Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: J5awGc2VFrtFukZ2nwewkJwjSJtxH5/MkTkKvPJZwwk=
Subject key identifier: 86:C3:14:C9:31:8D:5F:A3:ED:B5:48:8C:88:89:B7:23:E9:B3:16:68
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 181C49143BF505A9A232147BA4C5B2B56AD05F5C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Tue 09 Sep 2025 16:10:19 +0000
ROA not before: Tue 09 Sep 2025 16:10:19 +0000
ROA not after: Tue 14 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:1c:49:14:3b:f5:05:a9:a2:32:14:7b:a4:c5:b2:b5:6a:d0:5f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 9 16:10:19 2025 GMT
Not After : Oct 14 23:59:59 2025 GMT
Subject: serialNumber=7ad79c84d692aea09027ff5410d6787cc583020041bd98b588bdf46a53d546b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b8:e8:8e:fb:a0:5e:f0:a9:b9:bf:43:ff:62:
a2:18:fe:c5:89:ff:e0:e2:14:87:ae:11:1f:32:8d:
97:1e:75:c7:50:70:c7:fa:3a:10:77:7e:57:38:09:
62:ea:2f:df:96:00:99:d7:f1:44:55:7b:f2:62:a4:
12:f1:23:51:d3:36:95:d7:20:69:58:2d:8c:f6:96:
09:6a:1f:44:29:7a:24:3a:0e:c7:90:01:da:5b:3b:
27:5e:db:26:6b:83:b6:46:88:22:a5:b8:e8:7b:26:
6e:e0:f0:a1:9b:ce:71:a8:47:21:67:a5:de:2d:27:
0d:ad:87:ba:f8:35:0c:26:70:ef:9b:8a:dd:e0:88:
be:8d:b4:31:07:bb:ad:06:45:33:83:bc:69:d4:5b:
d4:5d:cd:be:bc:28:6c:52:0d:37:ff:9e:ad:54:67:
a6:2a:39:c9:03:18:09:ad:f4:4c:d0:20:9e:0a:78:
47:d3:e0:ca:2f:e8:b9:ad:0b:f4:09:19:f8:98:1e:
c1:9d:22:1b:32:07:56:71:1f:42:82:71:eb:f9:a4:
18:eb:e5:58:c7:1f:f4:00:f2:58:2a:d4:05:fc:ad:
36:0b:a6:de:a0:64:82:ab:86:71:7f:6c:62:8b:5c:
b1:cc:59:f2:d8:38:25:5e:69:58:b3:d7:79:03:97:
b4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C3:14:C9:31:8D:5F:A3:ED:B5:48:8C:88:89:B7:23:E9:B3:16:68
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:b5:a2:81:28:8e:48:f2:69:45:67:9d:d5:5e:f0:5f:eb:97:
b1:18:4d:f0:b0:cd:15:36:1a:20:17:0b:05:22:55:46:81:e1:
69:73:51:8e:64:f0:5c:89:88:2e:69:83:82:b6:0d:e1:d5:55:
e3:f9:67:6e:33:1a:2e:3f:aa:66:8d:8b:96:2b:44:1c:93:48:
dd:54:88:d3:5b:fc:2f:ff:da:a8:3c:a3:04:ed:50:b0:86:32:
67:28:1a:6a:14:53:0d:1d:77:ed:5d:0c:60:42:37:c1:7e:7b:
29:9b:e3:96:1f:bd:b9:25:b6:93:4a:f2:e4:f0:9c:8c:81:9f:
ea:dc:b7:61:cd:b5:37:92:e4:9d:92:06:47:b9:c6:40:83:6e:
c1:19:ec:a1:89:de:1a:74:0e:ff:96:75:6a:f9:34:a0:61:7f:
11:59:18:03:52:86:d3:79:a7:79:17:db:c9:70:ec:18:9c:b4:
1f:e6:d5:38:56:66:0d:0d:8f:47:ad:6b:a2:d8:ec:37:42:ac:
c1:2a:1f:e4:19:76:31:d8:fa:73:4f:a5:c5:13:d2:cb:a9:02:
48:db:b9:41:c4:f6:4c:8f:db:89:08:f9:7f:2b:7f:4e:bc:97:
bb:a3:10:c2:54:90:79:16:34:e2:0e:8f:de:3b:68:9a:38:30:
48:72:12:55
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGBxJFDv1BamiMhR7pMWytWrQX1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDkxNjEwMTlaFw0yNTEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdhZDc5Yzg0ZDY5MmFlYTA5MDI3ZmY1NDEwZDY3ODdjYzU4MzAyMDA0MWJk
OThiNTg4YmRmNDZhNTNkNTQ2YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKm46I77oF7wqbm/Q/9iohj+xYn/4OIUh64RHzKNlx51x1Bwx/o6EHd+VzgJ
Yuov35YAmdfxRFV78mKkEvEjUdM2ldcgaVgtjPaWCWofRCl6JDoOx5AB2ls7J17b
JmuDtkaIIqW46HsmbuDwoZvOcahHIWel3i0nDa2Huvg1DCZw75uK3eCIvo20MQe7
rQZFM4O8adRb1F3NvrwobFINN/+erVRnpio5yQMYCa30TNAgngp4R9Pgyi/oua0L
9AkZ+JgewZ0iGzIHVnEfQoJx6/mkGOvlWMcf9ADyWCrUBfytNgum3qBkgquGcX9s
YotcscxZ8tg4JV5pWLPXeQOXtFMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSGwxTJ
MY1fo+21SIyIibcj6bMWaDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2E5ZDQ5NzAtOGU5Yy00ZDExLWExYzYtNzcyYTU3MTMzNGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEADbWigSiOSPJpRWed1V7wX+uXsRhN8LDNFTYaIBcL
BSJVRoHhaXNRjmTwXImILmmDgrYN4dVV4/lnbjMaLj+qZo2LlitEHJNI3VSI01v8
L//aqDyjBO1QsIYyZygaahRTDR137V0MYEI3wX57KZvjlh+9uSW2k0ry5PCcjIGf
6ty3Yc21N5LknZIGR7nGQINuwRnsoYneGnQO/5Z1avk0oGF/EVkYA1KG03mneRfb
yXDsGJy0H+bVOFZmDQ2PR61rotjsN0KswSof5Bl2Mdj6c0+lxRPSy6kCSNu5QcT2
TI/biQj5fyt/TryXu6MQwlSQeRY04g6P3jtomjgwSHISVQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:49:11 2025 by rpki-client