Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: y3iMeOsIYYI/LtihJUdjDD6//uNNAxJZEXE7ShfYymI=
Subject key identifier: 46:E6:BE:CA:CA:89:E6:27:8A:2D:F4:CE:76:F5:2B:90:6F:AF:3D:87
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43B05E88B913E27142D94462F29FA6B6C172E179
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Mon 01 Sep 2025 21:30:18 +0000
ROA not before: Mon 01 Sep 2025 21:30:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:b0:5e:88:b9:13:e2:71:42:d9:44:62:f2:9f:a6:b6:c1:72:e1:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=854f3eab87d09bd0ad4211a23795bc7818f75fe6d16bbec72c319d7f81e8cc38, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:93:43:a2:8e:cc:7f:64:3a:07:80:c2:41:a5:
f1:14:eb:53:3b:6b:18:02:b1:6e:f8:0a:6d:5a:3d:
9b:0e:ab:29:82:20:19:46:b0:87:d1:f1:bc:5a:7f:
8f:89:fa:53:42:e9:f7:bd:0e:83:e9:38:d4:8f:72:
cd:99:1b:95:04:d4:9b:64:cd:f1:d6:c6:6d:e8:22:
4e:6a:7c:d3:98:69:60:ab:64:d2:f7:ed:92:f8:fe:
a4:fb:df:fa:73:8c:cd:5c:3c:84:b9:ee:97:8e:a4:
1c:51:90:8f:f7:8c:22:74:d3:25:18:77:52:bc:8c:
18:30:d3:b0:fe:c4:66:d5:4c:e7:1e:2b:49:b9:17:
16:d2:30:2b:9a:f4:bc:1d:96:39:ee:c5:03:8b:ee:
ef:94:e0:4f:02:2b:61:5e:88:3c:ce:44:ba:e3:19:
bb:51:e6:c3:26:c0:f5:af:98:49:be:01:5f:a1:dc:
bd:13:59:5e:fa:12:31:a8:dd:3d:2c:b7:27:75:56:
b2:40:91:97:43:e0:60:5e:1f:4d:d3:d3:b4:89:8d:
45:4e:00:58:2d:58:5d:44:98:5f:9e:6e:82:1f:83:
29:92:da:7a:31:7d:42:b7:20:a0:fd:c0:0a:c1:dd:
5f:b4:5f:11:7e:31:29:27:10:53:5c:72:9d:31:9f:
86:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E6:BE:CA:CA:89:E6:27:8A:2D:F4:CE:76:F5:2B:90:6F:AF:3D:87
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
43:97:0d:da:ab:e8:d6:1e:97:c7:62:67:d2:36:52:36:57:0c:
36:e8:0b:86:13:c5:ed:fb:e1:ab:93:70:cc:44:26:45:ce:e6:
68:50:9e:5d:3c:59:b1:61:a7:5f:72:ab:69:47:70:2a:1d:84:
0c:e8:85:a1:f0:a5:8a:ba:57:b4:fc:02:fa:49:bb:4f:51:52:
c1:c2:85:be:76:ab:f5:29:45:85:03:9b:fa:8d:f7:a9:15:d7:
4c:9c:19:42:bd:fc:02:a1:95:ff:f3:5d:cb:2d:dc:9b:11:51:
57:db:0c:3f:be:7b:ae:22:7e:28:31:0f:94:34:e6:7a:2d:8c:
96:9a:dd:55:98:8e:f9:d0:69:ac:ea:05:8a:d9:f9:4d:56:d3:
3b:4e:22:9f:fc:f4:95:f4:ad:87:02:d6:93:ba:7e:ff:ac:66:
5b:18:1f:66:c8:5c:60:9d:d2:38:b2:88:75:1e:08:02:8b:f5:
c7:04:00:b6:ae:ca:53:ba:b5:b5:79:e3:45:0f:aa:ec:08:45:
f3:7c:3f:9b:c4:6c:2a:bd:68:17:4b:e1:16:7b:56:ed:4a:4a:
ea:d5:87:93:47:df:1a:82:64:fa:b2:93:bd:08:c4:d3:e2:a8:
d2:50:89:59:49:b4:0c:d0:b3:73:2a:99:d8:4b:30:2d:8f:c9:
7e:cd:5b:3c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQ7BeiLkT4nFC2URi8p+mtsFy4XkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1NGYzZWFiODdkMDliZDBhZDQyMTFhMjM3OTViYzc4MThmNzVmZTZkMTZi
YmVjNzJjMzE5ZDdmODFlOGNjMzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6TQ6KOzH9kOgeAwkGl8RTrUztrGAKxbvgKbVo9mw6rKYIgGUawh9HxvFp/
j4n6U0Lp970Og+k41I9yzZkblQTUm2TN8dbGbegiTmp805hpYKtk0vftkvj+pPvf
+nOMzVw8hLnul46kHFGQj/eMInTTJRh3UryMGDDTsP7EZtVM5x4rSbkXFtIwK5r0
vB2WOe7FA4vu75TgTwIrYV6IPM5EuuMZu1HmwybA9a+YSb4BX6HcvRNZXvoSMajd
PSy3J3VWskCRl0PgYF4fTdPTtImNRU4AWC1YXUSYX55ugh+DKZLaejF9QrcgoP3A
CsHdX7RfEX4xKScQU1xynTGfhosCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRG5r7K
yonmJ4ot9M529SuQb689hzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAQ5cN2qvo1h6Xx2Jn0jZSNlcMNugLhhPF7fvhq5Nw
zEQmRc7maFCeXTxZsWGnX3KraUdwKh2EDOiFofClirpXtPwC+km7T1FSwcKFvnar
9SlFhQOb+o33qRXXTJwZQr38AqGV//Ndyy3cmxFRV9sMP757riJ+KDEPlDTmei2M
lprdVZiO+dBprOoFitn5TVbTO04in/z0lfSthwLWk7p+/6xmWxgfZshcYJ3SOLKI
dR4IAov1xwQAtq7KU7q1tXnjRQ+q7AhF83w/m8RsKr1oF0vhFntW7UpK6tWHk0ff
GoJk+rKTvQjE0+Ko0lCJWUm0DNCzcyqZ2EswLY/Jfs1bPA==
-----END CERTIFICATE-----
Generated at Mon Sep 15 19:02:11 2025 by rpki-client