Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: 2ia9d1i2hW2uoRMibfzY70sbCHrMvd7KiR+5NyOeWIw=
Subject key identifier: 07:89:A2:5E:44:42:86:3E:F4:42:1D:FD:1E:2C:08:06:F7:44:59:AB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5EDC8571C96D6AD3441A991DC733CDF7CD84CE1B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Mon 01 Sep 2025 21:30:10 +0000
ROA not before: Mon 01 Sep 2025 21:30:10 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 08:32:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:dc:85:71:c9:6d:6a:d3:44:1a:99:1d:c7:33:cd:f7:cd:84:ce:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:30:10 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2918ad7b302ffe9dcbb0881a867c330ab6a61f320255c2b7be602cdea603080d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:8a:dc:52:3e:74:a1:99:1d:7c:c3:9e:0f:
33:72:b0:bc:a6:57:c1:0b:a8:23:b3:7d:17:3c:07:
56:af:da:a5:a8:56:6c:48:78:b8:6b:3f:67:52:c2:
1a:6c:40:2a:14:41:a0:e7:57:c9:a6:66:e2:22:87:
fb:e5:8f:57:86:5c:ef:48:d4:7e:21:20:13:c5:65:
83:f6:0d:84:9f:b3:74:3f:37:0d:36:c7:21:e7:a2:
ac:b5:2d:64:fb:98:a8:71:4c:75:84:c2:30:15:dc:
f1:be:12:ea:f1:1b:d5:cb:e4:51:13:03:b5:b1:d9:
75:ee:d6:50:a6:46:fb:38:e2:07:42:8f:b5:aa:9f:
d7:2c:89:0a:df:f7:0d:97:f3:f4:de:2d:3a:f6:e2:
47:49:66:e7:a7:7f:2f:dc:04:49:dd:a3:24:d0:b1:
a0:29:b3:c7:1e:3a:35:eb:a8:79:9c:24:1d:39:d2:
b1:53:13:f0:56:46:01:79:fe:9d:aa:af:7d:bb:60:
d4:4e:4d:c6:33:f3:1c:b8:54:80:9f:e4:5c:74:69:
2f:a9:f8:61:35:58:27:fa:22:ee:b6:e1:63:f4:ea:
0c:85:5a:2a:07:7c:4e:ed:70:a7:cb:5c:42:58:52:
f0:72:26:be:70:4a:0b:df:ac:11:46:53:84:ae:48:
22:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:89:A2:5E:44:42:86:3E:F4:42:1D:FD:1E:2C:08:06:F7:44:59:AB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:c3:32:2d:b5:97:76:e4:50:bb:c7:33:8e:c4:e4:8a:d0:6b:
df:5a:10:67:e5:96:6a:31:9d:92:b2:b9:8c:09:35:97:46:35:
72:6a:99:33:bf:81:33:4f:31:3f:34:49:71:51:95:64:b8:92:
b9:ef:a8:cd:a5:53:5f:94:25:a8:25:5b:11:f6:36:bf:99:b1:
37:0d:4e:ba:fc:08:55:a2:9d:86:91:fe:c5:29:f4:7c:56:21:
95:1a:33:58:be:03:3c:1e:93:05:01:46:e1:7c:62:68:87:46:
f5:f6:99:c1:5d:3a:08:2e:af:e8:28:4e:6a:12:dd:cd:b8:56:
3b:79:fc:23:ce:7a:1f:1a:0a:b1:35:a7:3d:ea:c3:bd:ab:22:
6f:0f:e4:36:04:42:e8:3c:41:b7:99:72:4c:1b:9a:e6:c8:77:
41:a8:df:b3:77:60:ae:93:3a:8d:7c:13:5a:0f:05:dc:4f:82:
2e:99:e5:66:c7:df:27:63:7e:18:ed:a9:49:38:8f:73:b5:ed:
20:98:34:ac:7d:28:d9:b6:a5:6c:bd:ab:82:1b:1f:3a:93:28:
37:d3:13:f3:cc:03:41:f5:e0:83:32:ca:6d:c4:f0:97:bb:d2:
3c:dc:7f:f8:7f:f6:e5:fb:f3:76:2a:20:49:27:37:88:08:ff:
d3:3c:15:71
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXtyFccltatNEGpkdxzPN982EzhswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTMwMTBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5MThhZDdiMzAyZmZlOWRjYmIwODgxYTg2N2MzMzBhYjZhNjFmMzIwMjU1
YzJiN2JlNjAyY2RlYTYwMzA4MGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwRitxSPnShmR18w54PM3KwvKZXwQuoI7N9FzwHVq/apahWbEh4uGs/Z1LC
GmxAKhRBoOdXyaZm4iKH++WPV4Zc70jUfiEgE8Vlg/YNhJ+zdD83DTbHIeeirLUt
ZPuYqHFMdYTCMBXc8b4S6vEb1cvkURMDtbHZde7WUKZG+zjiB0KPtaqf1yyJCt/3
DZfz9N4tOvbiR0lm56d/L9wESd2jJNCxoCmzxx46NeuoeZwkHTnSsVMT8FZGAXn+
naqvfbtg1E5NxjPzHLhUgJ/kXHRpL6n4YTVYJ/oi7rbhY/TqDIVaKgd8Tu1wp8tc
QlhS8HImvnBKC9+sEUZThK5IIpECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQHiaJe
REKGPvRCHf0eLAgG90RZqzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEAocMyLbWXduRQu8czjsTkitBr31oQZ+WWajGdkrK5
jAk1l0Y1cmqZM7+BM08xPzRJcVGVZLiSue+ozaVTX5QlqCVbEfY2v5mxNw1OuvwI
VaKdhpH+xSn0fFYhlRozWL4DPB6TBQFG4XxiaIdG9faZwV06CC6v6ChOahLdzbhW
O3n8I856HxoKsTWnPerDvasibw/kNgRC6DxBt5lyTBua5sh3Qajfs3dgrpM6jXwT
Wg8F3E+CLpnlZsffJ2N+GO2pSTiPc7XtIJg0rH0o2balbL2rghsfOpMoN9MT88wD
QfXggzLKbcTwl7vSPNx/+H/25fvzdiogSSc3iAj/0zwVcQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 11:10:52 2025 by rpki-client