Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: kfdbDBji3BJN90EKlrXvFUmyYofy8/HFhr4uwSYSt3g=
Subject key identifier: 6D:76:C1:13:84:0A:52:E9:4C:09:19:D8:A6:DE:83:CC:B2:68:9A:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32320266700C59374B42FDF5BAD99E218D9093A3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Mon 14 Jul 2025 15:40:50 +0000
ROA not before: Mon 14 Jul 2025 15:40:50 +0000
ROA not after: Mon 18 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:32:02:66:70:0c:59:37:4b:42:fd:f5:ba:d9:9e:21:8d:90:93:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 14 15:40:50 2025 GMT
Not After : Aug 18 23:59:59 2025 GMT
Subject: serialNumber=270b64c347af4871430607568c00cf1af33f7ec8df4c0fbc0fc4d08306e6c8da, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:09:38:42:58:1e:c2:fb:c1:c7:7c:2a:ff:a4:
1f:07:87:03:29:87:f7:f4:00:2e:1c:63:5b:9a:7e:
d1:a7:9a:91:7e:4a:2c:f2:60:2a:78:b2:3d:b7:7d:
69:fa:4a:af:7d:b9:97:2e:cc:7b:7a:78:ea:4d:63:
c9:77:77:b0:2e:7a:f3:83:95:7a:dd:66:fc:63:96:
38:44:cd:c1:76:da:16:5e:c6:6c:39:24:2c:bf:e1:
4d:7f:b9:fd:64:59:5d:36:9d:17:23:13:d7:0e:b8:
6c:02:e7:b6:68:62:6d:0f:53:b4:20:6d:f0:7b:21:
ba:b7:57:3e:ae:53:50:b2:bb:1b:66:23:cf:fd:1a:
54:d4:98:b5:13:26:fb:15:5f:68:49:3d:bb:1b:54:
7e:df:e8:c1:5c:aa:78:f0:b1:a7:a4:f5:16:84:58:
12:67:f4:95:83:34:61:8c:5b:de:00:0c:a7:5e:ec:
fa:e7:6c:95:00:b4:36:18:a4:d0:bf:6d:92:e9:2d:
f4:18:1a:ed:fd:a2:c1:e5:be:b7:6c:75:b1:01:bf:
16:c1:a1:74:f1:5c:70:70:c1:00:14:5e:4f:a5:eb:
94:75:c5:52:0a:11:12:8f:81:b2:f4:84:72:5f:a6:
3c:e9:26:a6:df:f3:b9:d7:56:a9:8c:7c:ac:4c:8d:
f0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:76:C1:13:84:0A:52:E9:4C:09:19:D8:A6:DE:83:CC:B2:68:9A:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
70:47:6d:98:ec:66:9b:50:e2:22:40:9d:84:81:bc:b9:f8:dd:
95:6c:15:1e:e0:58:d6:4c:b3:db:fa:c5:c6:fd:70:f5:94:17:
aa:ec:bb:6e:a5:a3:ee:4e:e2:1d:e3:61:9d:7c:94:9a:7e:ad:
28:0c:34:4c:2d:a7:cf:1b:79:1c:58:9c:cc:21:fe:c9:c0:24:
27:de:fb:14:f3:67:ab:7c:f4:71:5f:58:6c:b7:5b:23:6e:e2:
a4:fa:ca:aa:50:37:c5:46:76:2f:1a:ee:22:84:e0:cc:8a:e9:
1d:73:e9:a2:1e:9d:d4:b3:76:cb:98:62:4b:36:3f:39:81:d7:
f6:85:86:2e:e3:6f:d1:d9:0e:e6:b7:7f:78:77:44:ff:6c:48:
32:65:e5:8c:51:3c:7e:5e:eb:5b:3b:76:e8:c6:38:29:7f:86:
65:bf:4a:a2:85:0f:18:f5:c4:5b:d7:25:ab:d9:41:c9:c6:26:
d4:6f:a7:38:29:71:16:65:ce:bb:7e:02:59:68:8e:0d:7d:f4:
e9:8b:67:0f:40:3f:92:08:4c:3c:57:11:b7:9c:92:2d:c7:06:
55:76:4f:73:b7:1b:7e:7d:af:f9:59:27:b9:64:09:ed:40:17:
5e:5d:f8:7d:f7:c9:c3:2e:41:6b:20:d0:25:95:3d:e1:15:85:
06:f6:20:d1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMjICZnAMWTdLQv31utmeIY2Qk6MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTQxNTQwNTBaFw0yNTA4MTgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI3MGI2NGMzNDdhZjQ4NzE0MzA2MDc1NjhjMDBjZjFhZjMzZjdlYzhkZjRj
MGZiYzBmYzRkMDgzMDZlNmM4ZGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIJOEJYHsL7wcd8Kv+kHweHAymH9/QALhxjW5p+0aeakX5KLPJgKniyPbd9
afpKr325ly7Me3p46k1jyXd3sC5684OVet1m/GOWOETNwXbaFl7GbDkkLL/hTX+5
/WRZXTadFyMT1w64bALntmhibQ9TtCBt8HshurdXPq5TULK7G2Yjz/0aVNSYtRMm
+xVfaEk9uxtUft/owVyqePCxp6T1FoRYEmf0lYM0YYxb3gAMp17s+udslQC0Nhik
0L9tkukt9Bga7f2iweW+t2x1sQG/FsGhdPFccHDBABReT6XrlHXFUgoREo+BsvSE
cl+mPOkmpt/zuddWqYx8rEyN8HsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRtdsET
hApS6UwJGdim3oPMsmiaPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEAcEdtmOxmm1DiIkCdhIG8ufjdlWwVHuBY1kyz2/rF
xv1w9ZQXquy7bqWj7k7iHeNhnXyUmn6tKAw0TC2nzxt5HFiczCH+ycAkJ977FPNn
q3z0cV9YbLdbI27ipPrKqlA3xUZ2LxruIoTgzIrpHXPpoh6d1LN2y5hiSzY/OYHX
9oWGLuNv0dkO5rd/eHdE/2xIMmXljFE8fl7rWzt26MY4KX+GZb9KooUPGPXEW9cl
q9lBycYm1G+nOClxFmXOu34CWWiODX306YtnD0A/kghMPFcRt5ySLccGVXZPc7cb
fn2v+VknuWQJ7UAXXl34fffJwy5BayDQJZU94RWFBvYg0Q==
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:52:10 2025 by rpki-client