Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
File: bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa (raw, json)
Hash identifier: WNxQrEtN2ICgMn7IqT+3t4c2uVWmHZYwNG7k+IRB/FM=
Subject key identifier: 0A:05:76:05:B8:F7:F8:67:2A:80:AB:50:E0:A6:D1:39:F3:EB:E9:30
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08A7554197A83AA7A2C77DE70344CAAB531B0AB2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
Signing time: Fri 15 Aug 2025 15:50:04 +0000
ROA not before: Fri 15 Aug 2025 15:50:04 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 14618
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a7:55:41:97:a8:3a:a7:a2:c7:7d:e7:03:44:ca:ab:53:1b:0a:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:04 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=2afc75859c33829abaf5b4ca2f96f50404a76a4a00b1b2b8aff9d5fa66fde178, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7a:29:54:9b:7c:c8:dc:66:70:2a:5b:aa:b2:
dc:bb:f0:c3:c5:30:ff:fd:d4:97:61:22:77:67:42:
18:3e:6a:77:06:2f:76:2f:34:c0:07:9e:97:6e:60:
16:1c:67:89:8f:c9:55:b4:ee:cf:6f:95:5b:ba:43:
61:d5:17:d8:37:cf:cb:1e:81:1c:65:b8:01:08:50:
52:cb:c2:b3:b2:9e:08:ab:1c:3a:c7:28:30:a5:09:
22:01:c6:15:ab:d3:e2:fe:61:ea:1d:40:b4:a3:82:
d1:d6:e4:18:08:52:97:24:05:66:3b:ae:f4:c5:db:
3a:95:26:7d:4a:f5:4e:e1:d4:43:0c:cc:d3:63:ee:
1c:fc:01:fe:ec:13:34:89:90:05:5a:a4:f3:96:01:
41:2a:88:8b:9a:0b:f8:8a:df:ad:a1:05:0b:7c:2a:
cc:92:6a:ba:2d:0b:ef:f6:fb:c6:c7:b1:73:8e:5c:
cb:14:bc:4c:4c:2e:43:9a:8b:a9:e2:13:c8:cb:5d:
da:5d:ee:ca:d9:92:4e:90:d0:6e:84:be:83:a3:d6:
de:1e:ee:82:80:b2:a9:64:d9:49:7f:2b:10:c7:73:
c5:a0:55:70:2c:d9:10:38:15:98:3c:07:77:59:cf:
77:7b:4a:a5:9c:0e:8c:d4:8a:8e:9e:30:7d:f0:10:
52:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:05:76:05:B8:F7:F8:67:2A:80:AB:50:E0:A6:D1:39:F3:EB:E9:30
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bf3c19cc-7e74-4d47-9e2d-5bcee63041aa.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
14:2b:ce:a2:28:99:43:77:8c:75:66:2c:56:85:ce:1e:de:24:
4d:49:d1:82:18:03:42:9f:b1:22:e0:54:3a:d5:b7:a8:f2:14:
7d:aa:7f:ee:6c:f2:9a:08:1a:27:77:8b:ce:9f:84:00:db:3b:
42:5a:59:dc:20:df:95:7a:4f:e8:fd:f9:64:75:d1:42:c3:76:
c1:13:89:5c:62:48:3b:f3:9e:7f:c5:a9:aa:b0:ac:b2:8b:2a:
4a:c3:6e:27:ad:0c:09:10:bc:ac:b3:b9:b0:25:36:7a:b3:66:
fd:8e:d1:86:94:82:24:92:95:08:74:ad:bc:90:5d:4e:bd:a1:
73:28:c9:a7:6f:ef:35:b2:4c:36:6b:64:dc:f4:1b:9d:11:57:
aa:16:38:dc:8d:fc:3a:f7:2c:5b:bd:f9:50:c6:96:1f:f9:5c:
0e:ad:75:7e:bd:29:58:ea:01:65:49:1f:86:a9:c1:d4:6e:53:
e0:f6:1c:09:4d:fb:c4:43:8e:92:e0:71:38:60:9f:a7:f7:74:
3b:a6:06:16:f1:0d:c5:e2:59:15:7d:92:7b:13:de:21:6d:3c:
83:f4:e6:5e:45:23:2f:e5:ff:6a:15:0c:67:69:ad:f8:7f:a1:
df:36:75:6c:89:46:88:fc:ed:ae:f3:3c:87:92:68:64:8f:65:
12:95:3f:31
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCKdVQZeoOqeix33nA0TKq1MbCrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDRaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZmM3NTg1OWMzMzgyOWFiYWY1YjRjYTJmOTZmNTA0MDRhNzZhNGEwMGIx
YjJiOGFmZjlkNWZhNjZmZGUxNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKF6KVSbfMjcZnAqW6qy3Lvww8Uw//3Ul2Eid2dCGD5qdwYvdi80wAeel25g
FhxniY/JVbTuz2+VW7pDYdUX2DfPyx6BHGW4AQhQUsvCs7KeCKscOscoMKUJIgHG
FavT4v5h6h1AtKOC0dbkGAhSlyQFZjuu9MXbOpUmfUr1TuHUQwzM02PuHPwB/uwT
NImQBVqk85YBQSqIi5oL+IrfraEFC3wqzJJqui0L7/b7xsexc45cyxS8TEwuQ5qL
qeITyMtd2l3uytmSTpDQboS+g6PW3h7ugoCyqWTZSX8rEMdzxaBVcCzZEDgVmDwH
d1nPd3tKpZwOjNSKjp4wffAQUrkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQKBXYF
uPf4ZyqAq1DgptE58+vpMDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmYzYzE5Y2MtN2U3NC00ZDQ3LTllMmQtNWJjZWU2MzA0MWFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAFCvOoiiZQ3eMdWYsVoXOHt4kTUnRghgDQp+xIuBU
OtW3qPIUfap/7mzymggaJ3eLzp+EANs7QlpZ3CDflXpP6P35ZHXRQsN2wROJXGJI
O/Oef8WpqrCssosqSsNuJ60MCRC8rLO5sCU2erNm/Y7RhpSCJJKVCHStvJBdTr2h
cyjJp2/vNbJMNmtk3PQbnRFXqhY43I38OvcsW735UMaWH/lcDq11fr0pWOoBZUkf
hqnB1G5T4PYcCU37xEOOkuBxOGCfp/d0O6YGFvENxeJZFX2SexPeIW08g/TmXkUj
L+X/ahUMZ2mt+H+h3zZ1bIlGiPztrvM8h5JoZI9lEpU/MQ==
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:54:06 2025 by rpki-client