Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: /8J420bQl+ZnldxuEJ3BQdWryXml41Hqmthfuq5gMpc=
Subject key identifier: 43:BE:F9:E8:F9:C8:AF:48:41:8B:79:84:ED:11:1A:08:E0:7E:AD:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 25D599A98F9D4830282A5A7415E782AAB7D4B3C8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Tue 05 Aug 2025 20:21:28 +0000
ROA not before: Tue 05 Aug 2025 20:21:28 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d5:99:a9:8f:9d:48:30:28:2a:5a:74:15:e7:82:aa:b7:d4:b3:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:28 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=5cf5b99bd641b2c282aadabe1d7d2b6dea3986a5034f66cd1cb2f4ffb7986895, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1b:4b:f2:78:0b:e6:af:10:1f:20:ad:5b:61:
15:46:81:1e:cd:a7:0d:de:f6:4a:9f:30:b8:7f:5b:
51:b3:1e:b3:e1:de:57:d4:61:8e:1b:39:d3:15:15:
d0:d2:f0:2c:27:aa:cb:10:9c:a2:6e:91:83:59:5f:
8d:72:ac:2d:9b:b1:8a:02:0e:ee:fb:04:9d:90:ae:
4e:dd:d8:44:91:3b:13:2e:b1:28:b6:cb:82:be:49:
ed:91:62:42:4d:c5:f0:59:c2:f6:cf:c5:bc:66:43:
04:96:0c:ae:62:70:9c:ce:ec:57:ba:df:f0:ce:63:
b0:0a:f5:a3:c3:d3:14:92:84:c8:de:ef:9c:cc:9f:
39:35:5f:41:a1:36:70:8d:7d:2f:78:e9:1a:17:62:
52:74:ca:4a:c5:6e:1e:3b:67:ff:eb:44:c7:0d:ba:
53:53:d3:6c:04:15:9c:a3:66:28:40:4d:8c:a5:0c:
aa:71:fb:15:15:86:79:ec:0b:dc:27:39:91:48:e6:
6a:3a:d6:f0:14:14:70:d8:e5:49:2e:63:cb:d2:db:
56:63:45:5e:66:41:b0:b1:fb:96:27:a7:d8:92:01:
39:00:1f:06:a5:24:14:70:3b:09:79:1d:11:f1:4c:
12:33:d8:d3:1e:a0:f2:59:3d:e4:b9:c7:57:39:46:
97:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BE:F9:E8:F9:C8:AF:48:41:8B:79:84:ED:11:1A:08:E0:7E:AD:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
35:d7:05:6f:02:ec:ec:c5:81:d7:b7:af:3d:74:ac:f1:a1:49:
80:5d:03:18:e1:17:56:4c:60:d1:e2:37:05:be:5a:b8:22:79:
dc:bc:0c:7b:98:19:3c:81:0a:04:8f:08:ae:ef:64:86:9e:33:
e9:ec:77:53:6f:40:5e:01:a4:5f:28:fd:6b:55:9b:ca:68:86:
a8:03:3b:17:d3:5e:4c:1d:56:7b:c4:21:22:1c:b2:7e:f8:ed:
6f:34:08:91:30:d9:bf:8f:88:19:51:8f:48:17:2e:24:ae:6a:
8a:63:65:33:c7:ac:07:a8:d8:e6:40:5a:82:e0:14:76:6c:57:
7d:13:2f:27:54:f6:f7:e5:46:d2:3e:56:4b:89:84:44:df:af:
8f:2f:e9:8a:61:1d:ad:69:e1:21:24:2f:b6:d0:c1:60:5a:03:
a0:4e:a4:8d:82:d4:9a:31:33:aa:76:3a:3b:81:48:c5:7a:3b:
01:6e:bf:94:5c:79:5f:12:02:be:ec:45:ba:40:d4:b3:3f:04:
7e:82:20:f4:63:a4:57:87:91:72:31:b7:6d:02:e1:4d:2c:2e:
7f:bc:0e:18:ea:27:b6:d6:7f:1d:a5:9d:9c:87:a7:32:74:30:
4d:30:3a:9a:d7:2b:27:42:6c:ea:5e:98:8e:cf:cf:83:0c:05:
6a:8a:85:6c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJdWZqY+dSDAoKlp0FeeCqrfUs8gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMjhaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDVjZjViOTliZDY0MWIyYzI4MmFhZGFiZTFkN2QyYjZkZWEzOTg2YTUwMzRm
NjZjZDFjYjJmNGZmYjc5ODY4OTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKsbS/J4C+avEB8grVthFUaBHs2nDd72Sp8wuH9bUbMes+HeV9Rhjhs50xUV
0NLwLCeqyxCcom6Rg1lfjXKsLZuxigIO7vsEnZCuTt3YRJE7Ey6xKLbLgr5J7ZFi
Qk3F8FnC9s/FvGZDBJYMrmJwnM7sV7rf8M5jsAr1o8PTFJKEyN7vnMyfOTVfQaE2
cI19L3jpGhdiUnTKSsVuHjtn/+tExw26U1PTbAQVnKNmKEBNjKUMqnH7FRWGeewL
3Cc5kUjmajrW8BQUcNjlSS5jy9LbVmNFXmZBsLH7lien2JIBOQAfBqUkFHA7CXkd
EfFMEjPY0x6g8lk95LnHVzlGl0MCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDvvno
+civSEGLeYTtERoI4H6tajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEANdcFbwLs7MWB17evPXSs8aFJgF0DGOEXVkxg0eI3
Bb5auCJ53LwMe5gZPIEKBI8Iru9khp4z6ex3U29AXgGkXyj9a1WbymiGqAM7F9Ne
TB1We8QhIhyyfvjtbzQIkTDZv4+IGVGPSBcuJK5qimNlM8esB6jY5kBaguAUdmxX
fRMvJ1T29+VG0j5WS4mERN+vjy/pimEdrWnhISQvttDBYFoDoE6kjYLUmjEzqnY6
O4FIxXo7AW6/lFx5XxICvuxFukDUsz8EfoIg9GOkV4eRcjG3bQLhTSwuf7wOGOon
ttZ/HaWdnIenMnQwTTA6mtcrJ0Js6l6Yjs/PgwwFaoqFbA==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:09 2025 by rpki-client