Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: YZ/V7UTIfbvaxll/g+M/pIxh5ldwGIMc8fsCwgB64Wc=
Subject key identifier: AA:1D:89:4B:7F:36:6B:DE:A4:35:83:B6:E4:8A:34:38:1F:AD:B4:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 333F359FE065EA00864D1C01EAC755EC23F213D3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Tue 05 Aug 2025 20:21:30 +0000
ROA not before: Tue 05 Aug 2025 20:21:30 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:3f:35:9f:e0:65:ea:00:86:4d:1c:01:ea:c7:55:ec:23:f2:13:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:30 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f30a125c2b2f82f8cab97f297f2f5c0f9dd195f2d76ac31aa7086aafa89d3836, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ba:af:d9:7e:42:63:8b:d2:98:30:01:49:52:
a7:6c:9e:88:5b:dd:bd:aa:08:41:6e:1a:df:e3:48:
b5:0f:6b:a3:a8:58:1f:a2:c8:c9:08:a3:a0:8f:93:
6b:39:2f:59:04:3a:06:5a:fb:54:08:ae:45:d1:c5:
38:fb:83:6c:4b:5a:7b:44:28:a7:49:29:ee:79:1a:
d8:22:25:ae:f5:7a:35:b6:05:ec:4a:c7:84:b6:ad:
5b:b9:c9:08:6d:24:aa:34:92:3a:d6:83:3a:1e:6a:
cc:6f:bc:89:08:8b:78:2a:e7:d8:01:ea:18:a4:2b:
fc:3f:1f:d1:bd:ab:5b:9f:50:b2:3a:bc:34:b0:e3:
90:82:5d:81:35:49:ed:13:3f:79:d3:ed:0c:a1:7d:
b9:5d:80:17:d8:98:b0:c0:2c:59:98:84:58:12:2d:
b9:bb:18:f3:86:0f:38:d8:21:f6:95:50:09:c8:cb:
ab:b0:1a:2f:b6:e9:16:f3:61:34:1a:24:32:fd:df:
5d:33:98:37:b1:46:fd:7b:48:a4:47:67:b5:1d:5c:
ca:01:cf:af:92:02:14:2c:c1:f3:b9:8d:ea:b2:63:
26:5c:f4:b4:b7:f0:ac:29:ea:cc:cc:98:58:06:62:
2c:38:dd:bb:59:aa:95:54:e2:cd:7b:19:22:07:70:
ef:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1D:89:4B:7F:36:6B:DE:A4:35:83:B6:E4:8A:34:38:1F:AD:B4:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
65:fc:45:3a:3c:f3:b4:ff:80:3f:48:4a:5c:71:ad:17:c5:18:
65:ec:33:66:2a:d3:9d:c9:22:af:66:06:e2:b2:2d:f3:18:de:
6a:06:8c:ff:94:fa:a0:6a:19:f1:7d:f2:30:a4:bc:0b:6d:34:
5c:71:dd:5b:0b:03:79:4d:21:88:a1:cb:7c:b1:c8:1b:48:e9:
fc:d0:23:98:2d:55:41:86:a8:f9:2f:08:82:9f:66:c4:54:d0:
26:03:09:82:d6:ee:79:3c:ed:d3:00:27:17:97:fe:19:12:7e:
49:3c:ec:25:da:d0:54:37:f1:d1:d5:15:90:34:7e:09:77:67:
d9:bc:f4:16:d1:dd:88:57:63:78:7d:87:f7:0c:0f:c8:c4:f6:
e8:1a:1a:18:1f:62:2b:de:26:a8:b3:a3:f8:52:ed:f1:7a:d7:
0d:7b:b9:ab:a5:6d:0e:2d:00:41:9e:85:21:d5:9a:02:ba:87:
cc:64:b9:dd:45:98:20:f3:af:c3:17:bb:76:f6:23:f1:38:ad:
5f:5c:93:49:72:15:f7:08:67:29:52:25:1a:3c:ad:08:62:45:
b3:23:57:73:bb:6e:b4:fc:90:4e:50:57:98:95:c7:65:b8:97:
36:7b:c7:0d:b0:e2:49:9f:05:e0:01:42:b4:56:82:dd:97:71:
6d:cd:61:09
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMz81n+Bl6gCGTRwB6sdV7CPyE9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzMGExMjVjMmIyZjgyZjhjYWI5N2YyOTdmMmY1YzBmOWRkMTk1ZjJkNzZh
YzMxYWE3MDg2YWFmYTg5ZDM4MzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALy6r9l+QmOL0pgwAUlSp2yeiFvdvaoIQW4a3+NItQ9ro6hYH6LIyQijoI+T
azkvWQQ6Blr7VAiuRdHFOPuDbEtae0Qop0kp7nka2CIlrvV6NbYF7ErHhLatW7nJ
CG0kqjSSOtaDOh5qzG+8iQiLeCrn2AHqGKQr/D8f0b2rW59Qsjq8NLDjkIJdgTVJ
7RM/edPtDKF9uV2AF9iYsMAsWZiEWBItubsY84YPONgh9pVQCcjLq7AaL7bpFvNh
NBokMv3fXTOYN7FG/XtIpEdntR1cygHPr5ICFCzB87mN6rJjJlz0tLfwrCnqzMyY
WAZiLDjdu1mqlVTizXsZIgdw7/8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSqHYlL
fzZr3qQ1g7bkijQ4H620AjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAZfxFOjzztP+AP0hKXHGtF8UYZewzZirTnckir2YG
4rIt8xjeagaM/5T6oGoZ8X3yMKS8C200XHHdWwsDeU0hiKHLfLHIG0jp/NAjmC1V
QYao+S8Igp9mxFTQJgMJgtbueTzt0wAnF5f+GRJ+STzsJdrQVDfx0dUVkDR+CXdn
2bz0FtHdiFdjeH2H9wwPyMT26BoaGB9iK94mqLOj+FLt8XrXDXu5q6VtDi0AQZ6F
IdWaArqHzGS53UWYIPOvwxe7dvYj8TitX1yTSXIV9whnKVIlGjytCGJFsyNXc7tu
tPyQTlBXmJXHZbiXNnvHDbDiSZ8F4AFCtFaC3Zdxbc1hCQ==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:20 2025 by rpki-client