Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: eouWUr+W/uv4Z0TmxVPUBHYDb7tre8sCHGAcSHvUwTc=
Subject key identifier: 07:00:A0:AE:12:EC:B0:62:DC:9A:E1:ED:E0:06:03:BE:93:57:5D:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AEFABD6C0D011B4E7E57A7BC217FAB82DEFC135
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Mon 21 Jul 2025 17:00:08 +0000
ROA not before: Mon 21 Jul 2025 17:00:08 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:ef:ab:d6:c0:d0:11:b4:e7:e5:7a:7b:c2:17:fa:b8:2d:ef:c1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:08 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=ee199d6f83ca1c267ccd04ae661ccd2e259847bbe38a6a967272bd63e2ebf382, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c5:5a:64:73:d8:65:8e:2b:26:5e:ab:9f:e0:
77:4a:9e:a6:81:05:20:51:e7:78:0a:30:a1:ac:30:
58:80:b3:e3:1e:7c:6b:ba:21:8e:0a:f1:47:a1:f2:
eb:2d:f0:a9:80:79:56:3a:28:6e:8e:d7:51:a3:9a:
20:1c:d5:8b:8a:29:41:53:77:c3:79:e1:08:14:f8:
95:7e:2a:fc:82:36:cf:00:7f:65:ce:73:8e:ca:17:
d6:73:0e:64:37:e1:a6:5f:2b:96:41:11:1f:47:7a:
d0:fd:2e:b9:30:6a:e4:39:69:6a:71:a4:8d:c0:89:
86:51:af:8b:ff:ec:e2:40:4c:ad:42:ec:9f:09:66:
57:ff:3f:08:0d:96:ee:94:a4:fc:66:9e:77:1d:82:
9e:13:01:6a:15:59:f2:da:0d:4a:fe:9c:7f:2f:32:
09:cc:74:d9:c9:05:fc:c3:20:ad:91:07:f3:33:3c:
20:0e:16:18:1e:c2:bd:73:52:a2:38:7a:f5:f6:9b:
48:2e:8c:44:2a:20:4b:18:43:ba:e1:98:f5:d4:ee:
3e:01:00:64:1a:b7:07:79:d2:d2:06:e0:01:4a:37:
bd:7f:a6:71:2c:be:79:fa:9f:85:b3:f8:73:26:bf:
2e:fc:82:41:78:28:5b:66:36:6e:79:f2:96:20:d1:
c5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:00:A0:AE:12:EC:B0:62:DC:9A:E1:ED:E0:06:03:BE:93:57:5D:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:d3:0b:00:e9:b2:18:d3:e8:33:dd:fe:ae:b2:f9:eb:be:f5:
d5:36:4c:2d:fb:cc:d0:8c:bc:58:99:8a:76:bd:7b:1d:ca:6b:
85:08:7f:1e:8e:14:04:ba:2c:f0:70:c5:7d:8d:c8:fe:83:38:
32:f0:16:fd:94:93:ff:05:55:2b:c7:ef:96:b8:21:da:64:25:
75:66:83:1e:6d:40:02:89:25:a9:d2:bc:c1:01:b4:a0:a5:46:
25:e7:75:db:aa:aa:66:8b:10:e7:b0:ef:9b:df:4e:f4:ce:3b:
da:9c:ff:f1:c9:0b:bd:8b:92:a2:bf:42:3a:21:98:44:7d:fb:
fe:1e:25:62:81:9c:0c:3a:45:60:d7:2d:94:3f:13:eb:88:e0:
e8:36:c7:ef:7d:51:8c:bb:ee:e4:e8:57:43:fd:9a:ce:54:aa:
2e:9e:81:cb:b2:df:3a:89:78:1c:af:6c:dc:eb:c7:13:00:7b:
ad:2c:53:72:ae:c6:2b:a0:93:7d:7d:fe:ec:9d:e7:57:76:fd:
ca:c1:86:30:5b:5c:81:b8:23:53:5c:02:07:bf:18:cc:71:ef:
c9:94:55:92:83:9b:6b:ac:2d:3e:83:74:fd:3f:2d:e5:f0:36:
04:56:36:6b:e4:72:78:e1:8e:0e:37:2e:f0:4e:86:b0:94:d4:
47:3e:01:a4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCu+r1sDQEbTn5Xp7whf6uC3vwTUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwMDhaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlMTk5ZDZmODNjYTFjMjY3Y2NkMDRhZTY2MWNjZDJlMjU5ODQ3YmJlMzhh
NmE5NjcyNzJiZDYzZTJlYmYzODIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfFWmRz2GWOKyZeq5/gd0qepoEFIFHneAowoawwWICz4x58a7ohjgrxR6Hy
6y3wqYB5Vjoobo7XUaOaIBzVi4opQVN3w3nhCBT4lX4q/II2zwB/Zc5zjsoX1nMO
ZDfhpl8rlkERH0d60P0uuTBq5DlpanGkjcCJhlGvi//s4kBMrULsnwlmV/8/CA2W
7pSk/Gaedx2CnhMBahVZ8toNSv6cfy8yCcx02ckF/MMgrZEH8zM8IA4WGB7CvXNS
ojh69fabSC6MRCogSxhDuuGY9dTuPgEAZBq3B3nS0gbgAUo3vX+mcSy+efqfhbP4
cya/LvyCQXgoW2Y2bnnyliDRxZsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQHAKCu
EuywYtya4e3gBgO+k1dd0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQCt0wsA6bIY0+gz3f6usvnrvvXVNkwt+8zQjLxYmYp2
vXsdymuFCH8ejhQEuizwcMV9jcj+gzgy8Bb9lJP/BVUrx++WuCHaZCV1ZoMebUAC
iSWp0rzBAbSgpUYl53XbqqpmixDnsO+b3070zjvanP/xyQu9i5Kiv0I6IZhEffv+
HiVigZwMOkVg1y2UPxPriODoNsfvfVGMu+7k6FdD/ZrOVKounoHLst86iXgcr2zc
68cTAHutLFNyrsYroJN9ff7snedXdv3KwYYwW1yBuCNTXAIHvxjMce/JlFWSg5tr
rC0+g3T9Py3l8DYEVjZr5HJ44Y4ONy7wToawlNRHPgGk
-----END CERTIFICATE-----
Generated at Tue Aug 5 21:36:57 2025 by rpki-client