56:b3:c7:44:0c:b5:bd:e0:d6:2b:
9f:99:43:f1:62:b0:f6:d2:fc:d9:18:9b:d3:38:b5:4a:2e:38:
dd:17:e7:ec:69:24:0d:f8:13:54:cf:de:bb:06:09:a9:ba:61:
79:b8:ad:7e:44:f6:b3:51:d5:a2:c1:45:e2:a3:70:fa:89:90:
fa:93:66:18:50:63:bb:c9:d6:bc:c8:99:1f:79:49:d6:82:f8:
2c:fa:56:72:ee:37:24:10:31:b5:0a:6f:98:7b:41:02:45:a5:
ee:0b:73:a6:a8:85:86:be:ba:e6:79:d5:ba:3d:bf:af:34:e1:
bd:9d:ca:64:06:8c:79:05:9f:9d:ba:31:1a:55:bc:f9:13:73:
e7:1c:a3:e9:5b:a4:91:0b:29:25:fb:85:14:19:35:e3:c3:8a:
cc:68:91:04:a3:ee:e7:ff:0a:88:b5:2c:87:5c:9e:35:d6:2a:
d4:b2:d7:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAo1iy5mrp1VSQ9nK8FnlvkvuCpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNDNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0N2UyZWNjZTc2NGI5YTE4ZmFlNjU3N2Y4NjM5Yjc4OTUyMzY5NTRkNTAx
ZDBkNTNmNWZhMjI3Y2JjOGFiZDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPJPvpyn3Ra1+Q3+ZrRTrYlQjb7/2Wewj23zagqz0kWvtcAR4oKxd05MRk51
uUhGRk2wqOe2Q89zuU/2LmW9Rs7WbCKRkPpWjY6KF7yzSHlxJksFqxDrEga+B7FJ
/wWzyUUYiuLz2XLli4Ks1O3ZHVXmN5XofFbhJ4dws4K4glBKs80N6hFJJYE2gZI/
krAb+p4FEHzsMVVoowqET+N++tPBasWA1AIdS2s6kTRtamxds193ljoJr8odC+a7
HxAfUxrJHf86/UvPpnIjp/RY2l3LVutScMkpna6kQ7lOD804i4FlG7Ep4VLUjQPG
K1g4NIylrfky8msnT2TtU4S97Y8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ1eELJ
76gsw791CIRZNcbtLEOwODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQBz83QItTpsysuOi/vNnb8ODyaYnTkl2FrMPD66+RIt
0EzJY4rVLAl2NOgdpvYJeJ0Ay+qSWEB1qzoDn4L/PlNYdKwE6WlpF4MzPNR/e0V+
u1azx0QMtb3g1iufmUPxYrD20vzZGJvTOLVKLjjdF+fsaSQN+BNUz967BgmpumF5
uK1+RPazUdWiwUXio3D6iZD6k2YYUGO7yda8yJkfeUnWgvgs+lZy7jckEDG1Cm+Y
e0ECRaXuC3OmqIWGvrrmedW6Pb+vNOG9ncpkBox5BZ+dujEaVbz5E3PnHKPpW6SR
Cykl+4UUGTXjw4rMaJEEo+7n/wqItSyHXJ411irUstdA
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:15 2025 by rpki-client