Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: kJVYt3eO1WOnJ65qVYCfDB9mcv52UOvAMpjjq6QKKOA=
Subject key identifier: 96:AF:95:FA:D7:E8:06:76:B4:31:3C:1E:EC:8D:AD:79:48:38:69:1B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 55CA4D6EEA0CE854F7D9CFE1647D1ADB16B2B4B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Tue 05 Aug 2025 20:20:52 +0000
ROA not before: Tue 05 Aug 2025 20:20:52 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:ca:4d:6e:ea:0c:e8:54:f7:d9:cf:e1:64:7d:1a:db:16:b2:b4:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:52 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=a98a242140d6b0d7cab03993956130aacd4ffe81ad5cf43187f90b328a741b17, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:77:c3:3b:f1:23:a3:aa:92:8b:89:10:5c:27:
c6:d5:6f:8a:f6:04:d7:f9:5c:3f:70:e2:5d:81:2e:
c9:48:49:59:3e:a7:00:1c:2f:c6:10:85:70:3f:6f:
51:7f:a5:7d:26:b6:8c:db:fc:53:ad:4d:51:ba:96:
91:85:37:53:ef:91:d8:e4:b8:a6:00:e2:4c:60:8b:
7d:e3:fa:fb:1f:c9:a9:c3:cf:a7:46:41:0d:3f:49:
06:2a:32:80:57:37:f8:70:d1:5e:ab:01:fb:2b:3c:
2c:64:6f:f9:61:de:90:8b:c7:68:51:6c:71:a4:f1:
3e:7e:49:34:6e:12:42:c3:7d:b7:f2:5d:5b:7c:bc:
a3:c8:98:df:15:55:74:53:56:e0:fe:bd:de:48:03:
42:f3:5b:53:ed:e6:2c:3b:b4:36:ce:2e:b0:38:26:
fa:c7:52:86:a9:65:54:9f:33:ae:0b:66:b9:18:64:
e9:7b:52:31:90:d7:03:7a:82:2d:f6:f7:39:fc:5f:
7b:f6:70:5a:e5:17:bb:82:9e:fc:d7:50:f8:6c:dc:
83:bc:28:6e:b5:44:a7:0d:23:57:4a:6c:cd:e4:89:
98:70:39:b2:9c:2c:88:aa:37:a8:db:ac:88:ed:1d:
4a:b3:1b:ec:c1:ee:56:5b:fc:47:0f:87:4e:e9:04:
cd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AF:95:FA:D7:E8:06:76:B4:31:3C:1E:EC:8D:AD:79:48:38:69:1B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
30:32:66:e7:1d:a5:3f:e5:25:08:be:5a:18:11:a6:fe:b4:a5:
5f:98:aa:dd:02:f5:a6:65:0a:06:55:45:73:3c:d6:0c:82:bd:
4b:85:b3:f6:fe:25:ec:52:5d:8f:ae:0e:df:30:89:31:59:1f:
d0:37:73:d8:6d:c5:0f:49:4c:f2:d0:f1:0f:4d:8e:e4:53:e6:
93:6d:88:56:04:fd:fb:af:10:97:04:a8:a0:72:15:5e:d6:a9:
27:8b:08:07:2a:b5:cd:09:b2:50:c7:54:bc:04:5c:ff:fd:cb:
08:40:a3:7e:9f:a7:a9:df:ed:c6:c6:40:b4:f9:2a:10:21:50:
63:82:10:92:53:8a:98:38:67:a1:83:cb:ed:e1:84:49:dc:b2:
10:a9:14:3d:7c:a8:11:df:46:6c:57:00:30:81:20:50:e8:64:
85:27:ea:3c:d9:67:5e:79:37:4b:9a:39:1f:16:33:bf:94:f9:
3a:c0:8d:89:4a:66:d0:43:1d:1a:71:3c:a2:37:f7:15:4b:20:
f8:20:70:25:f9:a0:ca:2b:d2:3c:db:75:7b:d5:c3:0d:c2:59:
16:40:44:be:34:4f:58:85:b5:8a:a2:ad:44:72:2c:5d:25:c5:
41:f0:9c:8f:05:a1:5a:3e:c2:64:80:a0:9f:a5:08:8c:d5:49:
a2:b5:e5:cf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVcpNbuoM6FT32c/hZH0a2xaytLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNTJaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5OGEyNDIxNDBkNmIwZDdjYWIwMzk5Mzk1NjEzMGFhY2Q0ZmZlODFhZDVj
ZjQzMTg3ZjkwYjMyOGE3NDFiMTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAON3wzvxI6OqkouJEFwnxtVvivYE1/lcP3DiXYEuyUhJWT6nABwvxhCFcD9v
UX+lfSa2jNv8U61NUbqWkYU3U++R2OS4pgDiTGCLfeP6+x/JqcPPp0ZBDT9JBioy
gFc3+HDRXqsB+ys8LGRv+WHekIvHaFFscaTxPn5JNG4SQsN9t/JdW3y8o8iY3xVV
dFNW4P693kgDQvNbU+3mLDu0Ns4usDgm+sdShqllVJ8zrgtmuRhk6XtSMZDXA3qC
Lfb3Ofxfe/ZwWuUXu4Ke/NdQ+Gzcg7wobrVEpw0jV0pszeSJmHA5spwsiKo3qNus
iO0dSrMb7MHuVlv8Rw+HTukEzUUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSWr5X6
1+gGdrQxPB7sja15SDhpGzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAMDJm5x2lP+UlCL5aGBGm/rSlX5iq3QL1pmUKBlVF
czzWDIK9S4Wz9v4l7FJdj64O3zCJMVkf0Ddz2G3FD0lM8tDxD02O5FPmk22IVgT9
+68QlwSooHIVXtapJ4sIByq1zQmyUMdUvARc//3LCECjfp+nqd/txsZAtPkqECFQ
Y4IQklOKmDhnoYPL7eGESdyyEKkUPXyoEd9GbFcAMIEgUOhkhSfqPNlnXnk3S5o5
HxYzv5T5OsCNiUpm0EMdGnE8ojf3FUsg+CBwJfmgyivSPNt1e9XDDcJZFkBEvjRP
WIW1iqKtRHIsXSXFQfCcjwWhWj7CZICgn6UIjNVJorXlzw==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:19 2025 by rpki-client