Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: w3+M2OWIkmnpaM/KcBKtjL353wBxmk4Df57mlcfnMSc=
Subject key identifier: CE:BD:72:82:AE:6D:F5:E7:29:63:B9:DD:44:83:C8:B0:48:84:65:B4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 270EA8EB879177D58F35CC42100765BD7DDE16B2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Fri 15 Aug 2025 15:50:40 +0000
ROA not before: Fri 15 Aug 2025 15:50:40 +0000
ROA not after: Fri 19 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:0e:a8:eb:87:91:77:d5:8f:35:cc:42:10:07:65:bd:7d:de:16:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 15 15:50:40 2025 GMT
Not After : Sep 19 23:59:59 2025 GMT
Subject: serialNumber=e0063fc54aaa21b97196912adcb8405c1b80b7785d24fa0fe846ba4ebd75484f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f1:11:9f:59:d2:d5:fd:42:3e:a8:b7:f3:ae:
9d:c9:28:9e:d1:39:d2:da:30:d3:90:be:00:95:ad:
06:7a:58:d8:91:fb:99:e9:6e:17:bf:32:e8:d1:09:
67:5b:2c:c9:8a:db:c3:be:e5:c4:64:b6:71:d2:2a:
73:fb:57:e2:97:d6:aa:d3:45:d2:ba:ae:3d:08:05:
b5:42:7c:89:a4:94:30:b0:e2:f4:5d:a7:ad:e8:4a:
29:33:1f:91:36:a7:f9:67:16:b0:c8:7c:f5:f6:48:
5d:61:7b:0d:88:02:ad:f5:a8:7e:9d:83:43:b4:81:
39:dc:50:17:40:78:29:ff:ac:3a:8a:47:12:78:a2:
0e:c3:79:84:2e:96:c8:b3:ba:cc:c7:38:e5:a8:59:
93:53:e7:d7:e6:76:ca:d6:a4:40:3e:c4:c9:6d:c0:
de:27:95:77:e9:c0:f3:c9:2f:46:ab:c8:2f:32:1a:
ae:ee:49:fa:3f:24:20:ad:91:fc:e4:5d:25:55:fe:
43:70:32:4c:60:cc:1d:58:8b:cb:74:42:ab:18:a7:
87:6d:23:d5:fa:43:0b:80:39:27:d2:e4:19:fb:fc:
e8:26:41:a3:3a:59:af:94:60:e1:56:23:8c:86:43:
58:2d:f1:d0:a6:73:d6:f3:f1:a4:92:aa:10:00:f5:
d1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BD:72:82:AE:6D:F5:E7:29:63:B9:DD:44:83:C8:B0:48:84:65:B4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:a4:24:ce:67:ab:54:50:c3:85:fe:cc:1a:94:a3:a0:9a:7a:
82:1f:9e:e8:00:ad:db:e9:0c:c1:34:4f:2f:fa:da:8a:65:33:
a9:19:c8:0d:68:d8:59:b9:65:ef:0f:6c:bd:cb:ed:3a:9b:1c:
41:05:fa:6d:2f:4a:11:cf:51:48:6a:91:0d:7b:39:4a:29:c2:
00:70:f1:fe:76:eb:9f:07:70:80:69:53:ed:68:a2:03:af:4c:
06:ca:6b:52:a7:3c:6c:00:48:0b:42:ad:af:c4:17:95:c0:de:
d2:73:2b:3c:46:dd:0e:15:61:86:78:a7:1f:fb:7c:69:5b:17:
1f:a5:20:bf:e1:0d:db:1f:10:79:df:72:cd:c5:9f:dc:04:7e:
09:c0:90:d1:d7:a9:80:ca:fb:80:a3:ce:98:34:17:93:c1:00:
c5:ca:b2:c0:9a:71:0f:41:f4:00:e5:30:b2:ec:e3:a0:86:5c:
c3:13:07:68:9b:2e:d2:7c:01:4e:e5:44:da:d1:38:62:d2:b9:
0f:6d:23:a9:46:78:bf:74:c5:6e:d0:9b:21:58:d1:99:3f:9f:
a8:36:28:60:90:f6:f0:bf:72:f4:c1:4c:af:98:33:01:1d:3b:
74:31:be:de:96:81:f5:f9:50:0e:5c:31:09:e0:c8:6c:f9:d8:
cd:dd:80:c9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJw6o64eRd9WPNcxCEAdlvX3eFrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MTUxNTUwNDBaFw0yNTA5MTkyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwMDYzZmM1NGFhYTIxYjk3MTk2OTEyYWRjYjg0MDVjMWI4MGI3Nzg1ZDI0
ZmEwZmU4NDZiYTRlYmQ3NTQ4NGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOLxEZ9Z0tX9Qj6ot/OunckontE50tow05C+AJWtBnpY2JH7meluF78y6NEJ
Z1ssyYrbw77lxGS2cdIqc/tX4pfWqtNF0rquPQgFtUJ8iaSUMLDi9F2nrehKKTMf
kTan+WcWsMh89fZIXWF7DYgCrfWofp2DQ7SBOdxQF0B4Kf+sOopHEniiDsN5hC6W
yLO6zMc45ahZk1Pn1+Z2ytakQD7EyW3A3ieVd+nA88kvRqvILzIaru5J+j8kIK2R
/ORdJVX+Q3AyTGDMHViLy3RCqxinh20j1fpDC4A5J9LkGfv86CZBozpZr5Rg4VYj
jIZDWC3x0KZz1vPxpJKqEAD10aUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOvXKC
rm315yljud1Eg8iwSIRltDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAVpCTOZ6tUUMOF/swalKOgmnqCH57oAK3b6QzBNE8v
+tqKZTOpGcgNaNhZuWXvD2y9y+06mxxBBfptL0oRz1FIapENezlKKcIAcPH+duuf
B3CAaVPtaKIDr0wGymtSpzxsAEgLQq2vxBeVwN7Scys8Rt0OFWGGeKcf+3xpWxcf
pSC/4Q3bHxB533LNxZ/cBH4JwJDR16mAyvuAo86YNBeTwQDFyrLAmnEPQfQA5TCy
7OOghlzDEwdomy7SfAFO5UTa0Thi0rkPbSOpRni/dMVu0JshWNGZP5+oNihgkPbw
v3L0wUyvmDMBHTt0Mb7eloH1+VAOXDEJ4Mhs+djN3YDJ
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:37:49 2025 by rpki-client