Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: FrvxKhtIvlyA53hQ6x0sPmpDBGDf5d2PjMn74kf3MHw=
Subject key identifier: CE:0D:75:AE:96:6F:FF:81:0D:9B:A2:DD:1D:42:8F:97:13:91:B9:C2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 502875D525799BAA629371DA3501916AAEE9B7E8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Mon 01 Sep 2025 21:30:08 +0000
ROA not before: Mon 01 Sep 2025 21:30:08 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 13:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:28:75:d5:25:79:9b:aa:62:93:71:da:35:01:91:6a:ae:e9:b7:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:08 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=f18e33304e6e3070c22f3a79e709ed9f7bb4617ccb33544cebccfad2f9e5d36c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a6:0d:d1:25:9e:04:df:8b:d9:d3:bb:2d:86:
e1:cd:aa:37:cd:ec:8a:1b:92:16:bf:4c:52:a4:a7:
1e:10:f8:c0:40:2c:6e:fd:24:22:3d:27:d2:0a:97:
55:30:b7:10:36:d4:34:48:79:bb:35:c7:7e:7f:0b:
03:3b:a4:cd:a3:96:ed:ae:ef:bc:f2:8b:ad:b4:98:
69:b9:23:e6:9b:58:57:17:0f:9c:ce:8a:fd:df:c4:
59:8f:61:70:e2:77:95:30:1b:9a:5b:bb:a3:fd:fb:
f5:64:90:1c:37:2a:a5:bf:8a:aa:99:03:4a:4a:2d:
9c:f3:14:98:e7:3a:da:8a:7f:4c:b4:e8:72:42:13:
25:18:72:cd:48:e6:c9:9a:70:63:cb:2f:ef:f2:ce:
b3:ed:2c:9b:91:54:16:c7:58:89:45:0d:bf:00:e8:
b9:7d:e0:8a:15:7d:4a:a2:5a:3c:f8:99:3f:4a:01:
1e:13:93:67:d0:49:6f:c5:6f:4a:69:77:38:bd:71:
6c:1e:99:b9:17:a8:fd:1e:83:69:4e:34:4c:fa:a7:
39:90:22:14:ab:e3:e7:54:67:6a:07:db:40:f5:9c:
4f:1e:f3:b3:9c:f0:e1:a6:13:af:fc:4b:47:1e:8a:
33:36:e2:b3:31:69:6a:7c:9f:c4:6a:b9:03:14:10:
13:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0D:75:AE:96:6F:FF:81:0D:9B:A2:DD:1D:42:8F:97:13:91:B9:C2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
16:18:bf:61:41:12:e5:ea:6f:f4:84:3e:c4:2e:78:da:bf:17:
4f:05:2d:03:38:59:50:b4:0d:4d:74:10:8a:ba:12:11:df:79:
e1:b0:ac:29:7b:f6:0a:d7:c0:12:4b:f2:ba:0b:66:47:88:8d:
8b:f6:4a:9f:90:6e:03:dd:54:94:58:16:37:20:87:8f:cc:8d:
7e:7f:d5:42:d1:96:5f:69:77:e4:54:b7:b9:db:cc:b9:37:f9:
41:41:d6:70:75:49:9f:e8:e4:a0:24:d5:3e:81:2e:32:de:ed:
fa:7c:c8:ce:5f:e6:7a:69:9c:ad:04:26:47:5a:b8:58:d4:2f:
5f:54:57:a1:c3:dc:b7:02:5a:5e:9b:60:95:26:52:7d:0a:ce:
5d:5e:0c:c8:99:b3:2a:55:e6:9a:84:ae:b1:5e:61:23:c4:b2:
ea:2d:23:1c:31:52:9a:74:ba:c5:10:61:dc:23:3a:a6:02:bd:
b4:c3:37:53:79:d8:b4:9b:f7:10:ce:23:16:83:ec:67:2e:30:
9e:36:2b:fe:72:cc:86:be:fc:6e:f1:5f:90:65:37:56:cb:96:
52:57:81:ba:8a:7e:6e:18:e1:eb:23:16:59:dd:ed:eb:e9:af:
e3:53:c4:98:a7:f3:73:6d:f6:31:e3:b0:0c:ca:58:c2:86:9d:
a3:11:a3:dd
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUCh11SV5m6pik3HaNQGRaq7pt+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMDhaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxOGUzMzMwNGU2ZTMwNzBjMjJmM2E3OWU3MDllZDlmN2JiNDYxN2NjYjMz
NTQ0Y2ViY2NmYWQyZjllNWQzNmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK6mDdElngTfi9nTuy2G4c2qN83sihuSFr9MUqSnHhD4wEAsbv0kIj0n0gqX
VTC3EDbUNEh5uzXHfn8LAzukzaOW7a7vvPKLrbSYabkj5ptYVxcPnM6K/d/EWY9h
cOJ3lTAbmlu7o/379WSQHDcqpb+KqpkDSkotnPMUmOc62op/TLTockITJRhyzUjm
yZpwY8sv7/LOs+0sm5FUFsdYiUUNvwDouX3gihV9SqJaPPiZP0oBHhOTZ9BJb8Vv
Sml3OL1xbB6ZuReo/R6DaU40TPqnOZAiFKvj51RnagfbQPWcTx7zs5zw4aYTr/xL
Rx6KMzbiszFpanyfxGq5AxQQExMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTODXWu
lm//gQ2bot0dQo+XE5G5wjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQAWGL9hQRLl6m/0hD7ELnjavxdPBS0DOFlQtA1NdBCK
uhIR33nhsKwpe/YK18ASS/K6C2ZHiI2L9kqfkG4D3VSUWBY3IIePzI1+f9VC0ZZf
aXfkVLe528y5N/lBQdZwdUmf6OSgJNU+gS4y3u36fMjOX+Z6aZytBCZHWrhY1C9f
VFehw9y3Alpem2CVJlJ9Cs5dXgzImbMqVeaahK6xXmEjxLLqLSMcMVKadLrFEGHc
IzqmAr20wzdTedi0m/cQziMWg+xnLjCeNiv+csyGvvxu8V+QZTdWy5ZSV4G6in5u
GOHrIxZZ3e3r6a/jU8SYp/NzbfYx47AMyljChp2jEaPd
-----END CERTIFICATE-----
Generated at Thu Sep 18 22:53:40 2025 by rpki-client