Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: iKc4QvcXtBGERrZFX738PnuZAjAZiW46oM0ZPuskPZc=
Subject key identifier: 6E:CA:EF:1B:16:4D:43:0A:24:9C:9A:34:65:86:06:68:64:8B:62:2A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 460F54EA7E7166D65CFB464B4A0CFF765ABBB2D1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Fri 25 Jul 2025 17:00:02 +0000
ROA not before: Fri 25 Jul 2025 17:00:02 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:0f:54:ea:7e:71:66:d6:5c:fb:46:4b:4a:0c:ff:76:5a:bb:b2:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 25 17:00:02 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=129fb6743eb8e527904dd85f1a90c73dfae22dfd45433094c18dca4d3da35736, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:81:3e:6d:6b:fb:23:1e:13:19:bc:61:98:2a:
f3:1c:41:3a:ce:86:ea:78:9e:ec:ea:ca:64:5e:31:
49:1d:36:7d:55:b6:2b:af:d4:db:20:f3:e9:55:bf:
0f:fc:d5:28:c4:a4:1a:59:07:e5:26:10:ae:62:fd:
2d:09:00:bb:23:d7:53:54:27:5f:b1:bf:36:25:c6:
09:e7:fe:85:2a:eb:eb:19:00:a0:83:1e:bf:44:19:
7c:57:4f:bd:5b:69:b8:09:0d:46:e4:01:bb:32:61:
1f:d2:5d:b1:0b:90:58:c9:65:c0:6a:ef:b3:49:4c:
77:ca:2c:a1:9e:af:43:b1:51:ad:51:7a:5c:dc:c7:
61:a8:50:ef:7a:1f:d7:ae:44:7f:89:d2:21:5f:72:
3b:cd:d6:82:9e:a6:af:be:b7:21:92:2e:79:1f:f6:
ff:d7:e4:e2:64:23:f3:6c:21:40:f7:97:a7:ee:08:
95:c7:71:b0:97:38:ff:ac:f4:ed:52:1b:a0:20:2a:
49:2e:68:37:f7:62:70:7e:42:a0:45:af:06:b6:46:
19:db:61:f4:5c:ba:7a:98:2f:3e:84:64:d1:8b:54:
26:0b:f9:7e:95:6a:bd:64:2b:69:f4:4e:04:46:1d:
30:ec:8b:af:ca:8b:da:e9:c9:17:13:a1:45:80:60:
53:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:CA:EF:1B:16:4D:43:0A:24:9C:9A:34:65:86:06:68:64:8B:62:2A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
0c:19:c2:41:1b:c2:60:7f:de:dd:89:e5:d1:8b:8d:73:40:33:
01:21:b9:3c:7a:2a:cc:18:6a:29:9d:f5:25:46:aa:82:b1:58:
ac:3c:a7:13:79:b9:b6:bb:a2:0f:bb:5d:7a:74:16:fc:26:a5:
cc:7d:28:81:54:2b:91:57:e6:5c:5a:0c:46:a2:a7:43:28:18:
fd:05:4e:04:57:c6:60:ef:ee:ee:cd:b5:34:b3:df:eb:74:5f:
66:d5:50:86:e9:41:98:63:3f:23:e7:e6:93:33:85:c6:b1:a2:
19:f5:71:38:37:3b:d9:15:83:b3:e8:49:72:ad:85:61:3e:bb:
e7:8f:46:cb:3b:0c:84:d8:ed:91:da:9a:c6:ea:f3:41:06:f0:
9f:98:71:1c:4a:0d:8c:45:ac:2c:b9:45:39:08:11:03:db:be:
19:cd:5b:9f:b8:e2:74:6f:69:55:c2:cb:b6:93:4b:64:22:ad:
ee:2e:6a:c8:27:34:18:ec:71:26:ba:27:1c:15:ef:50:dd:2e:
ca:d2:52:a3:74:2b:3a:6b:6a:66:d5:27:ec:41:d0:30:4b:f0:
30:8a:ad:e0:48:11:b6:f6:37:7c:a6:1a:d5:7b:df:1b:8f:53:
9e:67:7c:ae:0e:aa:80:80:b2:e2:61:ac:c0:50:87:07:8e:1a:
4b:bb:0a:e0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURg9U6n5xZtZc+0ZLSgz/dlq7stEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjUxNzAwMDJaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEyOWZiNjc0M2ViOGU1Mjc5MDRkZDg1ZjFhOTBjNzNkZmFlMjJkZmQ0NTQz
MzA5NGMxOGRjYTRkM2RhMzU3MzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSBPm1r+yMeExm8YZgq8xxBOs6G6nie7OrKZF4xSR02fVW2K6/U2yDz6VW/
D/zVKMSkGlkH5SYQrmL9LQkAuyPXU1QnX7G/NiXGCef+hSrr6xkAoIMev0QZfFdP
vVtpuAkNRuQBuzJhH9JdsQuQWMllwGrvs0lMd8osoZ6vQ7FRrVF6XNzHYahQ73of
165Ef4nSIV9yO83Wgp6mr763IZIueR/2/9fk4mQj82whQPeXp+4IlcdxsJc4/6z0
7VIboCAqSS5oN/dicH5CoEWvBrZGGdth9Fy6epgvPoRk0YtUJgv5fpVqvWQrafRO
BEYdMOyLr8qL2unJFxOhRYBgUxcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRuyu8b
Fk1DCiScmjRlhgZoZItiKjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEADBnCQRvCYH/e3Ynl0YuNc0AzASG5PHoqzBhqKZ31
JUaqgrFYrDynE3m5truiD7tdenQW/CalzH0ogVQrkVfmXFoMRqKnQygY/QVOBFfG
YO/u7s21NLPf63RfZtVQhulBmGM/I+fmkzOFxrGiGfVxODc72RWDs+hJcq2FYT67
549GyzsMhNjtkdqaxurzQQbwn5hxHEoNjEWsLLlFOQgRA9u+Gc1bn7jidG9pVcLL
tpNLZCKt7i5qyCc0GOxxJronHBXvUN0uytJSo3QrOmtqZtUn7EHQMEvwMIqt4EgR
tvY3fKYa1XvfG49Tnmd8rg6qgICy4mGswFCHB44aS7sK4A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:43:34 2025 by rpki-client