Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: aBklYGdwvxrV1lkbxRx5YgqkNcPE/YdXDUIUroeWEY4=
Subject key identifier: 31:40:3F:EB:03:01:8F:8E:D6:BA:46:04:4D:E0:26:C9:AB:8D:91:D4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 071B176AED7EFE200145D897DFADC53AA440B651
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Tue 05 Aug 2025 20:21:31 +0000
ROA not before: Tue 05 Aug 2025 20:21:31 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 17:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:1b:17:6a:ed:7e:fe:20:01:45:d8:97:df:ad:c5:3a:a4:40:b6:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:31 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8ed331a0a6b8d811a6031bb5b09194b94377bcecaa3b58483a2e15ea6c0c0c31, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:4d:62:9b:e0:51:0b:48:12:1f:14:e3:7d:
f5:41:ef:9a:67:5b:53:45:64:65:46:d0:8d:82:bb:
91:86:7f:a4:b0:85:99:40:78:f9:ce:53:cd:06:f5:
57:83:74:f9:58:20:2c:ae:c4:7f:1e:d9:dd:08:af:
ac:c7:40:77:ca:4d:8f:4d:b2:7f:1f:be:50:fd:7f:
78:e2:0e:fa:5c:fe:8a:61:90:8d:ba:93:3b:27:b9:
60:5a:ea:91:44:bc:e7:2e:65:65:df:ec:dd:42:5b:
19:b2:e0:b3:d1:6a:e1:2b:03:30:88:b6:86:5f:a8:
1f:fa:aa:a5:85:50:78:22:eb:9a:dc:e2:f0:c1:e6:
01:1d:d7:64:de:51:45:bc:e3:a3:17:37:5c:83:03:
b8:2f:9c:b7:6b:6f:19:cd:1d:f0:94:fe:48:dd:cd:
15:4e:f8:61:bc:de:b0:2c:20:26:fe:c8:38:fe:a3:
af:bd:8c:70:3d:31:94:16:09:62:ff:e8:ec:60:a8:
6b:5c:67:ef:0d:cc:62:60:00:db:a3:42:5a:27:46:
7a:c1:81:0b:5a:eb:c0:45:e7:ef:0e:1a:d0:99:03:
b5:4c:e5:1e:64:57:32:71:31:b2:de:c8:8b:c9:be:
3a:d2:1f:77:ab:9f:99:1b:7b:e0:aa:51:54:9d:df:
bc:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:40:3F:EB:03:01:8F:8E:D6:BA:46:04:4D:E0:26:C9:AB:8D:91:D4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:3b:eb:02:df:29:1b:bb:e3:06:14:53:ea:93:6c:89:5b:01:
09:1d:fd:b7:b5:f5:b3:53:dd:04:f3:c1:88:76:b7:dc:d3:cc:
e4:ae:b4:4f:78:6c:f5:f7:08:25:a8:a6:1d:7b:bd:32:43:3e:
65:e7:71:cd:e4:aa:2e:18:8e:90:57:0b:32:a9:e1:82:0a:4d:
5f:b6:39:77:02:b8:33:1f:d2:e1:cf:83:f3:35:96:58:54:63:
78:fd:79:26:cd:89:d9:52:b9:6b:bd:67:b2:36:7a:60:52:4a:
bf:5d:24:6d:a0:ae:77:17:2c:3f:da:d7:29:83:23:cb:a6:98:
1e:48:bb:2b:aa:65:fd:94:df:9e:3b:69:c0:19:89:1c:22:c9:
bd:ba:45:3f:af:06:45:01:68:f6:04:41:d2:38:c2:cc:19:dd:
1c:45:16:aa:e6:95:d4:ce:82:4d:f2:2e:6a:f6:eb:92:08:31:
63:54:f2:49:f2:1c:3c:7b:97:55:a8:fa:20:7e:4f:a3:c2:49:
ca:6b:4e:2b:cc:fe:5a:5a:13:b5:12:26:f0:c4:01:24:cd:9e:
87:f5:14:10:c7:53:e7:1a:e7:b9:a2:c3:a9:ff:d9:51:e2:de:
ff:48:50:81:0f:86:06:28:d2:c7:14:3d:4c:9b:00:2a:44:3f:
0e:f6:42:62
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBxsXau1+/iABRdiX363FOqRAtlEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzFaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlZDMzMWEwYTZiOGQ4MTFhNjAzMWJiNWIwOTE5NGI5NDM3N2JjZWNhYTNi
NTg0ODNhMmUxNWVhNmMwYzBjMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJBBTWKb4FELSBIfFON99UHvmmdbU0VkZUbQjYK7kYZ/pLCFmUB4+c5TzQb1
V4N0+VggLK7Efx7Z3QivrMdAd8pNj02yfx++UP1/eOIO+lz+imGQjbqTOye5YFrq
kUS85y5lZd/s3UJbGbLgs9Fq4SsDMIi2hl+oH/qqpYVQeCLrmtzi8MHmAR3XZN5R
Rbzjoxc3XIMDuC+ct2tvGc0d8JT+SN3NFU74YbzesCwgJv7IOP6jr72McD0xlBYJ
Yv/o7GCoa1xn7w3MYmAA26NCWidGesGBC1rrwEXn7w4a0JkDtUzlHmRXMnExst7I
i8m+OtIfd6ufmRt74KpRVJ3fvMcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQxQD/r
AwGPjta6RgRN4CbJq42R1DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAmzvrAt8pG7vjBhRT6pNsiVsBCR39t7X1s1PdBPPB
iHa33NPM5K60T3hs9fcIJaimHXu9MkM+ZedxzeSqLhiOkFcLMqnhggpNX7Y5dwK4
Mx/S4c+D8zWWWFRjeP15Js2J2VK5a71nsjZ6YFJKv10kbaCudxcsP9rXKYMjy6aY
Hki7K6pl/ZTfnjtpwBmJHCLJvbpFP68GRQFo9gRB0jjCzBndHEUWquaV1M6CTfIu
avbrkggxY1TySfIcPHuXVaj6IH5Po8JJymtOK8z+WloTtRIm8MQBJM2eh/UUEMdT
5xrnuaLDqf/ZUeLe/0hQgQ+GBijSxxQ9TJsAKkQ/DvZCYg==
-----END CERTIFICATE-----
Generated at Thu Aug 21 22:13:27 2025 by rpki-client