Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: JwzGzmAVcZ2elpllN9uXQiMfstlxs8WE1vbeWepivcw=
Subject key identifier: 76:1E:C7:3C:B0:65:2B:44:98:34:A4:37:27:C5:22:43:EF:88:89:50
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79C6D3F26DFCA638FDDCB7C6D054088B5802F31A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Fri 15 Aug 2025 15:50:58 +0000
ROA not before: Fri 15 Aug 2025 15:50:58 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:c6:d3:f2:6d:fc:a6:38:fd:dc:b7:c6:d0:54:08:8b:58:02:f3:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:58 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=1e9eb81b9b3bec2b68f20711d22a72d83b4371828549602fe6c0fdf547581e18, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a1:19:01:74:2c:51:ad:a1:2f:83:10:43:c6:
f9:d2:95:0f:59:f2:61:4a:84:40:12:12:d0:1a:68:
03:e7:f8:83:a4:69:69:ac:a0:01:6c:c3:5b:1e:bb:
8e:9e:50:78:3c:7d:3a:45:97:01:38:94:24:a2:65:
ca:74:79:78:2f:f3:eb:b9:b1:19:84:72:05:91:7f:
f4:3e:c3:d1:45:85:7a:98:51:2e:b7:a7:78:40:8e:
f0:ed:bd:f7:e3:be:06:3e:bf:ea:dd:08:82:5a:03:
e2:0c:6e:d9:5a:ca:e5:b5:50:2a:28:fe:16:08:d0:
29:d5:6a:e7:fc:8f:0c:df:58:3a:b7:38:ba:b7:14:
22:2a:97:a2:c2:ca:82:a5:98:2d:68:63:bc:5b:8b:
12:52:ad:b3:03:48:d9:20:1d:49:ef:ff:9a:48:c3:
58:6f:18:7c:db:07:c1:f5:45:58:19:c9:92:67:39:
df:85:66:31:9f:42:61:ae:6f:b1:79:69:a0:52:29:
1a:e7:9c:52:62:08:6d:74:eb:c8:9c:7e:34:a1:76:
58:c9:59:3e:b4:a1:f2:e7:02:f6:97:10:7f:ae:74:
d4:ce:bc:5d:70:82:95:1d:4e:da:c2:6d:66:63:26:
15:f2:fc:9f:9d:d4:a3:f2:47:14:b6:f4:78:f2:32:
8c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:1E:C7:3C:B0:65:2B:44:98:34:A4:37:27:C5:22:43:EF:88:89:50
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
43:65:08:c7:87:6e:04:8f:b5:ea:ce:43:b7:5e:ae:ce:55:4c:
69:0b:5c:90:d7:9f:60:ca:46:b4:8f:26:7a:bf:e4:89:e1:4e:
b5:e2:bd:e4:e6:91:ca:65:78:e3:6a:f2:d3:af:a0:a1:d8:3b:
d3:3a:eb:65:f7:d6:52:a5:88:ed:5b:cc:81:1d:4f:79:77:b9:
3c:4c:05:83:ad:b2:01:d8:4a:6f:82:67:a4:44:26:33:67:4b:
79:3a:82:d7:55:11:e0:ac:73:76:cc:f4:1e:c9:51:69:bd:1e:
76:0b:f9:8f:92:fe:80:3c:cd:0d:2c:49:55:e6:6d:b0:e4:8c:
7a:22:4a:34:07:96:a2:40:68:a9:1e:2b:69:20:d4:a1:ef:cd:
13:54:5f:79:35:39:b0:f3:b0:d6:0f:bb:c0:f4:5f:e6:10:ca:
c1:0e:cb:11:0e:43:29:db:b3:a1:51:02:b1:2a:e4:aa:77:d4:
73:83:55:28:7b:ba:49:33:d6:c7:a0:6b:b5:9b:53:cf:6e:22:
90:4a:c5:43:74:9c:78:97:32:0b:a4:2a:1b:9e:7e:9d:8e:1e:
be:e5:56:92:fc:01:ba:d4:d9:9c:f8:c4:8e:d4:83:aa:75:5f:
fa:1e:5f:60:83:01:5e:69:ec:79:13:62:36:d2:c9:22:4b:17:
cd:22:ac:6f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUecbT8m38pjj93LfG0FQIi1gC8xowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNThaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQDFlOWViODFiOWIzYmVjMmI2OGYyMDcxMWQyMmE3MmQ4M2I0MzcxODI4NTQ5
NjAyZmU2YzBmZGY1NDc1ODFlMTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMihGQF0LFGtoS+DEEPG+dKVD1nyYUqEQBIS0BpoA+f4g6RpaaygAWzDWx67
jp5QeDx9OkWXATiUJKJlynR5eC/z67mxGYRyBZF/9D7D0UWFephRLreneECO8O29
9+O+Bj6/6t0IgloD4gxu2VrK5bVQKij+FgjQKdVq5/yPDN9YOrc4urcUIiqXosLK
gqWYLWhjvFuLElKtswNI2SAdSe//mkjDWG8YfNsHwfVFWBnJkmc534VmMZ9CYa5v
sXlpoFIpGuecUmIIbXTryJx+NKF2WMlZPrSh8ucC9pcQf6501M68XXCClR1O2sJt
ZmMmFfL8n53Uo/JHFLb0ePIyjN8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2Hsc8
sGUrRJg0pDcnxSJD74iJUDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQBDZQjHh24Ej7XqzkO3Xq7OVUxpC1yQ159gyka0jyZ6
v+SJ4U614r3k5pHKZXjjavLTr6Ch2DvTOutl99ZSpYjtW8yBHU95d7k8TAWDrbIB
2EpvgmekRCYzZ0t5OoLXVRHgrHN2zPQeyVFpvR52C/mPkv6APM0NLElV5m2w5Ix6
Iko0B5aiQGipHitpINSh780TVF95NTmw87DWD7vA9F/mEMrBDssRDkMp27OhUQKx
KuSqd9Rzg1Uoe7pJM9bHoGu1m1PPbiKQSsVDdJx4lzILpCobnn6djh6+5VaS/AG6
1Nmc+MSO1IOqdV/6Hl9ggwFeaex5E2I20skiSxfNIqxv
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:38:53 2025 by rpki-client