Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
File: 387a5e5f-3658-431f-b236-d486cddcae07.roa (raw, json)
Hash identifier: +HkkWl+85NMxL8u4TESyvzzPTr79DPXAYvqvVdbxYwE=
Subject key identifier: 41:F4:EA:06:26:57:98:84:3C:66:D6:39:F9:6E:94:CB:39:4F:A1:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64F32673523A09D8A646CFC379D6EF9693588F7B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
Signing time: Tue 19 Aug 2025 17:00:03 +0000
ROA not before: Tue 19 Aug 2025 17:00:03 +0000
ROA not after: Tue 23 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:f3:26:73:52:3a:09:d8:a6:46:cf:c3:79:d6:ef:96:93:58:8f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 19 17:00:03 2025 GMT
Not After : Sep 23 23:59:59 2025 GMT
Subject: serialNumber=d4cc3c92a87f0bc48a67600780b658bcc1da1ba1c4e5f4e72e2853a8dce8eb8e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:88:94:cb:b0:26:33:ab:de:b9:65:fd:d3:3a:
af:db:55:dd:69:76:ea:bc:67:40:5b:5f:4b:24:81:
41:8d:7c:d4:d0:82:f9:d1:6c:d7:e0:9d:9a:8e:93:
b0:14:7d:c1:b9:36:09:8f:3a:c6:f2:94:65:7a:3c:
64:28:d9:dd:78:24:ff:40:25:93:7c:d0:9f:80:6e:
db:63:9f:28:a4:6b:07:ee:df:ef:09:c8:a5:b5:70:
b0:cd:f8:8a:1d:17:38:33:b0:e4:e5:dd:83:05:63:
a3:6e:b9:94:a0:20:ef:d3:04:b4:f0:05:5b:e3:cd:
f7:b7:0c:c1:eb:9e:7e:dc:16:fa:fc:79:32:65:62:
dc:88:c6:90:ce:61:4c:be:28:51:34:1f:9d:e1:f0:
44:de:a1:be:2f:f6:43:2f:6d:10:84:44:2f:a0:02:
18:00:97:e2:14:56:ef:de:9c:be:7d:62:70:73:c4:
08:e4:b7:f3:59:c9:9d:1b:15:97:08:f9:3e:b0:25:
45:2a:3d:8d:56:4e:67:24:53:57:e4:fb:10:a0:89:
64:68:9b:d4:4d:53:b7:3f:e0:31:38:ab:fc:b6:e5:
06:51:6c:fb:20:f5:aa:0d:e0:8e:bf:50:f8:93:d1:
d8:d3:8e:dc:40:74:88:bc:1f:a3:be:57:c1:7b:4e:
58:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F4:EA:06:26:57:98:84:3C:66:D6:39:F9:6E:94:CB:39:4F:A1:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
61:de:e2:cd:d7:16:a0:c2:0f:2e:fb:22:54:7f:99:7e:05:bc:
35:17:6d:b5:b0:43:2d:97:cb:51:4c:f7:83:a9:6d:4b:e1:e3:
f1:af:0c:f8:c0:25:82:23:71:3b:d9:98:48:76:c0:0b:6d:e5:
2c:af:2a:c8:37:e0:8f:e1:ff:e1:cd:a6:a2:03:a6:64:ac:21:
be:57:8b:fb:6e:2c:6f:37:c2:71:3d:28:55:c9:d1:56:7c:f2:
51:d9:1a:ac:42:53:de:45:f5:80:a4:6a:53:a7:6b:bf:d0:75:
e2:b5:28:ca:ee:6e:da:dc:6d:72:c9:f1:55:eb:05:22:4c:9f:
1d:90:25:4d:9b:d2:5a:06:3b:24:0d:99:0b:4c:e8:e2:fe:aa:
fe:d5:33:2e:bb:ce:8b:bf:f6:1d:4e:c1:7e:72:0b:80:1a:01:
40:5f:5b:cf:4b:04:1f:fd:73:21:a5:70:10:86:95:b6:0a:24:
88:83:96:1e:ee:ff:f0:56:b9:f4:ca:35:22:0f:15:f0:1c:40:
04:4d:00:3c:b5:eb:db:b2:02:43:88:f0:67:0f:82:20:e7:79:
42:97:92:4a:fb:8a:1f:e1:79:57:36:a8:11:57:55:27:3e:0e:
e9:cf:21:be:05:4c:da:70:74:cc:bd:1d:ef:54:90:be:70:53:
6d:74:2d:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZPMmc1I6CdimRs/DedbvlpNYj3swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTkxNzAwMDNaFw0yNTA5MjMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0Y2MzYzkyYTg3ZjBiYzQ4YTY3NjAwNzgwYjY1OGJjYzFkYTFiYTFjNGU1
ZjRlNzJlMjg1M2E4ZGNlOGViOGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOOIlMuwJjOr3rll/dM6r9tV3Wl26rxnQFtfSySBQY181NCC+dFs1+Cdmo6T
sBR9wbk2CY86xvKUZXo8ZCjZ3Xgk/0Alk3zQn4Bu22OfKKRrB+7f7wnIpbVwsM34
ih0XODOw5OXdgwVjo265lKAg79MEtPAFW+PN97cMweueftwW+vx5MmVi3IjGkM5h
TL4oUTQfneHwRN6hvi/2Qy9tEIREL6ACGACX4hRW796cvn1icHPECOS381nJnRsV
lwj5PrAlRSo9jVZOZyRTV+T7EKCJZGib1E1Ttz/gMTir/LblBlFs+yD1qg3gjr9Q
+JPR2NOO3EB0iLwfo75XwXtOWNcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRB9OoG
JleYhDxm1jn5bpTLOU+hdTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzg3YTVlNWYtMzY1OC00MzFmLWIyMzYtZDQ4NmNkZGNhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAYd7izdcWoMIPLvsiVH+ZfgW8NRdttbBDLZfLUUz3
g6ltS+Hj8a8M+MAlgiNxO9mYSHbAC23lLK8qyDfgj+H/4c2mogOmZKwhvleL+24s
bzfCcT0oVcnRVnzyUdkarEJT3kX1gKRqU6drv9B14rUoyu5u2txtcsnxVesFIkyf
HZAlTZvSWgY7JA2ZC0zo4v6q/tUzLrvOi7/2HU7BfnILgBoBQF9bz0sEH/1zIaVw
EIaVtgokiIOWHu7/8Fa59Mo1Ig8V8BxABE0APLXr27ICQ4jwZw+CIOd5QpeSSvuK
H+F5VzaoEVdVJz4O6c8hvgVM2nB0zL0d71SQvnBTbXQtEg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:58 2025 by rpki-client