Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: C2EkjRSQyLaVLiIkMl1kKikaFDJAbrzGnzC/m3lj06Q=
Subject key identifier: 9E:59:FE:5E:C4:72:0A:A2:73:1B:AD:9E:F4:C5:88:BA:57:18:3E:D3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38798BF93F58AAF5B3CE7FAA1BCDD1DF08A25773
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Fri 15 Aug 2025 15:50:39 +0000
ROA not before: Fri 15 Aug 2025 15:50:39 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:79:8b:f9:3f:58:aa:f5:b3:ce:7f:aa:1b:cd:d1:df:08:a2:57:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:39 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=3558e67289d643b2cea1180a9c5205e9557ffb561250be95f6521528d82c1be3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:08:c5:54:16:87:92:01:b5:17:5f:21:b5:0a:
7d:15:59:27:52:7a:3a:b2:f7:24:3f:4a:ad:9e:8b:
3b:0f:3f:47:91:d0:61:c9:8f:d0:5e:28:0c:06:bd:
6b:fb:74:0e:5c:50:76:3e:84:5c:f9:6c:e8:33:b0:
96:c5:04:16:30:52:25:68:64:5e:2f:f1:ae:c3:7f:
60:77:37:5f:6c:a7:c5:88:8a:b6:9f:59:6d:1d:8f:
ce:a4:10:6b:39:99:f5:14:1f:fc:59:cd:d7:b8:07:
ac:4a:c1:7f:35:de:22:35:53:83:c5:2a:7e:1f:1b:
26:27:81:7c:89:64:b1:69:66:02:46:d4:8b:1b:7c:
3e:4b:b4:34:51:9a:90:47:37:8a:ec:72:0c:d5:d8:
2b:16:88:f9:8f:da:d5:09:af:9b:2f:58:67:6b:cf:
ab:1b:53:cb:ff:0f:8e:49:37:f1:1a:71:99:80:00:
d0:bd:fa:74:15:83:52:bb:ce:13:65:5f:58:dc:31:
af:fa:5a:c9:92:1f:1e:50:4a:a2:9e:c5:57:7f:ea:
fd:13:ce:86:5e:4c:18:5a:c4:09:3a:d1:67:63:5b:
8d:73:11:d8:1a:24:a6:06:32:92:ee:a5:3d:5f:92:
63:0c:58:89:e3:03:25:5f:1b:a7:9f:54:4b:45:f8:
f7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:59:FE:5E:C4:72:0A:A2:73:1B:AD:9E:F4:C5:88:BA:57:18:3E:D3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b0:0e:4a:e8:cf:31:4f:1c:9d:af:c4:2c:68:11:0d:3e:a7:02:
93:f8:8b:01:0f:8c:82:c8:fc:b1:2e:50:cf:d5:40:a3:4f:69:
62:2c:47:37:ae:6d:67:2c:ef:84:34:36:4e:64:b7:49:86:be:
13:ad:2c:2c:5d:35:63:0e:56:03:75:6f:a3:b6:9c:4b:5c:11:
c1:d1:af:18:c5:2b:82:4e:7e:e1:95:23:d3:86:68:5d:fb:73:
c4:68:81:d6:17:3f:23:96:02:82:63:01:25:38:0a:48:d0:8b:
f1:33:4a:88:e5:04:d3:b6:f9:8a:82:0e:99:92:c6:67:0e:45:
63:ee:70:0f:29:07:8e:0b:4e:7d:44:08:e0:7c:4f:f1:e7:a2:
43:83:e1:6b:f0:10:cb:2a:35:e6:55:e8:f0:96:b4:d6:40:e9:
de:24:ee:42:d0:30:89:cc:4b:a1:a7:13:01:98:9a:82:56:78:
4c:b6:c8:51:53:a0:5a:e3:74:20:44:e9:c6:f0:dc:8a:6c:63:
8e:b1:3b:2d:f7:43:6c:5e:61:9a:a6:d0:d8:df:94:c7:a1:de:
95:a2:24:cb:31:d5:6a:56:07:a0:51:41:a7:16:dd:7b:36:5c:
f9:07:22:4e:17:43:05:b8:4f:81:56:59:41:d9:7d:34:df:3d:
17:17:ba:f0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOHmL+T9YqvWzzn+qG83R3wiiV3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMzlaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1NThlNjcyODlkNjQzYjJjZWExMTgwYTljNTIwNWU5NTU3ZmZiNTYxMjUw
YmU5NWY2NTIxNTI4ZDgyYzFiZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOgIxVQWh5IBtRdfIbUKfRVZJ1J6OrL3JD9KrZ6LOw8/R5HQYcmP0F4oDAa9
a/t0DlxQdj6EXPls6DOwlsUEFjBSJWhkXi/xrsN/YHc3X2ynxYiKtp9ZbR2PzqQQ
azmZ9RQf/FnN17gHrErBfzXeIjVTg8Uqfh8bJieBfIlksWlmAkbUixt8Pku0NFGa
kEc3iuxyDNXYKxaI+Y/a1Qmvmy9YZ2vPqxtTy/8Pjkk38RpxmYAA0L36dBWDUrvO
E2VfWNwxr/payZIfHlBKop7FV3/q/RPOhl5MGFrECTrRZ2NbjXMR2BokpgYyku6l
PV+SYwxYieMDJV8bp59US0X491kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSeWf5e
xHIKonMbrZ70xYi6Vxg+0zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQCwDkrozzFPHJ2vxCxoEQ0+pwKT+IsBD4yCyPyxLlDP
1UCjT2liLEc3rm1nLO+ENDZOZLdJhr4TrSwsXTVjDlYDdW+jtpxLXBHB0a8YxSuC
Tn7hlSPThmhd+3PEaIHWFz8jlgKCYwElOApI0IvxM0qI5QTTtvmKgg6ZksZnDkVj
7nAPKQeOC059RAjgfE/x56JDg+Fr8BDLKjXmVejwlrTWQOneJO5C0DCJzEuhpxMB
mJqCVnhMtshRU6Ba43QgROnG8NyKbGOOsTst90NsXmGaptDY35THod6VoiTLMdVq
VgegUUGnFt17Nlz5ByJOF0MFuE+BVllB2X003z0XF7rw
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:52 2025 by rpki-client