Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: eUvoUTNwtbHTw/oNeb91rbI50L9CEbrE7hHDvzi74fQ=
Subject key identifier: E3:5D:75:7A:71:49:B5:83:59:9C:F3:4E:27:A3:B9:68:DC:91:1E:72
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1AFD198436915A338F350E19ACCA7537F095B138
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Tue 05 Aug 2025 20:21:33 +0000
ROA not before: Tue 05 Aug 2025 20:21:33 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:fd:19:84:36:91:5a:33:8f:35:0e:19:ac:ca:75:37:f0:95:b1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:33 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=9e6888e2c8b5d81a3320099da26e35e0efbdb2fdafe0dc63d47c7c07da2f023a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:46:d8:59:22:1c:c9:61:97:c4:32:37:63:f0:
70:77:c6:7a:18:e7:76:11:92:ba:cf:eb:83:87:55:
37:85:18:59:6e:1a:5e:b4:c0:60:39:0d:36:34:c7:
25:42:71:78:13:a4:70:6c:3a:8b:1a:22:d8:04:d5:
c6:26:33:0a:b5:d2:67:c6:cf:7a:a4:f8:94:64:c2:
1a:c8:f5:e5:4f:9a:e8:7a:c8:c4:04:4b:5e:bb:12:
b0:67:d0:fd:71:a1:b4:44:30:a3:a8:49:bf:81:31:
18:c2:7b:df:e2:45:24:54:4c:c7:18:95:40:eb:8f:
0a:a6:5b:59:e0:1f:7b:53:ad:35:16:10:a3:e4:49:
0f:e9:f3:d3:cd:9a:a6:22:14:fe:d9:d1:ca:0b:c0:
2b:a2:6d:bc:0f:1b:35:87:8f:d0:f1:a2:b9:93:29:
a3:1e:4e:d0:6d:8c:95:25:4c:e3:0e:c1:ab:73:7e:
e0:81:b5:69:cd:49:8f:24:e3:ee:2d:7e:55:d7:75:
65:1d:3c:36:93:de:87:dd:0a:26:67:65:66:c6:15:
59:e3:ca:df:35:23:0b:01:40:3c:c1:e5:ca:01:11:
8d:05:70:a9:5b:77:7f:44:92:c7:bf:60:db:fe:1d:
fd:0d:86:7a:ba:36:2b:71:85:54:2d:c6:bd:a9:ee:
db:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5D:75:7A:71:49:B5:83:59:9C:F3:4E:27:A3:B9:68:DC:91:1E:72
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:2c:5d:fc:c6:d4:c3:16:d1:f6:ab:3c:5d:a4:85:09:21:b9:
2c:77:22:69:c3:25:d9:10:dc:f0:87:c4:bd:d8:86:1c:25:77:
72:ce:d9:c9:f1:f0:69:08:ef:8d:2a:94:b9:c6:30:7b:6c:1c:
f9:88:de:9e:37:7f:9f:f5:71:14:73:78:61:3b:a7:ac:c8:73:
ee:85:b0:5b:d4:ea:a3:c3:44:16:a0:7b:bc:22:3d:59:9e:46:
07:6a:37:be:05:d0:12:12:0a:96:9c:01:87:a2:94:2a:8b:ed:
72:36:8d:9d:a0:11:3c:28:64:2d:e0:58:19:51:60:ae:99:93:
d6:48:e5:ad:ca:95:ca:5c:18:bb:f1:ac:92:26:06:38:92:8c:
d1:a9:2d:69:e1:15:7d:68:9c:b3:34:32:71:6c:37:9a:35:50:
e5:0e:c7:4d:cd:4d:97:ea:e2:23:e5:78:95:4a:ab:7d:ab:88:
1d:e1:39:e4:2c:c4:29:1a:25:d6:0b:da:c2:5c:6d:f1:ca:54:
8f:d1:e6:b0:14:ee:c2:8c:fc:2f:c7:32:2e:cb:2d:a0:bb:fa:
e3:84:7e:fc:34:07:63:18:52:3c:57:29:97:c8:a6:f3:17:2f:
4d:4a:9d:a2:4e:46:3c:fe:14:29:7f:fa:f3:49:05:20:ea:88:
16:37:09:9e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGv0ZhDaRWjOPNQ4ZrMp1N/CVsTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzNaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDllNjg4OGUyYzhiNWQ4MWEzMzIwMDk5ZGEyNmUzNWUwZWZiZGIyZmRhZmUw
ZGM2M2Q0N2M3YzA3ZGEyZjAyM2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANlG2FkiHMlhl8QyN2PwcHfGehjndhGSus/rg4dVN4UYWW4aXrTAYDkNNjTH
JUJxeBOkcGw6ixoi2ATVxiYzCrXSZ8bPeqT4lGTCGsj15U+a6HrIxARLXrsSsGfQ
/XGhtEQwo6hJv4ExGMJ73+JFJFRMxxiVQOuPCqZbWeAfe1OtNRYQo+RJD+nz082a
piIU/tnRygvAK6JtvA8bNYeP0PGiuZMpox5O0G2MlSVM4w7Bq3N+4IG1ac1JjyTj
7i1+Vdd1ZR08NpPeh90KJmdlZsYVWePK3zUjCwFAPMHlygERjQVwqVt3f0SSx79g
2/4d/Q2Gero2K3GFVC3Gvanu23kCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjXXV6
cUm1g1mc804no7lo3JEecjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEApyxd/MbUwxbR9qs8XaSFCSG5LHciacMl2RDc8IfE
vdiGHCV3cs7ZyfHwaQjvjSqUucYwe2wc+Yjenjd/n/VxFHN4YTunrMhz7oWwW9Tq
o8NEFqB7vCI9WZ5GB2o3vgXQEhIKlpwBh6KUKovtcjaNnaARPChkLeBYGVFgrpmT
1kjlrcqVylwYu/GskiYGOJKM0aktaeEVfWicszQycWw3mjVQ5Q7HTc1Nl+riI+V4
lUqrfauIHeE55CzEKRol1gvawlxt8cpUj9HmsBTuwoz8L8cyLsstoLv644R+/DQH
YxhSPFcpl8im8xcvTUqdok5GPP4UKX/680kFIOqIFjcJng==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:28 2025 by rpki-client