Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: oX7cbNB6VRqbBG2GJA1sO5dVldAQu9K8aYheX7lOQkc=
Subject key identifier: B7:B2:CB:8D:BB:56:7E:DD:44:A5:83:A2:60:04:63:D5:9E:9A:21:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A3DF2CBAA1F5A4D74C79E79EC31CAE2B87130AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Tue 05 Aug 2025 20:20:47 +0000
ROA not before: Tue 05 Aug 2025 20:20:47 +0000
ROA not after: Tue 09 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 08:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:3d:f2:cb:aa:1f:5a:4d:74:c7:9e:79:ec:31:ca:e2:b8:71:30:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 5 20:20:47 2025 GMT
Not After : Sep 9 23:59:59 2025 GMT
Subject: serialNumber=f1acff51fd31821b843f589b1801e6665459d96fc4e7288351fa23fccc22e79b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:78:0c:d3:8a:1f:e5:40:6c:03:b5:77:c6:28:
bf:81:c5:08:c9:12:f0:46:17:e8:8b:71:8d:40:45:
06:12:71:38:e6:01:ab:01:be:db:87:63:36:ce:cf:
4a:24:60:6a:4e:aa:b6:c9:28:19:eb:ae:44:f7:d5:
4e:c9:66:a0:56:b2:d9:2b:54:54:4a:75:15:8a:bb:
ec:f1:95:6b:b3:dd:1c:a2:3b:4d:2b:5f:17:2b:f1:
08:28:67:5f:f7:73:d4:b0:3b:1e:3e:91:bf:7a:8a:
b5:dd:71:c5:de:3b:ec:e6:83:0d:10:e4:80:b5:90:
1d:bf:4f:3c:89:2c:af:1c:a8:c5:ed:7b:e9:c2:01:
ff:93:45:25:41:ab:22:28:81:aa:c4:c8:91:23:fd:
24:1d:21:a0:e1:2e:73:6d:f3:da:c3:ec:78:c6:92:
e8:95:05:80:00:be:f3:3e:32:55:d7:ee:a7:97:5e:
9d:a3:b9:ab:69:62:8b:62:5d:5d:05:d2:3f:60:43:
1a:bd:9e:83:21:b6:71:e3:d9:65:32:4a:07:88:02:
97:a3:03:ea:97:24:b3:31:85:35:9a:fc:0b:12:57:
d2:74:72:a2:77:5f:15:77:88:72:26:f8:68:a5:ec:
d7:69:6d:5c:be:e3:67:73:df:93:27:00:6d:c5:52:
8c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:B2:CB:8D:BB:56:7E:DD:44:A5:83:A2:60:04:63:D5:9E:9A:21:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:4e:f2:20:ec:ef:5b:4a:23:67:64:35:ab:de:cb:63:09:3a:
a8:2a:97:c2:81:30:64:3c:be:22:8f:55:99:8f:d4:fe:e9:59:
3b:bf:f0:0a:79:d1:6e:e2:e4:0d:c8:fc:53:b8:af:c8:63:ca:
d0:c2:c0:de:4d:00:82:67:05:8f:6a:4a:00:ac:3b:7c:f7:30:
68:c9:d8:09:da:b6:f4:0c:50:3b:28:bc:44:de:97:96:f4:a5:
49:05:ec:fa:cf:d9:8e:81:e7:e0:46:c0:76:21:92:50:3f:28:
8d:35:72:76:7c:03:a5:c6:3c:e3:26:39:75:82:c4:a5:f3:70:
7c:ff:71:17:c6:6b:d0:8f:fb:1d:51:64:9a:88:b8:61:18:eb:
39:2c:9c:7d:9b:8e:f1:55:1b:91:b2:c7:13:1c:00:6b:ba:b1:
4a:ed:d1:c3:a3:e3:82:9d:b4:9d:c0:b7:dc:84:e0:13:98:b4:
a3:63:87:04:6b:53:94:d8:40:81:19:76:49:f7:b0:1c:73:ca:
db:07:b1:14:0b:6d:38:47:16:df:4c:88:38:e6:19:54:74:4c:
31:47:d7:69:1e:ed:50:14:c8:18:5e:33:ab:f2:d9:48:a9:3e:
1e:c0:9f:32:2c:13:cb:c3:9a:80:15:81:c9:18:78:ae:1b:c7:
dc:4c:03:9e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGj3yy6ofWk10x5557DHK4rhxMK8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDUyMDIwNDdaFw0yNTA5MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYWNmZjUxZmQzMTgyMWI4NDNmNTg5YjE4MDFlNjY2NTQ1OWQ5NmZjNGU3
Mjg4MzUxZmEyM2ZjY2MyMmU3OWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKh4DNOKH+VAbAO1d8Yov4HFCMkS8EYX6ItxjUBFBhJxOOYBqwG+24djNs7P
SiRgak6qtskoGeuuRPfVTslmoFay2StUVEp1FYq77PGVa7PdHKI7TStfFyvxCChn
X/dz1LA7Hj6Rv3qKtd1xxd477OaDDRDkgLWQHb9PPIksrxyoxe176cIB/5NFJUGr
IiiBqsTIkSP9JB0hoOEuc23z2sPseMaS6JUFgAC+8z4yVdfup5denaO5q2lii2Jd
XQXSP2BDGr2egyG2cePZZTJKB4gCl6MD6pckszGFNZr8CxJX0nRyondfFXeIcib4
aKXs12ltXL7jZ3PfkycAbcVSjGcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3ssuN
u1Z+3USlg6JgBGPVnpohRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQBZTvIg7O9bSiNnZDWr3stjCTqoKpfCgTBkPL4ij1WZ
j9T+6Vk7v/AKedFu4uQNyPxTuK/IY8rQwsDeTQCCZwWPakoArDt89zBoydgJ2rb0
DFA7KLxE3peW9KVJBez6z9mOgefgRsB2IZJQPyiNNXJ2fAOlxjzjJjl1gsSl83B8
/3EXxmvQj/sdUWSaiLhhGOs5LJx9m47xVRuRsscTHABrurFK7dHDo+OCnbSdwLfc
hOATmLSjY4cEa1OU2ECBGXZJ97Acc8rbB7EUC204RxbfTIg45hlUdEwxR9dpHu1Q
FMgYXjOr8tlIqT4ewJ8yLBPLw5qAFYHJGHiuG8fcTAOe
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:40:38 2025 by rpki-client