Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: RcHeA11tqM8Jfk129J2vidGt1BWKTyGuDGOw3KJjlNc=
Subject key identifier: 8E:66:58:C9:71:37:41:AD:4F:12:99:37:4C:E4:2F:4F:E2:7C:7E:64
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 58C2C3A9E9AA3221C74544C9AF5071B95B65D8EF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Mon 01 Sep 2025 21:20:20 +0000
ROA not before: Mon 01 Sep 2025 21:20:20 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 13:16:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:c2:c3:a9:e9:aa:32:21:c7:45:44:c9:af:50:71:b9:5b:65:d8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:20:20 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2aa66ede057c39100b90c5d2e8151e0284d6d365a0edee84ba635bc716b353b3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:26:bb:36:b2:48:1d:2d:21:f8:c4:18:78:8a:
a4:be:dc:13:50:3a:6a:19:e6:4d:cd:ea:62:a9:b2:
6e:bb:17:8b:00:28:ac:2f:07:90:60:06:96:30:de:
18:23:71:26:17:9d:69:cf:09:dc:bd:a1:2e:ff:35:
6b:8a:ef:cd:81:21:f8:97:6e:3e:fa:9a:9d:94:d3:
d1:d2:ab:4c:6c:a4:db:c7:52:33:26:d1:ef:b5:32:
c5:8b:72:12:14:66:4c:62:f0:36:0f:0b:3c:b7:b7:
2b:d5:7a:a8:11:4f:1e:97:89:0a:e1:ea:bd:ac:4f:
9c:50:f7:c0:54:c9:e7:6a:68:d7:04:3d:57:2e:05:
9d:cd:ab:96:26:93:ab:f1:72:f6:35:b1:5a:24:b8:
88:bf:f3:5f:07:af:ac:21:94:4a:8a:e1:c0:3c:eb:
0b:03:68:a8:58:08:07:57:5d:22:da:cb:fc:cc:93:
95:d4:bc:84:5e:80:9d:fb:ac:13:a3:79:97:db:58:
a3:48:85:7a:0c:03:c3:55:92:52:a5:94:68:80:69:
df:d7:39:e6:39:e4:ab:b7:73:11:ea:4f:87:ff:4a:
62:84:bb:5a:9f:ab:d1:19:e9:89:2c:7e:66:47:07:
06:94:7b:dc:cd:66:51:16:7c:d5:2b:be:d9:03:18:
3c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:66:58:C9:71:37:41:AD:4F:12:99:37:4C:E4:2F:4F:E2:7C:7E:64
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
96:8e:57:41:b0:6c:70:5a:4c:b7:b7:ef:0c:f0:46:4b:cf:97:
cb:b1:ee:17:d9:c6:c0:79:a7:de:75:26:d9:fa:0f:77:94:ab:
14:9a:9a:72:c6:48:55:c4:bc:4b:01:6b:3a:84:60:54:a3:d3:
a2:56:4e:a9:99:f8:4f:39:60:cf:3d:d0:56:d0:ad:b9:a8:59:
36:2e:0d:35:73:a3:bf:5c:f0:66:a0:7b:78:32:85:37:83:3a:
37:07:62:eb:ac:3f:47:e0:08:98:e0:8e:49:f5:cd:ee:e9:14:
01:5a:1e:35:67:13:f7:bd:4a:8f:b2:dc:52:fa:b7:f7:72:75:
31:95:a5:b7:a6:f1:e9:df:55:7e:00:0f:9b:87:52:ba:08:13:
d8:c9:60:36:d0:da:7c:89:83:a5:af:30:f3:71:64:11:fa:8d:
e5:09:91:ea:c2:fc:58:9e:6a:4c:c3:96:e8:79:2a:ad:fc:c7:
e9:33:25:b4:05:5b:0a:37:fa:27:49:6e:c8:4c:50:dc:94:fa:
af:08:4e:26:7c:eb:c8:dd:9c:3c:f1:b7:7e:8e:c7:bf:fd:0a:
fd:c3:e4:2b:b6:af:56:aa:ca:55:46:58:8c:83:02:ea:f2:12:
0f:1f:7d:eb:94:83:4e:81:08:d7:f2:b4:b2:66:cd:3d:50:5c:
98:a3:07:4e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWMLDqemqMiHHRUTJr1BxuVtl2O8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTIwMjBaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhYTY2ZWRlMDU3YzM5MTAwYjkwYzVkMmU4MTUxZTAyODRkNmQzNjVhMGVk
ZWU4NGJhNjM1YmM3MTZiMzUzYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJcmuzaySB0tIfjEGHiKpL7cE1A6ahnmTc3qYqmybrsXiwAorC8HkGAGljDe
GCNxJhedac8J3L2hLv81a4rvzYEh+JduPvqanZTT0dKrTGyk28dSMybR77UyxYty
EhRmTGLwNg8LPLe3K9V6qBFPHpeJCuHqvaxPnFD3wFTJ52po1wQ9Vy4Fnc2rliaT
q/Fy9jWxWiS4iL/zXwevrCGUSorhwDzrCwNoqFgIB1ddItrL/MyTldS8hF6Anfus
E6N5l9tYo0iFegwDw1WSUqWUaIBp39c55jnkq7dzEepPh/9KYoS7Wp+r0RnpiSx+
ZkcHBpR73M1mURZ81Su+2QMYPL8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSOZljJ
cTdBrU8SmTdM5C9P4nx+ZDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAlo5XQbBscFpMt7fvDPBGS8+Xy7HuF9nGwHmn3nUm
2foPd5SrFJqacsZIVcS8SwFrOoRgVKPTolZOqZn4Tzlgzz3QVtCtuahZNi4NNXOj
v1zwZqB7eDKFN4M6Nwdi66w/R+AImOCOSfXN7ukUAVoeNWcT971Kj7LcUvq393J1
MZWlt6bx6d9VfgAPm4dSuggT2MlgNtDafImDpa8w83FkEfqN5QmR6sL8WJ5qTMOW
6HkqrfzH6TMltAVbCjf6J0luyExQ3JT6rwhOJnzryN2cPPG3fo7Hv/0K/cPkK7av
VqrKVUZYjIMC6vISDx9965SDToEI1/K0smbNPVBcmKMHTg==
-----END CERTIFICATE-----
Generated at Tue Sep 16 14:35:39 2025 by rpki-client