Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: Tfw7BEYmyJcaRT52rWYgh9jxPUalCRiCOhdI7K6HVQA=
Subject key identifier: 38:44:C6:31:D0:79:BC:94:6D:E3:A4:15:E0:67:A1:46:4F:52:F1:E1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 125F31B746BE8BDAF2537F867FE17AC88E2E4835
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Tue 05 Aug 2025 20:21:27 +0000
ROA not before: Tue 05 Aug 2025 20:21:27 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:5f:31:b7:46:be:8b:da:f2:53:7f:86:7f:e1:7a:c8:8e:2e:48:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:27 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=4907ca159a59f26d8f3ccdfff802513ecc62ce662a6d2ebc63b59a39c448bca9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:85:b8:41:cb:2d:14:9b:c9:62:25:e2:17:57:
79:82:9c:e7:28:b1:02:82:8c:e5:c6:57:55:a1:bd:
68:16:9b:d5:e2:31:19:70:be:72:12:22:f1:c8:b2:
d1:30:e4:f6:13:9e:1f:f2:38:d2:37:90:e4:b6:70:
ba:99:a6:d3:b1:32:4c:9d:ad:d9:c9:35:77:74:33:
11:49:1a:f0:70:fb:bd:2c:e6:c5:1c:0c:d8:22:53:
bb:0f:4c:18:0c:a6:3b:7a:a7:90:a5:03:af:2f:a6:
05:ae:fc:c7:03:97:21:42:4c:b9:4d:0f:2b:50:f9:
16:0a:cf:dc:cb:f8:fb:3f:20:b4:a9:a1:cd:2b:a5:
12:e3:b6:e6:76:be:db:23:7a:61:7f:a6:6d:65:0c:
38:fe:e8:03:bd:89:76:58:60:17:df:da:cc:bf:de:
c5:f4:37:cc:c6:ce:9d:c1:ae:ce:84:4f:a3:b5:65:
67:e9:90:94:67:b5:fd:3d:7f:e3:ac:2d:df:af:12:
1e:aa:df:ab:13:4d:81:54:b6:1d:f9:d2:b0:84:30:
ce:93:a9:ab:a5:e7:a8:48:e0:fe:43:fe:61:0e:b4:
ac:e0:50:0c:9b:9b:96:10:db:9a:4e:a9:2e:81:3c:
27:4f:1b:db:54:17:86:7f:6e:95:8b:fa:05:26:18:
d3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:44:C6:31:D0:79:BC:94:6D:E3:A4:15:E0:67:A1:46:4F:52:F1:E1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
31:f7:ca:7b:14:65:e2:5f:a9:39:99:ef:f3:ae:40:aa:13:8e:
73:40:d3:53:68:09:a0:7b:6a:80:4c:5b:14:4a:e2:d9:94:bd:
03:f9:52:4b:fe:ec:3e:f3:c4:bc:b2:88:63:31:74:f2:bb:3b:
30:7d:57:a4:29:50:6e:6e:b7:cc:64:12:a4:69:f7:55:4f:aa:
73:96:d5:5a:c6:d8:ff:c3:a2:30:ba:17:5d:5f:7d:72:44:e4:
3d:17:68:d9:bb:90:e6:13:fc:03:ba:2a:02:74:98:c6:5e:37:
74:da:78:4f:4d:c9:dc:f8:b3:fb:85:63:aa:3b:dd:c8:1a:d4:
92:3c:47:c9:ea:13:9d:29:d2:8f:ff:c5:58:72:b9:b2:31:19:
17:3e:10:ac:d0:64:27:c7:67:9b:c5:ff:84:57:e5:aa:ea:bb:
c9:be:36:66:5a:4c:bc:1b:f0:45:3c:b1:cf:5c:48:a4:08:1e:
a7:bb:c0:30:ef:5e:bd:3b:11:03:06:2f:c5:e3:54:c6:cb:0c:
00:99:0d:3f:7c:56:c5:42:4e:86:13:f3:ad:7b:bd:f1:ce:d5:
a3:88:b7:c8:1b:59:61:26:58:58:52:2a:bb:27:4b:ad:3e:ec:
ff:b0:6d:c7:c0:64:85:4e:e5:8d:2b:20:bd:81:f4:20:5e:5c:
90:90:41:01
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEl8xt0a+i9ryU3+Gf+F6yI4uSDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5MDdjYTE1OWE1OWYyNmQ4ZjNjY2RmZmY4MDI1MTNlY2M2MmNlNjYyYTZk
MmViYzYzYjU5YTM5YzQ0OGJjYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAICFuEHLLRSbyWIl4hdXeYKc5yixAoKM5cZXVaG9aBab1eIxGXC+chIi8ciy
0TDk9hOeH/I40jeQ5LZwupmm07EyTJ2t2ck1d3QzEUka8HD7vSzmxRwM2CJTuw9M
GAymO3qnkKUDry+mBa78xwOXIUJMuU0PK1D5FgrP3Mv4+z8gtKmhzSulEuO25na+
2yN6YX+mbWUMOP7oA72JdlhgF9/azL/exfQ3zMbOncGuzoRPo7VlZ+mQlGe1/T1/
46wt368SHqrfqxNNgVS2HfnSsIQwzpOpq6XnqEjg/kP+YQ60rOBQDJublhDbmk6p
LoE8J08b21QXhn9ulYv6BSYY03ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ4RMYx
0Hm8lG3jpBXgZ6FGT1Lx4TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAMffKexRl4l+pOZnv865AqhOOc0DTU2gJoHtqgExb
FEri2ZS9A/lSS/7sPvPEvLKIYzF08rs7MH1XpClQbm63zGQSpGn3VU+qc5bVWsbY
/8OiMLoXXV99ckTkPRdo2buQ5hP8A7oqAnSYxl43dNp4T03J3Piz+4VjqjvdyBrU
kjxHyeoTnSnSj//FWHK5sjEZFz4QrNBkJ8dnm8X/hFflquq7yb42ZlpMvBvwRTyx
z1xIpAgep7vAMO9evTsRAwYvxeNUxssMAJkNP3xWxUJOhhPzrXu98c7Vo4i3yBtZ
YSZYWFIquydLrT7s/7Btx8BkhU7ljSsgvYH0IF5ckJBBAQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:02 2025 by rpki-client