Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: WfDcF3XMqzUa//dTUJNrmiRv+L4B49d89QCPLI451uk=
Subject key identifier: 94:EF:60:08:E4:54:75:F1:81:74:54:8B:49:C9:48:D5:5A:C0:77:8B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A52F6A487B12716CFFB55257CCB1C64DCBB2ABA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Fri 11 Jul 2025 20:50:52 +0000
ROA not before: Fri 11 Jul 2025 20:50:52 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:52:f6:a4:87:b1:27:16:cf:fb:55:25:7c:cb:1c:64:dc:bb:2a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:52 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=fb6eabbe8a97d74c69f4d0879f01c7408211824e414d78370c18257e3f54f35e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:26:49:67:f4:c7:d6:8c:e5:d6:af:ce:3e:
37:42:03:3c:72:30:a2:57:f4:97:d7:47:df:8e:1b:
64:16:5a:3c:a6:2a:2b:4f:27:ce:5a:1c:db:7b:a2:
ff:a7:78:8b:24:18:8b:2d:61:56:cb:8e:71:fd:ec:
55:72:53:13:07:2b:c8:b2:1e:5a:16:2a:9f:23:8a:
37:29:e8:ea:ec:07:11:4f:cd:6c:4e:25:ee:cb:3f:
e3:f8:86:04:78:01:63:43:51:ce:0c:36:ab:44:14:
0f:cd:ff:f5:83:6f:22:da:3b:eb:65:8f:1a:67:29:
d5:2d:75:ad:9f:21:73:af:de:0b:d3:d2:43:fd:60:
c2:54:cb:4b:5b:a5:c5:fd:98:b4:13:38:36:9e:e5:
15:65:2c:b5:b4:5c:09:10:12:54:e0:8c:05:13:b7:
d3:b2:90:a4:a6:b4:87:8a:47:cf:d6:06:8f:5e:05:
76:b5:d8:ba:10:b1:d4:a2:36:7f:f7:de:bc:ff:dd:
e8:df:08:90:0a:75:05:00:24:d9:fd:49:63:bc:16:
c6:be:5f:10:de:09:65:d4:75:58:84:51:67:2c:d9:
29:55:76:a4:05:fe:dc:75:ae:1b:29:fe:7c:36:e9:
45:a2:22:dd:df:9f:aa:b8:1d:d5:48:a3:c4:9d:ba:
35:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EF:60:08:E4:54:75:F1:81:74:54:8B:49:C9:48:D5:5A:C0:77:8B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:0e:fe:48:84:9a:5b:f4:d5:cc:94:bf:a9:a8:e4:45:a3:41:
92:cf:fe:8c:09:c3:59:86:01:77:f8:c1:77:e5:5c:4d:77:7f:
65:ec:ac:99:87:3a:ec:fe:e4:a3:68:00:97:2b:6e:2d:49:9e:
63:97:bf:f2:1a:74:a8:cc:56:3b:4f:ca:32:c6:e8:2d:1e:75:
d9:43:b4:c1:91:3f:00:66:f2:2c:40:d8:8a:5a:a6:87:d1:fa:
0d:3d:4f:f2:8a:52:be:a6:8e:15:57:4f:d3:dd:5d:a8:c5:1d:
62:48:4c:0e:73:82:10:5f:95:8d:58:4a:3a:64:79:1c:0c:59:
c9:93:25:b1:27:32:ee:76:e5:09:e2:3b:8f:e8:50:a9:bf:54:
57:3b:d4:57:e8:e7:05:82:df:80:08:6a:07:30:1d:79:8c:df:
a1:de:8b:ac:b7:c1:6d:63:cb:de:5c:e7:f0:9b:12:73:ca:28:
ac:29:74:71:62:5e:5c:43:26:49:79:fd:c4:78:18:c2:05:7f:
2f:78:25:f7:4d:91:8d:b3:3f:d3:80:da:5c:43:f4:a6:5e:f7:
5f:1a:ee:3f:76:50:84:90:76:c8:a4:93:50:cf:78:a8:4f:f7:
53:3e:71:52:c8:4f:e5:75:ad:3e:7c:26:ff:49:f8:7e:97:cd:
bb:53:56:66
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUelL2pIexJxbP+1UlfMscZNy7KrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTJaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiNmVhYmJlOGE5N2Q3NGM2OWY0ZDA4NzlmMDFjNzQwODIxMTgyNGU0MTRk
NzgzNzBjMTgyNTdlM2Y1NGYzNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALScJkln9MfWjOXWr84+N0IDPHIwolf0l9dH344bZBZaPKYqK08nzloc23ui
/6d4iyQYiy1hVsuOcf3sVXJTEwcryLIeWhYqnyOKNyno6uwHEU/NbE4l7ss/4/iG
BHgBY0NRzgw2q0QUD83/9YNvIto762WPGmcp1S11rZ8hc6/eC9PSQ/1gwlTLS1ul
xf2YtBM4Np7lFWUstbRcCRASVOCMBRO307KQpKa0h4pHz9YGj14FdrXYuhCx1KI2
f/fevP/d6N8IkAp1BQAk2f1JY7wWxr5fEN4JZdR1WIRRZyzZKVV2pAX+3HWuGyn+
fDbpRaIi3d+fqrgd1UijxJ26NR8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSU72AI
5FR18YF0VItJyUjVWsB3izAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAzw7+SISaW/TVzJS/qajkRaNBks/+jAnDWYYBd/jB
d+VcTXd/ZeysmYc67P7ko2gAlytuLUmeY5e/8hp0qMxWO0/KMsboLR512UO0wZE/
AGbyLEDYilqmh9H6DT1P8opSvqaOFVdP091dqMUdYkhMDnOCEF+VjVhKOmR5HAxZ
yZMlsScy7nblCeI7j+hQqb9UVzvUV+jnBYLfgAhqBzAdeYzfod6LrLfBbWPL3lzn
8JsSc8oorCl0cWJeXEMmSXn9xHgYwgV/L3gl902RjbM/04DaXEP0pl73XxruP3ZQ
hJB2yKSTUM94qE/3Uz5xUshP5XWtPnwm/0n4fpfNu1NWZg==
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:19:07 2025 by rpki-client