Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: OClVH1tVx7e5brCLHyYtU5zjq5iIdpUED1Ov6Vjs6Rk=
Subject key identifier: 2F:B0:85:E6:7C:14:A5:88:5A:94:7E:1A:70:B3:3F:76:64:7B:58:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 708FF12198A50A7156985E9D6937C789D7F1298D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Fri 15 Aug 2025 15:50:02 +0000
ROA not before: Fri 15 Aug 2025 15:50:02 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:8f:f1:21:98:a5:0a:71:56:98:5e:9d:69:37:c7:89:d7:f1:29:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:02 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=c050fbdcf4ba67281a23abe392bc629d599cadf1871bd954e81920e0893ff442, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0c:c5:c5:a8:d0:c2:4e:e8:98:6d:ff:fe:72:
6d:cc:cd:52:9f:cd:19:12:9f:08:bb:d3:fc:52:7c:
8b:14:fb:e1:8f:32:61:e0:3a:9b:2e:4b:4e:98:47:
3e:bb:cd:01:82:4a:85:2b:ff:f7:80:d9:47:4d:1d:
f4:ca:6f:8d:66:85:ff:f7:e9:96:dd:05:02:b2:80:
9c:4e:86:50:62:a5:c6:45:f2:d0:35:35:df:b0:25:
89:79:42:2e:12:ac:44:4f:39:b6:d0:6d:86:86:c1:
2d:9a:23:dd:8c:0b:ba:54:37:b5:50:ad:ef:c7:60:
1e:fb:2b:3e:ed:cc:34:7f:3e:2c:88:55:c3:35:13:
6e:0c:a8:b0:0e:e2:a5:4f:4a:7a:48:32:f2:cf:ac:
b5:4d:f4:9d:a1:75:b9:ea:d1:eb:1f:b5:77:77:69:
2c:c7:e8:02:2f:41:10:da:aa:12:4c:38:e7:0a:75:
7c:33:70:45:79:dc:13:1f:e9:28:9f:b7:ce:81:7c:
19:89:db:85:b5:62:f8:99:08:ec:92:e4:73:37:43:
b5:80:e3:2e:fb:3e:4b:40:aa:b3:30:8f:78:ce:17:
cb:c2:fb:81:8f:a8:c7:8f:61:8a:b7:4d:57:f5:eb:
9f:c9:62:c2:9b:96:de:a8:11:a2:83:91:fd:25:e0:
67:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B0:85:E6:7C:14:A5:88:5A:94:7E:1A:70:B3:3F:76:64:7B:58:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
1c:de:ab:8f:a4:d9:4d:d3:bf:30:18:4d:4a:5d:60:f3:32:fb:
ee:c0:1c:30:e4:00:41:38:d3:81:10:6e:57:c7:c0:ff:42:68:
6d:60:b8:15:59:a6:7d:06:96:d1:a2:8c:f3:9c:62:3d:f3:86:
0d:3f:78:47:a0:e4:3d:81:da:70:f3:0f:a2:b1:af:a2:1b:33:
10:46:d8:b3:62:d9:a9:78:02:d5:0d:ed:ac:1e:61:1b:91:90:
22:3a:a4:72:9a:f4:28:59:0b:88:54:41:48:0e:1b:19:28:41:
d7:39:38:d8:a6:ea:e0:c2:31:30:32:ff:e6:54:65:08:02:83:
07:0d:99:02:2a:8f:2c:ff:54:0d:4c:c4:47:be:99:33:30:e0:
f6:c9:3d:ac:47:91:05:04:56:f1:41:a3:ae:4c:7a:d9:1b:04:
14:bc:c9:36:4f:e7:d0:2f:55:a9:eb:92:79:a5:e5:e6:6b:da:
ba:a4:ed:34:a7:34:c9:66:7f:5d:a5:02:84:7e:f1:b5:b6:ca:
b5:fa:40:c4:16:dd:bf:1f:3c:b1:d1:76:00:22:58:e1:13:ec:
22:60:87:7d:0a:e1:8d:39:0b:f4:d2:f7:f4:2f:73:3e:8b:4e:
ef:e6:63:1a:51:bc:c2:ec:f3:3e:f0:65:e7:62:45:5c:23:9e:
e1:11:eb:b9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcI/xIZilCnFWmF6daTfHidfxKY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDJaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwNTBmYmRjZjRiYTY3MjgxYTIzYWJlMzkyYmM2MjlkNTk5Y2FkZjE4NzFi
ZDk1NGU4MTkyMGUwODkzZmY0NDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIMxcWo0MJO6Jht//5ybczNUp/NGRKfCLvT/FJ8ixT74Y8yYeA6my5LTphH
PrvNAYJKhSv/94DZR00d9MpvjWaF//fplt0FArKAnE6GUGKlxkXy0DU137AliXlC
LhKsRE85ttBthobBLZoj3YwLulQ3tVCt78dgHvsrPu3MNH8+LIhVwzUTbgyosA7i
pU9Kekgy8s+stU30naF1uerR6x+1d3dpLMfoAi9BENqqEkw45wp1fDNwRXncEx/p
KJ+3zoF8GYnbhbVi+JkI7JLkczdDtYDjLvs+S0CqszCPeM4Xy8L7gY+ox49hirdN
V/Xrn8liwpuW3qgRooOR/SXgZ2ECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQvsIXm
fBSliFqUfhpwsz92ZHtY+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQAc3quPpNlN078wGE1KXWDzMvvuwBww5ABBONOBEG5X
x8D/QmhtYLgVWaZ9BpbRoozznGI984YNP3hHoOQ9gdpw8w+isa+iGzMQRtizYtmp
eALVDe2sHmEbkZAiOqRymvQoWQuIVEFIDhsZKEHXOTjYpurgwjEwMv/mVGUIAoMH
DZkCKo8s/1QNTMRHvpkzMOD2yT2sR5EFBFbxQaOuTHrZGwQUvMk2T+fQL1Wp65J5
peXma9q6pO00pzTJZn9dpQKEfvG1tsq1+kDEFt2/Hzyx0XYAIljhE+wiYId9CuGN
OQv00vf0L3M+i07v5mMaUbzC7PM+8GXnYkVcI57hEeu5
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:39:23 2025 by rpki-client