Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
File: d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa (raw, json)
Hash identifier: 3lS8F7kk3wwhCEzdShbP/6IAfKq36803V36xBOC4WBQ=
Subject key identifier: F9:F1:0B:88:7A:11:49:57:01:7D:F5:0F:CD:BD:0E:56:48:F2:A1:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 513A66B0E45C3F3BC387EA6518D07016F098ACB6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
Signing time: Wed 03 Sep 2025 00:30:09 +0000
ROA not before: Wed 03 Sep 2025 00:30:09 +0000
ROA not after: Wed 08 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3a:66:b0:e4:5c:3f:3b:c3:87:ea:65:18:d0:70:16:f0:98:ac:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 3 00:30:09 2025 GMT
Not After : Oct 8 23:59:59 2025 GMT
Subject: serialNumber=7b8384ec9a8f5fcc0e147cbc715f7c6722116d6c17dc91c40a4e16b187f8a595, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:da:26:20:7f:91:44:a7:27:df:19:6f:4f:4e:
16:5e:45:fb:8f:a8:91:94:66:e6:5c:98:6b:28:00:
71:c2:aa:4a:46:3b:d1:94:eb:ba:12:1f:0a:a1:aa:
ec:77:34:2d:76:e0:37:12:4f:32:c3:8a:b7:9e:96:
00:26:00:ab:84:20:8a:db:a8:b8:69:72:36:51:07:
3b:19:1f:82:54:1d:55:a4:94:eb:44:92:fb:32:8b:
c1:04:23:63:19:28:8a:2e:0b:e1:1b:7f:5c:28:2b:
49:c8:ac:d9:23:e0:77:f1:c2:8a:fa:b9:79:d1:f3:
fb:87:9a:26:51:1d:4b:e9:40:58:9b:13:79:cc:ee:
54:35:de:e8:e4:e7:bf:c0:a2:40:07:17:98:12:27:
9d:e9:e0:4d:3d:ad:6f:49:49:6c:d3:0a:a9:65:70:
6e:6d:41:f7:82:f3:56:ec:62:f6:bb:47:80:5a:78:
8e:3e:9b:3a:da:34:bf:81:3c:05:42:b3:32:f7:5e:
ba:99:38:35:cc:45:b2:80:98:68:93:fb:8b:43:93:
ee:e7:e4:6f:11:f5:b2:6c:75:1b:8d:ae:7b:48:b9:
5a:e2:37:35:1b:10:82:8d:a0:d3:66:00:44:54:8a:
51:72:4c:56:06:9f:72:a9:ba:74:44:c7:4b:df:7c:
16:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F1:0B:88:7A:11:49:57:01:7D:F5:0F:CD:BD:0E:56:48:F2:A1:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
33:46:ba:a8:a9:e7:df:09:dd:19:ca:b4:d2:d0:1a:be:18:35:
6b:5c:29:4b:2a:a8:af:40:b0:d5:6a:38:93:2f:db:ed:87:ab:
35:72:fb:89:6c:39:d5:8b:51:43:10:50:e6:07:78:4e:7a:30:
19:b6:5d:ee:a7:54:cb:f9:f1:56:f8:9a:82:a3:26:16:42:87:
81:5b:ce:e7:37:ff:a4:cc:ec:50:e0:71:b9:38:e7:34:42:b0:
77:61:da:1c:9b:49:3b:16:1b:07:eb:67:cd:3b:32:79:39:63:
59:76:72:9c:c4:68:2e:4e:82:17:50:03:7a:e8:ae:14:02:cf:
34:bc:12:16:6b:87:a3:0f:e0:5d:72:b3:66:19:ea:3d:e5:c3:
2e:4a:80:10:f3:5f:7b:20:88:35:88:5c:0e:56:65:32:ca:e7:
0b:f0:1a:3b:ca:25:b7:b0:2b:c0:48:49:6c:f1:35:21:41:02:
5f:88:b3:07:c7:e3:9e:0e:f2:5b:58:56:cd:13:58:1f:30:92:
56:f5:93:88:df:e6:ce:fe:f5:67:ba:d7:b5:4a:34:35:f1:26:
e7:6d:3c:64:40:a9:2b:e6:b7:a7:e7:44:1f:c3:fa:7f:d6:4c:
ad:ea:77:f0:c6:9d:51:43:8b:39:6c:56:db:f3:19:1e:64:d7:
43:c6:db:a1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUTpmsORcPzvDh+plGNBwFvCYrLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDMwMDMwMDlaFw0yNTEwMDgyMzU5NTlaMHoxSTBHBgNV
BAUTQDdiODM4NGVjOWE4ZjVmY2MwZTE0N2NiYzcxNWY3YzY3MjIxMTZkNmMxN2Rj
OTFjNDBhNGUxNmIxODdmOGE1OTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKTaJiB/kUSnJ98Zb09OFl5F+4+okZRm5lyYaygAccKqSkY70ZTruhIfCqGq
7Hc0LXbgNxJPMsOKt56WACYAq4QgituouGlyNlEHOxkfglQdVaSU60SS+zKLwQQj
Yxkoii4L4Rt/XCgrScis2SPgd/HCivq5edHz+4eaJlEdS+lAWJsTeczuVDXe6OTn
v8CiQAcXmBInnengTT2tb0lJbNMKqWVwbm1B94LzVuxi9rtHgFp4jj6bOto0v4E8
BUKzMvdeupk4NcxFsoCYaJP7i0OT7ufkbxH1smx1G42ue0i5WuI3NRsQgo2g02YA
RFSKUXJMVgafcqm6dETHS998FtcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT58QuI
ehFJVwF99Q/NvQ5WSPKh6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQxMWVjYTctOTVhZi00MWRkLWEyZmMtZmRhYTE2MmFkMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEAM0a6qKnn3wndGcq00tAavhg1a1wpSyqor0Cw1Wo4
ky/b7YerNXL7iWw51YtRQxBQ5gd4TnowGbZd7qdUy/nxVviagqMmFkKHgVvO5zf/
pMzsUOBxuTjnNEKwd2HaHJtJOxYbB+tnzTsyeTljWXZynMRoLk6CF1ADeuiuFALP
NLwSFmuHow/gXXKzZhnqPeXDLkqAEPNfeyCINYhcDlZlMsrnC/AaO8olt7ArwEhJ
bPE1IUECX4izB8fjng7yW1hWzRNYHzCSVvWTiN/mzv71Z7rXtUo0NfEm5208ZECp
K+a3p+dEH8P6f9ZMrep38MadUUOLOWxW2/MZHmTXQ8bboQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 05:40:27 2025 by rpki-client