Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: kWBC8qEobK4fgXspzXJcuwxfkKhUr3Dvn/5ANp8y65I=
Subject key identifier: 98:53:22:69:28:36:8D:1E:29:9F:7F:E2:4C:F8:CA:AA:9B:04:E5:BC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A75E261BB712478E3B3BF9473649D4A38ABDDE3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Fri 15 Aug 2025 15:50:07 +0000
ROA not before: Fri 15 Aug 2025 15:50:07 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:75:e2:61:bb:71:24:78:e3:b3:bf:94:73:64:9d:4a:38:ab:dd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:07 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=a456ac0934a3ce07910fc967ee15339aca0a0875bdadbd675ffba092d5062206, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:9d:0f:f4:55:b7:2c:7e:ef:b0:e5:63:74:
65:76:af:38:4f:25:02:fd:cc:9d:50:61:3b:cd:f9:
ca:bf:a8:a3:3e:f0:ad:dd:63:37:a0:bf:67:8a:ea:
b2:66:01:25:5d:ce:c4:b5:e5:98:77:1a:51:8e:d7:
13:a6:8a:c1:5f:71:92:29:20:55:cd:8d:e9:65:22:
e4:4a:54:cd:b3:9e:88:b4:88:14:9b:1c:8c:45:c6:
60:ee:8e:84:17:b0:b6:4a:c9:c7:2a:35:03:a4:8b:
ef:cd:ca:47:a8:41:a5:25:d8:c7:8e:73:13:37:58:
be:89:0d:49:f0:44:2e:e2:ed:ba:e2:84:de:f5:d0:
0e:eb:a3:3e:e3:cb:ef:59:f1:4c:fc:d3:a5:9c:68:
bd:24:33:9e:10:3b:1f:14:6e:74:f8:5e:58:d9:b3:
d7:12:44:04:57:c0:8d:72:b3:4f:a4:59:a8:00:f7:
d5:ba:b3:1c:4a:57:09:1d:24:d2:79:d8:f4:26:a4:
ac:65:e4:36:88:66:81:51:0d:3d:46:5f:38:86:e9:
d5:b6:0f:13:18:92:c6:a7:be:13:a7:b2:fb:e4:61:
3a:1e:ff:2d:a8:50:01:a4:c9:fc:26:bb:bc:dc:53:
89:49:e9:69:fb:b3:f9:a4:c2:a2:67:8a:24:77:55:
05:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:53:22:69:28:36:8D:1E:29:9F:7F:E2:4C:F8:CA:AA:9B:04:E5:BC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:8c:41:31:22:b0:d7:fc:d9:29:09:35:a6:12:42:14:0f:32:
8f:84:ad:1c:06:51:cd:7d:6e:c6:2f:7f:66:e1:80:d1:09:aa:
76:e8:d7:40:eb:4f:d7:e7:8b:95:0b:26:e0:88:df:b7:66:9a:
93:bd:26:a9:6a:c6:a4:26:82:6f:78:a7:15:26:30:7c:82:1e:
32:9d:a2:8c:c6:ac:57:80:44:9e:8d:ae:0d:ee:c9:b9:1a:f1:
fe:fa:a1:53:cb:b3:c3:39:8f:84:a6:50:0e:5a:e8:f6:30:42:
cf:9c:77:7c:08:eb:d3:38:ff:24:fa:83:d5:88:77:8a:cc:13:
3c:56:26:72:42:e9:e2:91:84:e6:55:d5:27:2d:48:79:60:56:
10:3d:13:4e:e0:69:07:4e:b4:6c:d8:88:21:84:f5:b6:f3:95:
89:60:9c:35:75:07:75:ec:5f:da:77:9e:1b:25:a9:75:43:85:
2d:3d:44:24:94:9c:00:20:2a:b8:6f:a0:d8:b7:8a:60:3c:44:
5d:8a:5a:6a:29:1d:d2:5f:01:39:c4:3f:55:b1:55:e9:99:ad:
58:c9:ca:4d:ad:cd:85:d2:3e:b2:87:68:ec:dc:40:cc:b2:55:
0c:71:e4:9e:a4:be:e9:b6:87:d8:ac:cf:f3:21:96:88:1e:fd:
47:4b:a1:c6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCnXiYbtxJHjjs7+Uc2SdSjir3eMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDdaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NTZhYzA5MzRhM2NlMDc5MTBmYzk2N2VlMTUzMzlhY2EwYTA4NzViZGFk
YmQ2NzVmZmJhMDkyZDUwNjIyMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmNnQ/0Vbcsfu+w5WN0ZXavOE8lAv3MnVBhO835yr+ooz7wrd1jN6C/Z4rq
smYBJV3OxLXlmHcaUY7XE6aKwV9xkikgVc2N6WUi5EpUzbOeiLSIFJscjEXGYO6O
hBewtkrJxyo1A6SL783KR6hBpSXYx45zEzdYvokNSfBELuLtuuKE3vXQDuujPuPL
71nxTPzTpZxovSQznhA7HxRudPheWNmz1xJEBFfAjXKzT6RZqAD31bqzHEpXCR0k
0nnY9CakrGXkNohmgVENPUZfOIbp1bYPExiSxqe+E6ey++RhOh7/LahQAaTJ/Ca7
vNxTiUnpafuz+aTComeKJHdVBbsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSYUyJp
KDaNHimff+JM+MqqmwTlvDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQAejEExIrDX/NkpCTWmEkIUDzKPhK0cBlHNfW7GL39m
4YDRCap26NdA60/X54uVCybgiN+3ZpqTvSapasakJoJveKcVJjB8gh4ynaKMxqxX
gESeja4N7sm5GvH++qFTy7PDOY+EplAOWuj2MELPnHd8COvTOP8k+oPViHeKzBM8
ViZyQunikYTmVdUnLUh5YFYQPRNO4GkHTrRs2IghhPW285WJYJw1dQd17F/ad54b
Jal1Q4UtPUQklJwAICq4b6DYt4pgPERdilpqKR3SXwE5xD9VsVXpma1YycpNrc2F
0j6yh2js3EDMslUMceSepL7ptofYrM/zIZaIHv1HS6HG
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:41:12 2025 by rpki-client