Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: nvb+07w9KjYATBWCGXLBLybBr7njteosa3P2GMsTRkI=
Subject key identifier: F4:FD:9C:8E:C1:DA:3C:A3:93:DF:77:26:58:37:60:88:4F:67:56:48
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 621A6C4B78D34AF28EF6C7372AD47EE6BF505530
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Tue 05 Aug 2025 20:21:39 +0000
ROA not before: Tue 05 Aug 2025 20:21:39 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 17:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:1a:6c:4b:78:d3:4a:f2:8e:f6:c7:37:2a:d4:7e:e6:bf:50:55:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:39 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=498f440dfce245c7c9b3ad1d9fbb882d1253ab1bb3462bc3364aa08b3cff31b0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:f2:02:99:24:ff:2f:68:f6:6b:fc:05:1b:c8:
7a:38:b5:55:f3:b4:e6:78:10:d7:c1:01:1c:d6:11:
15:23:34:e8:09:7d:e6:72:d2:da:a4:c1:d7:bc:5c:
ac:88:91:18:84:4a:87:3c:bb:29:3b:b6:00:a4:3b:
5d:60:c8:0f:ea:a4:19:ed:84:56:92:fe:bd:f8:09:
7c:ed:0e:1c:d9:ec:5e:63:ce:73:06:99:c5:ac:0e:
21:46:5b:b5:75:7a:76:ca:75:c9:c1:8a:cc:c6:5b:
cf:c1:a8:e3:d5:45:ac:9c:a7:85:38:8b:06:3b:8c:
40:0e:70:6f:a7:15:5d:17:89:14:43:73:11:a3:d2:
c0:cd:40:78:30:2f:92:a1:7a:80:7d:f4:3b:60:26:
c3:e4:18:05:89:d8:07:2e:80:2b:b7:66:65:6e:e2:
52:0c:97:39:30:c2:26:8c:9a:17:a5:5b:93:c8:5c:
ab:93:e7:5e:d2:81:8d:3d:50:ec:15:86:87:45:94:
1c:84:41:eb:19:51:7b:39:36:08:ab:06:13:c1:ef:
58:6e:b7:62:db:0a:30:2f:09:90:f7:4a:6c:8f:44:
9f:4b:3d:65:b5:f9:9a:26:f6:60:4d:1a:7c:dd:0e:
34:30:fd:07:47:c3:a7:4e:46:b3:83:32:54:20:59:
e7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:FD:9C:8E:C1:DA:3C:A3:93:DF:77:26:58:37:60:88:4F:67:56:48
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
44:83:84:18:29:82:36:61:84:5b:50:ea:b0:76:57:51:99:2b:
d1:a4:05:58:b1:b2:8a:35:89:db:32:fa:8d:3f:a9:b8:16:c2:
a8:33:1b:2b:84:b0:0e:53:e2:6a:9b:07:8c:ac:32:47:3d:23:
a8:5a:b2:0b:19:da:04:ff:41:90:e4:e8:c2:a5:9f:f8:37:60:
06:33:e4:72:51:db:39:de:bc:d8:5c:2c:53:26:e8:6b:23:f9:
89:56:67:1f:54:7d:93:a9:c5:c4:b9:30:88:d7:ec:47:db:0e:
52:7a:ce:a3:3b:3c:35:c9:b4:6b:99:a1:35:09:0f:98:ff:64:
2b:0d:13:30:e3:09:40:b8:59:20:c8:65:42:15:17:5b:60:03:
9e:f0:a2:62:db:4d:0b:ac:c8:e0:e4:db:49:a5:17:15:89:07:
bb:9a:85:48:81:c4:36:52:96:87:ad:34:6b:4e:38:77:be:fa:
35:4c:5d:87:02:b0:4d:c6:5c:e2:26:f7:1a:43:da:16:58:1d:
89:38:fa:a0:93:58:48:47:e4:c6:24:0b:85:34:14:6c:c2:c0:
8c:a6:c4:72:78:75:36:0d:50:6b:ec:10:1d:de:89:e6:97:b7:
58:b6:e1:c0:7b:3a:6a:c4:a3:f7:96:f5:14:d9:e2:1f:3e:2e:
24:96:00:68
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYhpsS3jTSvKO9sc3KtR+5r9QVTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzlaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5OGY0NDBkZmNlMjQ1YzdjOWIzYWQxZDlmYmI4ODJkMTI1M2FiMWJiMzQ2
MmJjMzM2NGFhMDhiM2NmZjMxYjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzyApkk/y9o9mv8BRvIeji1VfO05ngQ18EBHNYRFSM06Al95nLS2qTB17xc
rIiRGIRKhzy7KTu2AKQ7XWDID+qkGe2EVpL+vfgJfO0OHNnsXmPOcwaZxawOIUZb
tXV6dsp1ycGKzMZbz8Go49VFrJynhTiLBjuMQA5wb6cVXReJFENzEaPSwM1AeDAv
kqF6gH30O2Amw+QYBYnYBy6AK7dmZW7iUgyXOTDCJoyaF6Vbk8hcq5PnXtKBjT1Q
7BWGh0WUHIRB6xlRezk2CKsGE8HvWG63YtsKMC8JkPdKbI9En0s9ZbX5mib2YE0a
fN0ONDD9B0fDp05Gs4MyVCBZ5+sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0/ZyO
wdo8o5PfdyZYN2CIT2dWSDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQBEg4QYKYI2YYRbUOqwdldRmSvRpAVYsbKKNYnbMvqN
P6m4FsKoMxsrhLAOU+JqmweMrDJHPSOoWrILGdoE/0GQ5OjCpZ/4N2AGM+RyUds5
3rzYXCxTJuhrI/mJVmcfVH2TqcXEuTCI1+xH2w5Ses6jOzw1ybRrmaE1CQ+Y/2Qr
DRMw4wlAuFkgyGVCFRdbYAOe8KJi200LrMjg5NtJpRcViQe7moVIgcQ2UpaHrTRr
Tjh3vvo1TF2HArBNxlziJvcaQ9oWWB2JOPqgk1hIR+TGJAuFNBRswsCMpsRyeHU2
DVBr7BAd3onml7dYtuHAezpqxKP3lvUU2eIfPi4klgBo
-----END CERTIFICATE-----
Generated at Thu Aug 21 22:13:29 2025 by rpki-client