Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: HtH84QbVaT6iDGCcZpD+qCHVb9R+PGFlLH8z6O2HIws=
Subject key identifier: C8:46:5E:49:40:EA:19:E6:89:09:AB:57:27:3B:AB:E2:75:9A:A2:C7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 11050C87762E0206D96F2402F0A31933A3DEFB23
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Tue 02 Sep 2025 00:50:45 +0000
ROA not before: Tue 02 Sep 2025 00:50:45 +0000
ROA not after: Tue 07 Oct 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:05:0c:87:76:2e:02:06:d9:6f:24:02:f0:a3:19:33:a3:de:fb:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 2 00:50:45 2025 GMT
Not After : Oct 7 23:59:59 2025 GMT
Subject: serialNumber=6ddc27e78deaf8e7630fa4feedb1f08cec5fc46a1104beb8449f32d8a74010f0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d5:db:76:68:07:46:55:cc:f7:c0:9f:0c:7f:
66:99:a0:e9:34:c4:d6:38:10:0e:ad:53:5e:74:f8:
b0:94:46:b5:a4:99:e6:4c:63:c0:76:69:a4:c5:26:
a3:83:41:ad:0c:52:bb:f9:63:ed:c3:a6:ab:56:e2:
af:c1:c8:c0:73:44:ac:2c:c3:72:82:fa:71:5a:3e:
16:df:63:c8:2c:d5:29:9e:28:bb:e5:d7:eb:ed:a3:
4b:21:5d:1a:de:cc:72:7d:9c:70:13:58:9f:3e:97:
c4:74:31:09:68:8c:91:97:17:31:33:71:79:37:34:
97:a8:91:84:27:3d:a9:60:b0:8f:91:ca:4d:d1:ed:
23:85:56:76:62:9c:67:73:ac:06:98:91:c5:bc:58:
7d:79:4b:ef:ea:fd:cb:d4:dd:5c:7e:bd:2f:b5:06:
17:4b:3e:97:b8:f1:3f:4e:c4:1d:b5:44:a2:67:2b:
a3:00:c6:0d:e7:f6:37:2e:93:15:1c:3a:70:42:50:
51:f6:0a:91:79:59:50:9f:c5:e5:cc:a2:9f:64:ce:
b9:e5:6d:54:57:9e:dd:ff:8c:8a:21:b7:1b:66:d9:
9f:3c:a2:d9:96:bb:75:1a:bd:9e:f3:c8:63:e2:57:
af:ea:fc:ba:23:9e:19:89:b8:46:64:03:17:6e:81:
59:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:46:5E:49:40:EA:19:E6:89:09:AB:57:27:3B:AB:E2:75:9A:A2:C7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:0c:f2:32:c8:ee:44:44:dd:f0:42:a7:11:e7:72:7a:6a:42:
e5:7f:4c:51:c8:ac:09:4f:53:83:c3:86:1d:71:8a:33:15:85:
49:1c:10:b3:42:81:c6:13:64:e2:3b:43:db:9b:81:e8:ba:84:
5a:e0:d7:3d:d3:aa:f6:a3:cf:67:b3:32:d3:06:e1:30:5b:92:
c7:cd:f8:01:4f:52:e5:ad:fe:dd:f4:41:91:bd:7a:0c:64:41:
13:ed:f4:f3:02:86:8d:a4:27:5f:ea:97:83:f6:33:3b:02:a0:
14:f1:be:c8:f0:2e:b3:54:08:2e:08:08:0b:de:f7:2a:99:1e:
c0:a4:01:94:3a:03:e3:01:33:64:6e:4a:f1:8d:ad:f4:e7:9a:
31:c7:21:ae:bc:42:a7:08:5b:79:27:6d:a8:55:4a:28:77:a7:
44:71:40:d7:2f:85:fa:e6:14:19:bd:94:56:99:74:2b:0c:ba:
fd:8a:04:81:5d:48:13:b0:02:27:8b:c7:d8:c5:5c:53:cd:29:
0d:b7:f8:03:c6:b4:59:1a:5b:a3:f9:3c:d1:74:a8:d6:f7:1a:
8d:66:4a:83:e9:64:cc:35:d2:fd:e3:6c:58:25:a8:d0:c5:8a:
70:21:69:09:b5:0c:31:cb:25:6a:1a:d4:72:f1:7d:42:e9:98:
b7:b8:55:f9
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEQUMh3YuAgbZbyQC8KMZM6Pe+yMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDIwMDUwNDVaFw0yNTEwMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDZkZGMyN2U3OGRlYWY4ZTc2MzBmYTRmZWVkYjFmMDhjZWM1ZmM0NmExMTA0
YmViODQ0OWYzMmQ4YTc0MDEwZjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIPV23ZoB0ZVzPfAnwx/Zpmg6TTE1jgQDq1TXnT4sJRGtaSZ5kxjwHZppMUm
o4NBrQxSu/lj7cOmq1bir8HIwHNErCzDcoL6cVo+Ft9jyCzVKZ4ou+XX6+2jSyFd
Gt7Mcn2ccBNYnz6XxHQxCWiMkZcXMTNxeTc0l6iRhCc9qWCwj5HKTdHtI4VWdmKc
Z3OsBpiRxbxYfXlL7+r9y9TdXH69L7UGF0s+l7jxP07EHbVEomcrowDGDef2Ny6T
FRw6cEJQUfYKkXlZUJ/F5cyin2TOueVtVFee3f+MiiG3G2bZnzyi2Za7dRq9nvPI
Y+JXr+r8uiOeGYm4RmQDF26BWSkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTIRl5J
QOoZ5okJq1cnO6vidZqixzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAwwzyMsjuRETd8EKnEedyempC5X9MUcisCU9Tg8OG
HXGKMxWFSRwQs0KBxhNk4jtD25uB6LqEWuDXPdOq9qPPZ7My0wbhMFuSx834AU9S
5a3+3fRBkb16DGRBE+308wKGjaQnX+qXg/YzOwKgFPG+yPAus1QILggIC973Kpke
wKQBlDoD4wEzZG5K8Y2t9OeaMcchrrxCpwhbeSdtqFVKKHenRHFA1y+F+uYUGb2U
Vpl0Kwy6/YoEgV1IE7ACJ4vH2MVcU80pDbf4A8a0WRpbo/k80XSo1vcajWZKg+lk
zDXS/eNsWCWo0MWKcCFpCbUMMcslahrUcvF9QumYt7hV+Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 16:14:43 2025 by rpki-client