Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: synY459MclDQVqAhNvBLCNJeHc/HHqE95+Fy3lvIq6E=
Subject key identifier: 56:98:46:39:F3:9B:71:79:6E:3C:97:8B:E9:74:0B:B9:FE:FC:88:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: D702427218E037A9C2ECB2808E13C6477ECC33
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Mon 21 Jul 2025 17:00:07 +0000
ROA not before: Mon 21 Jul 2025 17:00:07 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d7:02:42:72:18:e0:37:a9:c2:ec:b2:80:8e:13:c6:47:7e:cc:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:07 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=0aac7d220d26f298b1b43fa7582ca881e423c5d9a0ad5ffdfd76de42bd2fcbf3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:93:7a:e9:88:e4:3a:2e:5e:af:fe:36:27:42:
a6:45:1c:0c:22:fa:aa:92:05:f0:65:3b:2c:90:ed:
09:68:63:04:50:13:01:01:0a:26:7b:22:f5:99:3e:
88:85:90:b1:13:13:32:74:79:a0:b1:d0:98:65:97:
79:59:4f:ce:05:fa:c5:16:31:fb:c8:be:5e:df:a5:
26:6f:02:28:73:e4:80:02:62:41:ac:52:06:2d:d9:
66:76:79:8d:99:99:20:9c:4e:6f:01:5c:40:89:68:
19:ba:23:d9:5b:93:46:89:33:76:0c:37:22:2b:8a:
59:33:f5:d5:2e:ad:b9:19:15:03:50:5c:74:59:86:
b7:28:7d:24:74:43:65:6f:59:6c:86:0e:93:a6:c5:
f9:d8:66:bb:73:0a:b4:26:37:d1:43:6a:8b:c5:c0:
77:91:e2:5d:f4:ec:fd:2c:e0:42:a2:52:b0:9c:98:
f4:1b:31:da:3b:c1:12:fd:49:34:28:b3:92:ed:aa:
14:28:7d:ad:a0:39:e7:f4:bd:44:5c:fd:af:4a:e6:
45:f6:95:cf:a8:1f:fe:f0:c7:69:35:61:a2:10:7f:
24:ee:f1:bf:a9:a9:ef:0a:85:32:51:de:8c:b5:0a:
6d:9d:ce:18:63:2f:32:d6:d1:3f:de:8b:14:85:15:
17:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:98:46:39:F3:9B:71:79:6E:3C:97:8B:E9:74:0B:B9:FE:FC:88:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
99:ff:99:12:8f:6f:47:e5:67:aa:27:49:ef:d0:74:72:76:16:
14:37:08:a0:5c:e7:66:30:f8:90:fc:ff:ab:3d:ad:43:f6:6c:
3c:3d:30:55:63:55:78:c9:c7:3f:8f:98:a8:eb:56:8b:b8:5f:
28:29:69:ad:6c:2c:64:d7:88:75:75:e4:53:57:33:0d:ba:3e:
f6:67:1e:07:c4:ba:91:ee:84:09:71:57:96:f5:34:28:03:e5:
0b:43:ca:5c:92:8a:7a:43:49:75:67:ad:7c:8e:58:48:c9:03:
b6:68:04:49:0d:a5:be:3d:ef:ff:8b:81:83:ae:53:03:9f:b3:
10:d9:28:c1:1c:36:02:ae:31:17:5d:ca:7d:3b:92:cf:76:1a:
35:4f:51:fe:c6:82:ec:9f:43:fc:71:71:fe:9b:e8:59:fe:02:
43:be:29:a4:51:6d:8e:bc:a5:d9:96:09:5f:dc:fa:4c:7e:34:
ac:32:f8:2d:b2:db:ea:65:97:e5:41:d8:93:18:f9:f2:1f:0e:
c9:d0:4c:87:00:6c:24:59:03:27:a4:e9:e4:a9:99:ff:71:ad:
95:a7:36:66:c5:39:95:cb:eb:45:3d:ad:0b:19:26:ea:22:5e:
8f:4b:9b:90:8e:27:1b:6c:4c:fc:3c:82:22:d2:bb:96:2e:5e:
3e:4a:f2:a7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUANcCQnIY4DepwuyygI4Txkd+zDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwMDdaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhYWM3ZDIyMGQyNmYyOThiMWI0M2ZhNzU4MmNhODgxZTQyM2M1ZDlhMGFk
NWZmZGZkNzZkZTQyYmQyZmNiZjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuTeumI5DouXq/+NidCpkUcDCL6qpIF8GU7LJDtCWhjBFATAQEKJnsi9Zk+
iIWQsRMTMnR5oLHQmGWXeVlPzgX6xRYx+8i+Xt+lJm8CKHPkgAJiQaxSBi3ZZnZ5
jZmZIJxObwFcQIloGboj2VuTRokzdgw3IiuKWTP11S6tuRkVA1BcdFmGtyh9JHRD
ZW9ZbIYOk6bF+dhmu3MKtCY30UNqi8XAd5HiXfTs/SzgQqJSsJyY9Bsx2jvBEv1J
NCizku2qFCh9raA55/S9RFz9r0rmRfaVz6gf/vDHaTVhohB/JO7xv6mp7wqFMlHe
jLUKbZ3OGGMvMtbRP96LFIUVF40CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRWmEY5
85txeW48l4vpdAu5/vyImTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAmf+ZEo9vR+VnqidJ79B0cnYWFDcIoFznZjD4kPz/
qz2tQ/ZsPD0wVWNVeMnHP4+YqOtWi7hfKClprWwsZNeIdXXkU1czDbo+9mceB8S6
ke6ECXFXlvU0KAPlC0PKXJKKekNJdWetfI5YSMkDtmgESQ2lvj3v/4uBg65TA5+z
ENkowRw2Aq4xF13KfTuSz3YaNU9R/saC7J9D/HFx/pvoWf4CQ74ppFFtjryl2ZYJ
X9z6TH40rDL4LbLb6mWX5UHYkxj58h8OydBMhwBsJFkDJ6Tp5KmZ/3Gtlac2ZsU5
lcvrRT2tCxkm6iJej0ubkI4nG2xM/DyCItK7li5ePkrypw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:58:35 2025 by rpki-client