Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: rgzECrOp+SXVSsLsOtpSCzrtEr8D9Cz+tyPn+PS3sHQ=
Subject key identifier: 35:27:76:54:9D:2B:8C:4E:82:75:39:A0:32:D0:8F:3F:25:1F:61:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 16E9C5DAB7B1F80B444984E50AA3B5C06030C108
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Fri 15 Aug 2025 15:50:38 +0000
ROA not before: Fri 15 Aug 2025 15:50:38 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:e9:c5:da:b7:b1:f8:0b:44:49:84:e5:0a:a3:b5:c0:60:30:c1:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:38 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=20bf10bf58b5a16103bbad06a348aff58385d4d1b6258d1bbb10350abe762b9c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:44:c5:cb:fc:26:73:e0:5f:f0:e2:f0:a2:05:
97:d4:41:a1:27:a8:dd:63:ed:09:0b:f6:91:00:3f:
94:27:f6:7a:31:33:81:d6:c9:da:9a:21:4c:6a:9e:
54:87:16:f9:54:10:ca:8a:b6:0d:9c:75:7d:03:d9:
dd:4e:8f:ba:56:7e:52:07:0d:bc:72:81:99:94:2e:
c0:4b:5d:af:a2:66:70:6f:c2:c6:e2:d8:93:0c:2b:
45:bd:e6:07:10:a9:7f:7e:bc:19:61:ad:ca:5f:14:
5f:ef:8b:0a:94:74:e8:49:57:95:27:f9:cf:38:6e:
6b:e0:2b:2e:f8:75:7d:60:51:39:64:a3:00:33:df:
28:7c:2f:c4:38:75:ea:d4:4e:d9:95:0e:25:c0:6b:
70:07:d7:ad:de:ee:b6:77:8c:9c:78:c5:17:00:8e:
fe:e0:0b:df:74:17:6b:04:f3:39:e4:d6:57:45:e5:
25:7f:75:3f:13:2c:90:78:d2:61:02:3e:14:5d:5d:
87:6f:d9:b6:b8:a3:67:a0:cc:d8:2f:3b:e6:03:00:
b6:64:96:41:ba:0d:2f:42:52:5d:fb:6d:3a:09:f4:
4f:0e:83:61:f7:dc:73:b9:45:de:e7:62:54:0d:28:
49:2d:f7:0d:53:df:99:a6:e4:b6:1c:76:19:3d:e6:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:27:76:54:9D:2B:8C:4E:82:75:39:A0:32:D0:8F:3F:25:1F:61:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:37:16:2d:98:51:84:f3:bd:54:61:81:9c:7e:46:dd:50:3d:
64:74:b9:e7:aa:30:8a:c0:0c:95:31:67:63:49:f0:9a:8c:ef:
74:26:95:18:c4:3e:f2:7e:00:a1:00:fb:2a:f1:40:ba:75:47:
c1:a7:ef:cf:c1:d0:37:75:9d:05:a5:8d:1f:c6:76:db:27:c6:
c2:66:1c:d8:21:d7:20:1d:59:4c:73:62:7f:a1:65:23:df:bd:
ef:97:f0:3f:31:00:fe:47:0a:8e:3f:9a:3a:0d:df:08:d5:32:
2d:b5:0c:0f:21:12:70:0c:0d:00:46:20:37:d7:56:b5:15:25:
2f:07:f3:36:15:3c:a9:ac:41:56:bd:27:4a:0d:c2:4b:c5:eb:
67:5f:93:d6:d3:63:23:eb:e9:77:14:5f:a3:c2:77:03:0e:9c:
bc:6c:b0:e5:91:d9:27:2f:38:de:f2:77:ea:91:cb:e6:45:27:
76:71:68:0e:96:bf:bf:90:e6:93:f6:fb:a0:37:ea:11:2f:9e:
5d:a6:65:33:94:64:03:f4:d7:5e:73:ed:ad:6e:22:c9:81:97:
e3:3f:94:2b:19:25:59:5f:19:5a:3d:d5:f3:8a:96:74:2a:be:
9e:4d:d4:33:74:2c:1f:80:fe:79:60:27:60:1d:28:87:61:44:
d4:cd:56:cd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFunF2rex+AtESYTlCqO1wGAwwQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMzhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwYmYxMGJmNThiNWExNjEwM2JiYWQwNmEzNDhhZmY1ODM4NWQ0ZDFiNjI1
OGQxYmJiMTAzNTBhYmU3NjJiOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFExcv8JnPgX/Di8KIFl9RBoSeo3WPtCQv2kQA/lCf2ejEzgdbJ2pohTGqe
VIcW+VQQyoq2DZx1fQPZ3U6PulZ+UgcNvHKBmZQuwEtdr6JmcG/CxuLYkwwrRb3m
BxCpf368GWGtyl8UX++LCpR06ElXlSf5zzhua+ArLvh1fWBROWSjADPfKHwvxDh1
6tRO2ZUOJcBrcAfXrd7utneMnHjFFwCO/uAL33QXawTzOeTWV0XlJX91PxMskHjS
YQI+FF1dh2/ZtrijZ6DM2C875gMAtmSWQboNL0JSXfttOgn0Tw6DYffcc7lF3udi
VA0oSS33DVPfmabkthx2GT3mEDECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1J3ZU
nSuMToJ1OaAy0I8/JR9h/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHDcWLZhRhPO9VGGBnH5G3VA9ZHS556owisAMlTFn
Y0nwmozvdCaVGMQ+8n4AoQD7KvFAunVHwafvz8HQN3WdBaWNH8Z22yfGwmYc2CHX
IB1ZTHNif6FlI9+975fwPzEA/kcKjj+aOg3fCNUyLbUMDyEScAwNAEYgN9dWtRUl
LwfzNhU8qaxBVr0nSg3CS8XrZ1+T1tNjI+vpdxRfo8J3Aw6cvGyw5ZHZJy843vJ3
6pHL5kUndnFoDpa/v5Dmk/b7oDfqES+eXaZlM5RkA/TXXnPtrW4iyYGX4z+UKxkl
WV8ZWj3V84qWdCq+nk3UM3QsH4D+eWAnYB0oh2FE1M1WzQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:25 2025 by rpki-client