Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: 5fbXeLVUp1bvfqSB8BKnQpOo70Yh2rV8BQRmrISVrac=
Subject key identifier: DF:B2:B6:D8:69:21:23:A3:4D:A6:06:28:CF:C2:66:F3:C3:B3:6F:5C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 07D3DF1F37DFFA1FCEFEC4E05DD345B9DECC9DDF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Fri 15 Aug 2025 15:50:08 +0000
ROA not before: Fri 15 Aug 2025 15:50:08 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:d3:df:1f:37:df:fa:1f:ce:fe:c4:e0:5d:d3:45:b9:de:cc:9d:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:08 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=8d82d67105c71ef72506b093a140540e0eadd3af55e77eaed4d6322eb352bb19, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a4:40:e6:ad:2b:56:c4:67:1c:46:87:7c:3a:
0e:36:c4:4a:be:d5:68:e7:53:e4:32:3d:b3:ba:4a:
cd:1f:4b:02:bf:21:c8:84:b3:89:6a:65:a1:8b:d7:
bb:6f:be:88:a8:66:79:da:79:0b:0c:fa:14:e0:b2:
b7:7c:cf:14:d8:c3:63:7d:53:b8:14:cf:13:d7:3c:
d7:3d:64:d1:32:15:db:78:ea:d0:91:d9:59:70:73:
c9:ef:e0:6a:5e:d7:24:5c:38:08:ac:03:13:5b:4a:
c5:3d:88:a8:41:84:aa:ed:2f:65:eb:73:d9:c0:12:
de:28:b3:ed:df:82:1e:85:de:ce:95:5c:a8:a2:ca:
8f:a2:eb:ba:39:ee:66:f4:6e:e0:aa:a0:73:27:77:
27:06:a6:b6:b1:da:25:54:80:44:83:40:3e:90:62:
44:c5:75:3e:3c:47:fa:f5:3c:f8:bb:c7:a8:b2:f3:
b3:4d:2e:a8:fe:2b:5e:12:cc:9e:66:99:88:16:2f:
3b:55:b2:44:0e:00:7e:97:e5:2e:a2:61:76:ad:7d:
d5:57:d6:b5:9b:84:4d:b4:5f:89:1f:56:5b:d9:74:
6f:3d:e7:6c:31:e6:9c:ef:9a:cd:c4:89:4d:93:59:
26:5b:da:c9:1a:43:d3:54:c6:fe:f4:c9:3f:24:0a:
a1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B2:B6:D8:69:21:23:A3:4D:A6:06:28:CF:C2:66:F3:C3:B3:6F:5C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:10:47:67:4e:c0:4b:91:c7:02:91:08:f3:6a:98:a1:cf:d8:
c6:d9:13:ed:bc:63:12:04:05:ba:85:93:3c:c1:f5:b4:24:4b:
48:7e:33:be:a9:ed:a4:7e:96:a3:ce:a8:fe:74:1a:b5:92:17:
3a:97:ca:e6:5d:c9:03:3a:97:5b:cf:bd:a3:b0:71:0f:a6:46:
0c:c0:0a:b5:9e:da:23:d8:aa:63:81:30:aa:07:89:78:44:51:
55:4e:32:9d:c1:4d:83:cc:cd:06:d9:1a:ed:a4:9c:35:72:32:
2c:33:fd:61:09:8b:92:22:2d:9d:9a:07:92:47:24:4d:7a:70:
9d:55:0a:29:4f:db:5b:79:38:57:7b:f3:02:2f:1d:c9:93:a6:
a7:24:b1:38:7d:d4:49:fc:a2:aa:fb:d6:89:ba:fc:36:92:29:
ff:f0:cd:56:bb:8a:b3:07:87:41:1a:71:5b:c4:36:aa:c6:8a:
9c:18:97:22:19:14:1f:f8:22:8c:d3:95:e4:f8:a7:d4:db:87:
9c:76:85:a0:80:b6:09:65:7a:2a:d6:a4:52:78:f1:38:6f:f3:
06:a2:04:c9:e7:a8:c5:ee:1c:33:a4:1e:97:0c:70:a7:02:5d:
c9:f7:df:5a:08:e1:60:12:10:fd:71:96:98:bd:69:e7:0b:ce:
0c:e0:75:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUB9PfHzff+h/O/sTgXdNFud7Mnd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwMDhaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDhkODJkNjcxMDVjNzFlZjcyNTA2YjA5M2ExNDA1NDBlMGVhZGQzYWY1NWU3
N2VhZWQ0ZDYzMjJlYjM1MmJiMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKkQOatK1bEZxxGh3w6DjbESr7VaOdT5DI9s7pKzR9LAr8hyISziWploYvX
u2++iKhmedp5Cwz6FOCyt3zPFNjDY31TuBTPE9c81z1k0TIV23jq0JHZWXBzye/g
al7XJFw4CKwDE1tKxT2IqEGEqu0vZetz2cAS3iiz7d+CHoXezpVcqKLKj6Lrujnu
ZvRu4Kqgcyd3JwamtrHaJVSARINAPpBiRMV1PjxH+vU8+LvHqLLzs00uqP4rXhLM
nmaZiBYvO1WyRA4AfpflLqJhdq191VfWtZuETbRfiR9WW9l0bz3nbDHmnO+azcSJ
TZNZJlvayRpD01TG/vTJPyQKoWkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTfsrbY
aSEjo02mBijPwmbzw7NvXDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQCJEEdnTsBLkccCkQjzapihz9jG2RPtvGMSBAW6hZM8
wfW0JEtIfjO+qe2kfpajzqj+dBq1khc6l8rmXckDOpdbz72jsHEPpkYMwAq1ntoj
2KpjgTCqB4l4RFFVTjKdwU2DzM0G2RrtpJw1cjIsM/1hCYuSIi2dmgeSRyRNenCd
VQopT9tbeThXe/MCLx3Jk6anJLE4fdRJ/KKq+9aJuvw2kin/8M1Wu4qzB4dBGnFb
xDaqxoqcGJciGRQf+CKM05Xk+KfU24ecdoWggLYJZXoq1qRSePE4b/MGogTJ56jF
7hwzpB6XDHCnAl3J999aCOFgEhD9cZaYvWnnC84M4HXy
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:43:59 2025 by rpki-client