Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: EXHtHrBMl40pE3MQLlFUAuUo/LmxqnvZFOJtrPfQIGI=
Subject key identifier: DC:86:D2:E0:4B:E0:A6:30:01:ED:28:D7:D7:E3:2D:C9:55:83:65:60
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BD3822BB101CDE35FE9DBF5F2E4D42F3AA2C92F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Tue 05 Aug 2025 20:20:44 +0000
ROA not before: Tue 05 Aug 2025 20:20:44 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:d3:82:2b:b1:01:cd:e3:5f:e9:db:f5:f2:e4:d4:2f:3a:a2:c9:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:44 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=8e3f43202b44f42638f9a611c3af95b58c8e32d85e9071e5127d98e4231bf593, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:67:d4:74:d6:f7:b4:89:4d:d4:6f:54:72:17:
58:58:14:cc:d2:1e:39:f5:a4:91:a5:af:5c:f9:0d:
45:d8:f2:3a:c5:27:0e:05:0b:90:93:a9:a9:12:49:
f7:1a:d4:cf:00:45:fb:ae:d7:6b:d0:38:5b:2d:69:
8b:45:54:d0:32:95:3f:a8:b3:7d:aa:98:38:4e:bb:
0a:53:6f:2b:63:6d:9c:35:b3:2b:31:0b:98:0a:e4:
ed:c4:b4:b2:00:3f:67:ca:1b:18:e0:47:f0:27:65:
10:28:8f:66:e3:fd:d5:e8:87:c6:3e:a4:3e:ee:86:
af:d1:0a:fe:c5:5a:0b:e9:75:e3:03:f0:70:07:03:
f7:ca:9a:34:84:c3:56:80:dc:2d:05:6a:78:6f:a5:
d1:75:ce:3a:58:ca:a1:d2:f7:c9:4c:6c:60:98:7d:
b9:7d:f0:67:ae:9b:53:81:e2:d3:03:14:d2:ff:f4:
ff:90:51:0a:6f:c7:94:71:d2:33:53:0e:8f:63:fe:
19:1e:12:f9:51:41:41:8a:6d:eb:43:8d:39:3d:19:
07:f1:ea:d7:dd:12:7d:1a:fc:29:c1:a9:9e:9e:9a:
a5:b5:86:58:83:4a:cb:70:9a:fc:61:ec:b7:b3:27:
4a:00:3c:b3:44:fe:42:7b:8d:9c:3d:13:85:89:cc:
df:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:86:D2:E0:4B:E0:A6:30:01:ED:28:D7:D7:E3:2D:C9:55:83:65:60
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:1a:28:7a:8e:54:0a:55:0a:56:fc:56:d8:cb:f6:1e:05:10:
78:ce:29:8a:a8:8e:45:3b:24:d4:5c:df:92:89:9f:72:c3:75:
8f:c2:4b:20:5f:16:74:af:4b:55:41:65:8f:ac:a1:79:29:d6:
08:e2:9e:d9:d9:81:35:66:56:1d:bd:ec:b3:c5:18:97:a2:ff:
81:8c:b3:64:d3:cc:60:ef:4c:94:a2:78:0f:68:75:f0:9b:9b:
44:dd:23:cb:a5:be:f1:93:e2:e0:be:7a:d9:70:37:8b:a2:c9:
61:91:be:0f:3a:15:74:96:48:bb:6e:ec:09:94:37:0a:7d:26:
bf:f1:b4:79:49:17:ee:f1:ae:55:1b:6b:1b:5d:90:20:66:b3:
23:b0:ed:aa:47:42:0e:23:9e:f3:0e:96:96:18:04:47:e1:77:
03:1d:11:0b:8a:3e:b2:6b:a5:5c:16:df:ed:b5:11:d5:55:70:
c3:c2:66:45:de:de:ed:35:5e:5b:db:23:09:25:71:d9:a3:4d:
97:10:a7:06:d5:d9:fb:7e:63:cd:92:7f:c4:b0:fb:82:86:fe:
ce:53:cd:bf:5b:51:9c:30:de:03:31:be:98:58:8a:5c:51:48:
1a:b7:86:97:c9:83:0b:fe:32:b4:d8:58:46:1e:1a:4c:f8:94:
2e:b4:b6:d8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUa9OCK7EBzeNf6dv18uTULzqiyS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNDRaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlM2Y0MzIwMmI0NGY0MjYzOGY5YTYxMWMzYWY5NWI1OGM4ZTMyZDg1ZTkw
NzFlNTEyN2Q5OGU0MjMxYmY1OTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRn1HTW97SJTdRvVHIXWFgUzNIeOfWkkaWvXPkNRdjyOsUnDgULkJOpqRJJ
9xrUzwBF+67Xa9A4Wy1pi0VU0DKVP6izfaqYOE67ClNvK2NtnDWzKzELmArk7cS0
sgA/Z8obGOBH8CdlECiPZuP91eiHxj6kPu6Gr9EK/sVaC+l14wPwcAcD98qaNITD
VoDcLQVqeG+l0XXOOljKodL3yUxsYJh9uX3wZ66bU4Hi0wMU0v/0/5BRCm/HlHHS
M1MOj2P+GR4S+VFBQYpt60ONOT0ZB/Hq190SfRr8KcGpnp6apbWGWINKy3Ca/GHs
t7MnSgA8s0T+QnuNnD0ThYnM37UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTchtLg
S+CmMAHtKNfX4y3JVYNlYDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEASxooeo5UClUKVvxW2Mv2HgUQeM4piqiORTsk1Fzf
komfcsN1j8JLIF8WdK9LVUFlj6yheSnWCOKe2dmBNWZWHb3ss8UYl6L/gYyzZNPM
YO9MlKJ4D2h18JubRN0jy6W+8ZPi4L562XA3i6LJYZG+DzoVdJZIu27sCZQ3Cn0m
v/G0eUkX7vGuVRtrG12QIGazI7DtqkdCDiOe8w6WlhgER+F3Ax0RC4o+smulXBbf
7bUR1VVww8JmRd7e7TVeW9sjCSVx2aNNlxCnBtXZ+35jzZJ/xLD7gob+zlPNv1tR
nDDeAzG+mFiKXFFIGreGl8mDC/4ytNhYRh4aTPiULrS22A==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:20 2025 by rpki-client