Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: E6VJLdJGy0g2x/LVH+iWllQbf8Pi7KUtpDQGk2z11qM=
Subject key identifier: 36:86:FC:39:E8:3D:7B:5B:CE:5F:AE:99:DC:F2:94:4D:81:A2:D6:E4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 242FC26250E18148F0D1CEB51AC94801D1A7EBE4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Tue 19 Aug 2025 17:00:04 +0000
ROA not before: Tue 19 Aug 2025 17:00:04 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:2f:c2:62:50:e1:81:48:f0:d1:ce:b5:1a:c9:48:01:d1:a7:eb:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 19 17:00:04 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=6ccdf0c16f008300afefd93ccb260ae81c2dae50b7363b988cdace6c5ccda5b1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:09:02:d2:0a:91:d1:ad:d0:3a:72:4f:8a:b8:
05:6f:ea:8e:22:8a:8c:d8:17:f1:46:9d:25:6f:14:
4b:31:30:48:f2:4e:14:94:70:cd:e6:23:62:79:ff:
36:ae:79:f4:5c:60:ac:d9:95:78:3d:f7:02:af:b9:
3b:5a:83:a0:ff:1b:b5:bb:95:39:44:b3:ee:4a:03:
bc:51:4a:b0:2a:49:1a:cb:7a:01:c4:bf:d0:7e:11:
cc:68:fe:07:f8:6c:d4:42:af:36:74:49:2c:78:50:
eb:d1:da:1b:08:c9:63:c2:78:3d:f5:85:db:3f:8a:
85:6b:77:c8:df:91:11:1f:60:c7:67:8e:9a:40:97:
c0:6e:18:72:38:b5:21:0b:9e:16:ae:38:ee:6b:31:
6e:eb:04:20:a1:e4:6f:7d:9f:6b:22:6c:a3:53:97:
7e:1c:76:2e:12:59:9b:6e:44:c9:06:85:e0:99:95:
ef:db:21:46:15:8d:79:98:ea:7c:42:7b:b4:cd:92:
4d:78:26:3e:2c:a1:8c:0a:a0:96:15:84:78:df:11:
fa:60:fc:f8:1a:05:9a:b4:cb:93:90:63:40:e6:44:
48:6d:e3:2a:da:e1:b4:9e:df:dc:61:6a:4e:ec:38:
c4:1f:d5:75:01:b1:cd:5b:f4:c9:84:9d:30:88:44:
a1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:86:FC:39:E8:3D:7B:5B:CE:5F:AE:99:DC:F2:94:4D:81:A2:D6:E4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
64:c4:42:d6:2e:dd:ed:75:ad:f3:29:d5:46:1a:fb:46:55:14:
e7:21:54:c0:1c:dc:88:1d:7c:65:e6:97:ba:e9:71:70:c4:f7:
c3:29:23:2a:f0:5b:99:f2:cf:b5:ee:f2:34:34:48:36:4f:4d:
86:e9:fb:3d:98:bb:85:94:56:d9:ed:ca:24:c5:1c:17:b1:58:
50:7b:84:a7:eb:58:22:c6:3c:11:a3:97:d3:ab:52:4f:1d:3b:
e7:5c:3f:da:19:c1:9d:a0:1f:07:61:bd:82:37:c8:6c:ed:3a:
2c:67:5b:df:7a:03:77:ef:29:6e:01:36:80:b8:e5:ff:e1:8a:
9d:c0:07:c9:e2:39:7b:0c:ad:09:97:df:f6:71:7e:d3:a4:d1:
62:67:3f:3c:84:1c:41:4e:17:b3:22:41:d4:18:e3:89:d8:b5:
3e:00:ae:fd:d7:1c:d0:de:2d:f2:06:71:19:16:81:75:a0:0a:
b5:ce:47:98:59:7e:ab:d1:9c:d2:d5:1f:bd:6f:02:94:38:d1:
28:fb:39:49:ca:0c:93:b4:c8:82:f1:1b:29:b0:f8:6a:86:58:
de:fd:d2:b7:6d:26:04:2d:b5:94:c6:da:37:02:57:ba:22:0a:
cc:12:3a:65:9e:2d:bb:86:23:b0:20:50:5e:09:d0:36:ab:57:
fb:c9:3e:7d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJC/CYlDhgUjw0c61GslIAdGn6+QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTkxNzAwMDRaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDZjY2RmMGMxNmYwMDgzMDBhZmVmZDkzY2NiMjYwYWU4MWMyZGFlNTBiNzM2
M2I5ODhjZGFjZTZjNWNjZGE1YjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANcJAtIKkdGt0DpyT4q4BW/qjiKKjNgX8UadJW8USzEwSPJOFJRwzeYjYnn/
Nq559FxgrNmVeD33Aq+5O1qDoP8btbuVOUSz7koDvFFKsCpJGst6AcS/0H4RzGj+
B/hs1EKvNnRJLHhQ69HaGwjJY8J4PfWF2z+KhWt3yN+RER9gx2eOmkCXwG4Ycji1
IQueFq447msxbusEIKHkb32fayJso1OXfhx2LhJZm25EyQaF4JmV79shRhWNeZjq
fEJ7tM2STXgmPiyhjAqglhWEeN8R+mD8+BoFmrTLk5BjQOZESG3jKtrhtJ7f3GFq
Tuw4xB/VdQGxzVv0yYSdMIhEoUECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ2hvw5
6D17W85frpnc8pRNgaLW5DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAZMRC1i7d7XWt8ynVRhr7RlUU5yFUwBzciB18ZeaX
uulxcMT3wykjKvBbmfLPte7yNDRINk9Nhun7PZi7hZRW2e3KJMUcF7FYUHuEp+tY
IsY8EaOX06tSTx0751w/2hnBnaAfB2G9gjfIbO06LGdb33oDd+8pbgE2gLjl/+GK
ncAHyeI5ewytCZff9nF+06TRYmc/PIQcQU4XsyJB1Bjjidi1PgCu/dcc0N4t8gZx
GRaBdaAKtc5HmFl+q9Gc0tUfvW8ClDjRKPs5ScoMk7TIgvEbKbD4aoZY3v3St20m
BC21lMbaNwJXuiIKzBI6ZZ4tu4YjsCBQXgnQNqtX+8k+fQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:39 2025 by rpki-client