Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: xD9I2JZ2a7fqxT1MLWj0A8Cpb6aCyfEibHDpP4HHBGY=
Subject key identifier: B1:F9:48:D9:F1:2C:81:F9:7E:60:6F:3A:70:9A:12:7F:49:91:0F:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1591A77F5FA11F8B751610D111D4BC0D70648599
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Mon 01 Sep 2025 21:20:15 +0000
ROA not before: Mon 01 Sep 2025 21:20:15 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 19:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:91:a7:7f:5f:a1:1f:8b:75:16:10:d1:11:d4:bc:0d:70:64:85:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:20:15 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=507b5239517a77598f7b0fb09f6df8799ce698c0c283d0f3e0cd7ffa68e70b13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:08:f9:0a:62:8c:e9:93:4a:02:97:9d:c1:2a:
6b:d3:9c:81:1b:8e:52:9b:46:a0:c4:75:4a:e6:0b:
40:e8:f9:26:83:8e:13:7a:d9:e7:a4:7b:97:b0:4f:
ed:f4:2b:b1:be:ac:05:ca:3b:be:60:21:e3:5a:96:
50:c7:4e:77:95:79:02:10:38:95:b0:0e:45:3a:82:
f0:08:25:76:80:2e:c5:92:db:9c:08:ad:2c:6e:c5:
12:6c:9f:f1:ce:b8:d7:27:97:0e:bd:c4:04:bf:d7:
e5:ef:2a:9a:93:a0:09:d7:a7:65:a0:34:89:46:84:
79:30:e3:df:2f:66:72:ef:ac:d1:e3:e0:44:34:05:
51:ef:86:ab:96:92:79:33:47:8b:c0:60:1c:7d:32:
d5:bd:57:b3:78:07:f2:95:92:96:30:da:f4:05:66:
12:2a:60:c5:0b:61:cd:43:91:d1:79:ce:b6:bc:7c:
47:10:29:bb:ab:d5:43:10:23:07:b3:1b:d9:5c:49:
57:67:bd:08:53:10:3d:0c:08:9e:be:23:2e:4f:1c:
1d:82:90:05:03:b6:08:7f:cd:d1:51:8e:da:f2:da:
f0:c8:9f:06:52:2f:12:e0:58:6b:a8:27:ac:0c:25:
24:fe:0f:4b:e8:f9:c6:84:f0:85:1a:2f:fc:81:50:
93:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F9:48:D9:F1:2C:81:F9:7E:60:6F:3A:70:9A:12:7F:49:91:0F:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
1d:56:ab:4d:51:e6:d4:58:e8:fd:37:d2:66:7b:33:ed:67:c8:
3c:2a:93:39:85:0d:2e:99:73:6d:ea:28:8f:b3:32:fe:ee:82:
5b:38:14:fe:96:e1:4e:30:f2:3a:8e:73:33:f4:79:b0:be:4f:
60:d8:28:5d:61:2c:de:7d:67:34:dd:89:e6:55:31:61:c6:44:
86:93:30:13:d6:76:08:88:a2:78:ae:c9:bf:4a:96:c5:c0:69:
77:08:5a:e2:5d:8f:da:bc:69:55:75:a2:cf:96:68:14:2e:1b:
10:11:fe:a8:a5:2d:51:54:19:99:b5:68:c6:26:21:52:23:f3:
67:af:3a:39:45:31:27:db:b5:33:a8:a3:df:ea:17:f9:6a:64:
3e:b8:dd:05:4b:7c:ae:9b:2c:a0:92:f5:e0:7a:ed:5a:41:9e:
e1:83:c2:57:a6:46:0b:10:68:83:11:78:51:d6:37:99:a8:3d:
92:8a:15:d2:1d:a6:f0:7e:95:7e:69:70:9f:67:c0:7f:34:aa:
7e:00:96:39:cc:54:dd:3b:49:d0:14:77:6e:17:4f:cf:5a:a4:
fa:a2:40:18:db:0d:72:97:2e:d2:84:84:3a:3a:f7:86:44:88:
8e:19:75:8f:b8:ba:8e:d8:0a:49:4d:89:ad:da:0e:75:a8:40:
f0:65:d0:02
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFZGnf1+hH4t1FhDREdS8DXBkhZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTIwMTVaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwN2I1MjM5NTE3YTc3NTk4ZjdiMGZiMDlmNmRmODc5OWNlNjk4YzBjMjgz
ZDBmM2UwY2Q3ZmZhNjhlNzBiMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOMI+QpijOmTSgKXncEqa9OcgRuOUptGoMR1SuYLQOj5JoOOE3rZ56R7l7BP
7fQrsb6sBco7vmAh41qWUMdOd5V5AhA4lbAORTqC8AgldoAuxZLbnAitLG7FEmyf
8c641yeXDr3EBL/X5e8qmpOgCdenZaA0iUaEeTDj3y9mcu+s0ePgRDQFUe+Gq5aS
eTNHi8BgHH0y1b1Xs3gH8pWSljDa9AVmEipgxQthzUOR0XnOtrx8RxApu6vVQxAj
B7Mb2VxJV2e9CFMQPQwInr4jLk8cHYKQBQO2CH/N0VGO2vLa8MifBlIvEuBYa6gn
rAwlJP4PS+j5xoTwhRov/IFQk/0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSx+UjZ
8SyB+X5gbzpwmhJ/SZEPbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAHVarTVHm1Fjo/TfSZnsz7WfIPCqTOYUNLplzbeoo
j7My/u6CWzgU/pbhTjDyOo5zM/R5sL5PYNgoXWEs3n1nNN2J5lUxYcZEhpMwE9Z2
CIiieK7Jv0qWxcBpdwha4l2P2rxpVXWiz5ZoFC4bEBH+qKUtUVQZmbVoxiYhUiPz
Z686OUUxJ9u1M6ij3+oX+WpkPrjdBUt8rpssoJL14HrtWkGe4YPCV6ZGCxBogxF4
UdY3mag9kooV0h2m8H6Vfmlwn2fAfzSqfgCWOcxU3TtJ0BR3bhdPz1qk+qJAGNsN
cpcu0oSEOjr3hkSIjhl1j7i6jtgKSU2JrdoOdahA8GXQAg==
-----END CERTIFICATE-----
Generated at Fri Sep 19 00:12:02 2025 by rpki-client