Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: hdWLzaZj8SluInDJI+Tn+AGSnBEu5FQPWex9LdoG9Ss=
Subject key identifier: 94:1D:A8:B4:59:E8:4F:D1:98:02:A4:FC:EF:0F:B0:69:FB:33:35:5A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 596EDAECE19B98621765178C16FA71365CB16ECE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Fri 25 Jul 2025 17:00:04 +0000
ROA not before: Fri 25 Jul 2025 17:00:04 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:6e:da:ec:e1:9b:98:62:17:65:17:8c:16:fa:71:36:5c:b1:6e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 25 17:00:04 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=4618b0b86b977aa74d5ccbde654e6b175114cacb6e476db7f7cb248ed386d00f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a2:9a:62:be:a6:1a:ae:33:a8:a3:12:2d:72:
c5:91:8f:94:8f:af:0c:9d:36:f9:ee:4a:38:49:f8:
6f:68:c8:c7:8c:fb:7f:17:50:3e:7b:57:a6:24:9a:
c4:a8:56:c4:c4:e6:35:90:16:e3:97:43:c3:cb:dc:
33:07:a9:18:dd:bd:da:bc:60:22:15:32:69:68:0b:
71:e6:4d:e7:95:95:64:79:c7:e9:58:53:73:36:c0:
95:cf:39:2d:f3:7a:58:01:69:91:14:3e:25:c6:2f:
11:15:a0:a9:98:ec:19:8d:24:bc:c0:7d:de:fa:d0:
4b:6c:3f:a5:fb:a0:3b:be:0f:06:fb:b7:68:18:81:
03:2e:54:bb:3d:96:24:3f:6b:3c:2c:5a:05:2d:f9:
05:e5:eb:b7:ef:e9:ec:76:b4:77:4c:8e:4d:87:8b:
57:e1:cd:55:c7:d9:4c:31:da:31:06:53:ee:c9:73:
95:26:e1:a6:dc:e5:67:44:34:f0:bd:9a:65:61:4e:
bc:a8:4f:6b:6d:c4:45:a3:f2:2f:96:6c:a9:ab:40:
3c:7c:fd:06:36:d3:ed:1f:2e:9d:29:81:22:c7:72:
98:84:c1:08:e9:35:86:34:9d:e1:2d:57:8a:a2:a9:
b2:df:0c:0f:ed:80:bb:4a:ab:79:2b:5d:47:e3:76:
21:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1D:A8:B4:59:E8:4F:D1:98:02:A4:FC:EF:0F:B0:69:FB:33:35:5A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
67:e3:85:85:1b:a8:41:bc:0a:8c:79:a5:2d:37:3e:27:6e:b0:
28:32:72:36:cb:b2:6f:ff:9b:6a:fd:ec:f3:ec:3d:54:8c:e2:
a1:af:e2:69:7c:0a:c7:32:47:91:ee:7d:6b:1f:90:f8:80:d3:
f3:7a:99:ca:31:36:7d:7d:48:fb:9a:63:78:e7:d8:2d:66:42:
4a:eb:a8:29:88:50:65:cb:ed:18:1d:0c:59:12:46:62:d6:dd:
73:d2:45:52:3d:17:29:11:e1:d7:d3:f0:0f:a1:c6:51:98:67:
e5:8d:08:2a:82:73:54:b0:a7:65:25:6d:35:9f:ef:e8:46:cc:
2e:f4:ca:bc:8a:26:1a:c3:0b:4c:c8:4d:84:99:27:3e:cf:bc:
28:34:79:44:8f:8d:9a:0d:24:f6:5b:08:8d:38:6d:c1:25:95:
f8:83:aa:9b:c9:ae:bd:59:e8:05:b5:f3:2a:a9:be:86:a0:77:
df:5a:0f:db:19:1a:28:1f:97:3a:60:d9:24:01:7f:a9:33:03:
8e:55:38:f2:2d:7f:6a:60:e3:82:49:45:9c:74:b9:4e:69:9b:
20:ab:98:5d:8d:b1:4e:0e:3d:ea:2f:ff:bb:b2:e4:8f:55:0b:
77:44:1a:05:61:a9:c6:5d:8c:e4:52:af:d0:84:8a:89:5a:c3:
fa:b1:8d:ae
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWW7a7OGbmGIXZReMFvpxNlyxbs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjUxNzAwMDRaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2MThiMGI4NmI5NzdhYTc0ZDVjY2JkZTY1NGU2YjE3NTExNGNhY2I2ZTQ3
NmRiN2Y3Y2IyNDhlZDM4NmQwMGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeimmK+phquM6ijEi1yxZGPlI+vDJ02+e5KOEn4b2jIx4z7fxdQPntXpiSa
xKhWxMTmNZAW45dDw8vcMwepGN292rxgIhUyaWgLceZN55WVZHnH6VhTczbAlc85
LfN6WAFpkRQ+JcYvERWgqZjsGY0kvMB93vrQS2w/pfugO74PBvu3aBiBAy5Uuz2W
JD9rPCxaBS35BeXrt+/p7Ha0d0yOTYeLV+HNVcfZTDHaMQZT7slzlSbhptzlZ0Q0
8L2aZWFOvKhPa23ERaPyL5ZsqatAPHz9BjbT7R8unSmBIsdymITBCOk1hjSd4S1X
iqKpst8MD+2Au0qreStdR+N2IfcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSUHai0
WehP0ZgCpPzvD7Bp+zM1WjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ+OFhRuoQbwKjHmlLTc+J26wKDJyNsuyb/+bav3s
8+w9VIzioa/iaXwKxzJHke59ax+Q+IDT83qZyjE2fX1I+5pjeOfYLWZCSuuoKYhQ
ZcvtGB0MWRJGYtbdc9JFUj0XKRHh19PwD6HGUZhn5Y0IKoJzVLCnZSVtNZ/v6EbM
LvTKvIomGsMLTMhNhJknPs+8KDR5RI+Nmg0k9lsIjThtwSWV+IOqm8muvVnoBbXz
Kqm+hqB331oP2xkaKB+XOmDZJAF/qTMDjlU48i1/amDjgklFnHS5TmmbIKuYXY2x
Tg496i//u7Lkj1ULd0QaBWGpxl2M5FKv0ISKiVrD+rGNrg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:43:46 2025 by rpki-client