Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: cJz7Pj28y6g05gltLnjJXl93Zn/qig15t69eOHQrPSw=
Subject key identifier: 00:F2:60:2F:93:1A:27:04:54:24:11:71:A6:63:AE:81:7F:20:D0:B0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6758B0F4EBE429EEF968B001A723EA92E6C36EA7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Tue 05 Aug 2025 20:21:30 +0000
ROA not before: Tue 05 Aug 2025 20:21:30 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:58:b0:f4:eb:e4:29:ee:f9:68:b0:01:a7:23:ea:92:e6:c3:6e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:21:30 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=542bbe7687e9c2ddfacb2911d9154a5d66e5e27d7060e384152534574e3572ee, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:27:b8:c4:4a:b2:b2:21:f4:68:c1:c3:20:12:
c8:fc:28:dd:f1:d1:94:06:24:91:2a:1a:28:64:67:
79:4b:5b:33:f9:10:37:fa:54:64:56:8a:5f:5b:24:
3b:f3:b0:08:e3:07:be:d3:29:7a:6d:5a:66:a2:05:
69:f7:45:0e:7a:ba:fd:cc:bc:18:b8:79:ae:65:b1:
29:de:21:bd:73:8d:30:27:7a:5b:db:ed:ee:38:87:
1e:4b:66:51:48:e3:c5:ce:aa:75:8f:ce:4b:ec:39:
7f:5a:dd:8a:75:0d:a5:ac:08:8f:12:ed:ca:05:94:
2c:8f:dc:7d:cb:f6:80:78:39:59:50:2b:f2:44:f4:
ec:85:7e:c8:c8:fe:eb:7d:8c:58:3c:ff:88:b8:f9:
a8:39:fa:b9:a7:be:46:d1:8d:1b:dc:51:9d:5a:46:
cc:93:ac:73:cc:65:a8:c4:b8:55:fb:c5:fe:ab:5d:
d1:3b:cb:8e:ad:15:53:86:46:61:c5:66:f1:ef:e5:
5c:23:3f:cc:23:5b:ff:2a:e6:2a:a4:a9:3f:78:f1:
bb:03:ea:cb:b1:2f:91:4d:3f:2e:07:ba:57:9d:3f:
65:62:14:5b:e5:76:e7:23:10:44:0d:71:15:64:ad:
61:9b:96:1f:b6:a1:23:40:4e:d8:91:3b:57:dc:0f:
39:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F2:60:2F:93:1A:27:04:54:24:11:71:A6:63:AE:81:7F:20:D0:B0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
04:1d:3c:db:79:e5:c1:a8:4a:87:e5:0b:1f:3b:54:a9:bf:80:
4a:55:f0:ec:d8:fa:e4:94:4a:24:94:de:cd:ce:b4:dd:dc:b8:
92:51:67:fc:5d:78:79:6d:73:6d:da:b3:94:2f:33:0c:36:b9:
60:ba:b6:ac:df:49:5a:f3:43:e0:9f:0c:94:bb:fb:be:7b:23:
b2:86:ea:0b:3b:5d:7c:47:c5:16:09:0a:82:d3:e2:25:ab:83:
d9:a9:f0:33:dc:aa:55:be:14:54:1e:ee:c4:26:e4:2a:df:4f:
89:94:2a:29:84:d9:a1:60:19:da:cb:3c:21:59:ac:12:07:04:
7b:57:bc:ee:0e:35:0b:0d:4d:84:56:3a:f6:d3:6a:35:24:95:
d6:37:a3:26:85:3b:f4:30:61:dd:15:70:af:63:f5:3d:08:fa:
bb:af:90:92:76:14:ed:8b:8e:fd:8d:d7:28:b8:f6:04:3c:49:
af:2c:d4:9f:6f:a3:f0:2a:3d:eb:25:32:16:0b:6b:42:c5:86:
56:69:6b:48:f2:05:2e:af:a6:0d:69:71:c1:dd:2a:85:05:17:
30:e3:44:ac:85:11:66:68:23:57:35:95:73:1d:8f:95:74:c7:
1b:77:af:66:28:fa:48:3f:8a:d9:9d:19:40:b8:08:e9:0a:39:
d3:a0:03:c2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZ1iw9OvkKe75aLABpyPqkubDbqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIxMzBaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0MmJiZTc2ODdlOWMyZGRmYWNiMjkxMWQ5MTU0YTVkNjZlNWUyN2Q3MDYw
ZTM4NDE1MjUzNDU3NGUzNTcyZWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEnuMRKsrIh9GjBwyASyPwo3fHRlAYkkSoaKGRneUtbM/kQN/pUZFaKX1sk
O/OwCOMHvtMpem1aZqIFafdFDnq6/cy8GLh5rmWxKd4hvXONMCd6W9vt7jiHHktm
UUjjxc6qdY/OS+w5f1rdinUNpawIjxLtygWULI/cfcv2gHg5WVAr8kT07IV+yMj+
632MWDz/iLj5qDn6uae+RtGNG9xRnVpGzJOsc8xlqMS4VfvF/qtd0TvLjq0VU4ZG
YcVm8e/lXCM/zCNb/yrmKqSpP3jxuwPqy7EvkU0/Lge6V50/ZWIUW+V25yMQRA1x
FWStYZuWH7ahI0BO2JE7V9wPOSUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQA8mAv
kxonBFQkEXGmY66BfyDQsDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEABB0823nlwahKh+ULHztUqb+ASlXw7Nj65JRKJJTe
zc603dy4klFn/F14eW1zbdqzlC8zDDa5YLq2rN9JWvND4J8MlLv7vnsjsobqCztd
fEfFFgkKgtPiJauD2anwM9yqVb4UVB7uxCbkKt9PiZQqKYTZoWAZ2ss8IVmsEgcE
e1e87g41Cw1NhFY69tNqNSSV1jejJoU79DBh3RVwr2P1PQj6u6+QknYU7YuO/Y3X
KLj2BDxJryzUn2+j8Co96yUyFgtrQsWGVmlrSPIFLq+mDWlxwd0qhQUXMONErIUR
ZmgjVzWVcx2PlXTHG3evZij6SD+K2Z0ZQLgI6Qo506ADwg==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:30 2025 by rpki-client