Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: VHsAfC/gXzllGgjVTNXQAlf0w52/r+Y5Goo0/n2sziw=
Subject key identifier: 04:EB:7D:DB:AD:94:66:43:A8:49:66:CF:78:D2:C7:30:DE:A5:59:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D5126251DD53D233FA3D40D0A5D922975757E58
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Fri 08 Aug 2025 00:40:41 +0000
ROA not before: Fri 08 Aug 2025 00:40:41 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:51:26:25:1d:d5:3d:23:3f:a3:d4:0d:0a:5d:92:29:75:75:7e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:41 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=f2cd2ace5ccad19760bb60e99e428e41673db7f3aa34ea12508d28ce2d49acc2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8b:d4:a8:93:e1:8d:ba:24:1c:1a:f5:42:d3:
64:ad:6f:ae:a1:48:d8:80:d4:ef:15:49:b6:50:50:
9c:2b:6d:f7:15:71:aa:d7:93:a6:5d:6f:5f:a9:71:
b9:e6:71:a7:35:8e:5e:b7:76:2b:56:a8:3e:07:13:
c5:9f:1c:43:dc:22:24:fa:b2:f0:fa:21:ec:42:5a:
df:55:c2:cf:48:84:af:b7:35:7a:87:60:29:69:1b:
cb:89:7e:4d:a0:52:c1:a7:34:8a:fb:01:8f:06:2d:
63:a9:1c:12:10:13:bc:33:2e:3e:9d:04:34:78:b1:
0e:77:8b:e6:0e:9a:3e:0b:2a:84:4a:26:de:17:d9:
ee:d9:b5:a4:e4:8d:1d:db:fa:4c:03:02:d9:e5:02:
ee:7d:5e:1b:6d:d7:e3:17:a4:3f:e0:c9:57:82:bd:
45:21:24:74:01:d7:e4:5d:e8:40:55:b0:b9:00:59:
6a:a2:e1:41:bc:f8:ac:3d:52:3b:d3:7f:b8:27:1e:
d3:68:6b:f1:67:f6:d7:88:75:05:66:bc:de:c7:1f:
73:c1:c1:9c:94:d5:57:20:ce:1e:e9:69:95:c4:60:
3e:28:79:7a:bf:c0:7b:4f:71:b4:11:2f:57:5f:a6:
11:06:a9:7a:c9:31:04:bd:2b:86:2e:6c:aa:8f:07:
ad:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EB:7D:DB:AD:94:66:43:A8:49:66:CF:78:D2:C7:30:DE:A5:59:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
17:42:b9:89:71:8c:53:cf:82:d2:9e:1a:f2:7f:7f:a8:3e:13:
53:9d:29:ff:02:b8:1a:3c:27:61:2e:3d:28:a0:99:03:6a:5b:
7f:8c:c7:73:29:53:13:4a:df:72:4d:98:0e:dc:19:32:09:81:
94:b7:f9:9d:df:9c:15:30:61:c2:a3:46:f0:59:d8:3e:e8:a0:
cf:e2:b8:d2:38:80:f9:e1:7e:b7:bf:b0:92:61:6a:4c:73:31:
9c:77:f6:d6:7c:9a:7b:b5:33:37:56:45:66:e6:3c:32:67:23:
3a:fb:05:0e:b1:14:dc:83:25:d2:50:8c:a5:72:d2:29:f3:dd:
86:15:cc:70:aa:0e:8b:af:d9:1b:3d:b4:07:6d:64:b4:d2:e1:
20:ed:d9:0d:af:77:3b:bf:51:91:f9:6d:78:17:c5:d0:27:ac:
62:b1:98:51:49:84:82:c7:e0:20:35:08:27:9a:51:13:7a:40:
6f:ef:44:33:29:e7:32:27:b5:02:55:66:d6:dc:a3:1e:15:e7:
a5:16:c5:cf:6f:f6:5d:53:2e:a3:0d:96:0d:ed:7f:2e:1d:d8:
2e:88:20:31:6d:d4:52:29:90:8d:ab:3e:57:67:c1:57:93:7a:
dc:08:e5:41:0d:04:3e:8f:02:6f:d5:78:34:6a:e2:dc:21:60:
e7:22:31:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXVEmJR3VPSM/o9QNCl2SKXV1flgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwNDFaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyY2QyYWNlNWNjYWQxOTc2MGJiNjBlOTllNDI4ZTQxNjczZGI3ZjNhYTM0
ZWExMjUwOGQyOGNlMmQ0OWFjYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANWL1KiT4Y26JBwa9ULTZK1vrqFI2IDU7xVJtlBQnCtt9xVxqteTpl1vX6lx
ueZxpzWOXrd2K1aoPgcTxZ8cQ9wiJPqy8Poh7EJa31XCz0iEr7c1eodgKWkby4l+
TaBSwac0ivsBjwYtY6kcEhATvDMuPp0ENHixDneL5g6aPgsqhEom3hfZ7tm1pOSN
Hdv6TAMC2eUC7n1eG23X4xekP+DJV4K9RSEkdAHX5F3oQFWwuQBZaqLhQbz4rD1S
O9N/uCce02hr8Wf214h1BWa83scfc8HBnJTVVyDOHulplcRgPih5er/Ae09xtBEv
V1+mEQapeskxBL0rhi5sqo8HrYUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQE633b
rZRmQ6hJZs940scw3qVZjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAF0K5iXGMU8+C0p4a8n9/qD4TU50p/wK4GjwnYS49
KKCZA2pbf4zHcylTE0rfck2YDtwZMgmBlLf5nd+cFTBhwqNG8FnYPuigz+K40jiA
+eF+t7+wkmFqTHMxnHf21nyae7UzN1ZFZuY8MmcjOvsFDrEU3IMl0lCMpXLSKfPd
hhXMcKoOi6/ZGz20B21ktNLhIO3ZDa93O79RkflteBfF0CesYrGYUUmEgsfgIDUI
J5pRE3pAb+9EMynnMie1AlVm1tyjHhXnpRbFz2/2XVMuow2WDe1/Lh3YLoggMW3U
UimQjas+V2fBV5N63AjlQQ0EPo8Cb9V4NGri3CFg5yIx7w==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:41 2025 by rpki-client