Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: YCVn/3mw7TFI6zScnXXkIaHjpAtZ7Q9adNHlzyhtKNY=
Subject key identifier: 2F:78:C0:C8:32:03:9E:91:E7:41:B6:FD:35:A4:73:66:4E:C0:08:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 64DCDF6FB45FD3B081A9297EBD5A388E92B9E274
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Fri 11 Jul 2025 20:51:03 +0000
ROA not before: Fri 11 Jul 2025 20:51:03 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:dc:df:6f:b4:5f:d3:b0:81:a9:29:7e:bd:5a:38:8e:92:b9:e2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:51:03 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a23f3a7c0ed192ccce6b2f3dce2dfc3ad70bbb392f2e98dab4106cdf15aceae0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:15:23:55:2a:08:d5:5c:69:4d:a9:fc:3d:93:
93:76:de:c5:b2:f9:42:93:25:12:a0:90:61:21:29:
19:39:b0:d8:59:56:8b:37:ec:d5:a9:68:9c:40:a0:
f8:47:7a:a4:a7:f8:bc:cb:57:77:65:da:04:f8:41:
39:f1:7d:f5:4e:e7:44:22:ba:cc:48:8c:fe:51:e2:
d6:bc:eb:f8:7b:54:21:71:d3:39:e2:8b:10:76:ab:
9b:80:9d:0d:07:45:42:50:81:be:7c:4a:2a:fa:d3:
1d:4f:b5:8f:88:74:88:81:a4:46:fb:e6:d5:12:e9:
b4:b2:2e:15:58:61:0f:9f:b8:ea:ef:7c:fe:bf:02:
a4:03:50:7c:b7:14:3a:25:bd:b4:c6:6f:d3:be:78:
b8:40:61:7a:65:25:96:f2:f9:16:c2:a4:76:3e:f7:
72:27:d3:8d:05:3c:91:e1:54:62:bc:43:76:0a:2e:
87:96:4a:44:4f:a3:5b:bc:36:60:2a:90:5b:0f:c6:
be:f6:9a:63:a6:8a:12:fa:15:3d:e1:f0:a6:d2:8f:
0a:f0:01:c3:f3:24:f8:5e:ec:96:90:0f:dd:40:97:
d1:c0:40:bd:68:3b:d6:d2:1b:5a:12:0a:6b:a5:11:
de:d7:b6:c8:dd:04:f3:a3:cf:2f:14:77:78:68:9c:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:78:C0:C8:32:03:9E:91:E7:41:B6:FD:35:A4:73:66:4E:C0:08:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
23:b7:1b:b2:e3:6d:51:d2:0a:ef:bb:15:e9:ac:23:45:ad:f4:
d7:eb:66:6e:a2:9f:9b:f2:19:75:5e:46:8c:ec:c0:d3:3b:54:
fb:32:32:e7:81:5d:ff:86:67:51:e0:85:a1:46:c1:6f:95:7d:
e7:25:26:c3:3a:a0:b4:de:40:e0:5c:39:5e:32:81:54:a0:9d:
bd:0e:37:2e:fb:0e:93:51:fa:cb:70:9e:09:3d:cf:b7:ba:4c:
8e:d1:d0:e8:30:b4:36:41:25:93:84:8c:a3:47:22:3f:7c:66:
44:1f:f7:32:8f:91:6f:0f:38:44:63:ab:27:52:75:4d:3a:ff:
5c:46:4f:99:b3:50:d7:7c:1a:2d:88:aa:d5:97:f4:c8:4b:cd:
ee:88:a2:1b:24:a4:68:0e:2c:08:dd:e1:b2:63:73:21:65:97:
52:9a:da:3b:b9:e5:81:e2:4d:e1:e4:b0:fe:2e:c3:f1:0b:77:
b9:d9:80:73:83:94:db:29:73:cc:a1:30:c4:9c:ad:d3:3a:e0:
7d:c8:f0:63:94:40:d0:21:3d:62:64:49:ef:19:ff:e6:ac:46:
8a:39:c1:6e:f8:fc:36:57:a4:7b:a3:99:f0:29:53:65:fb:6d:
2a:73:03:40:4f:e8:09:30:b0:39:27:a7:95:e5:10:05:f8:39:
8d:3c:6c:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUZNzfb7Rf07CBqSl+vVo4jpK54nQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUxMDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyM2YzYTdjMGVkMTkyY2NjZTZiMmYzZGNlMmRmYzNhZDcwYmJiMzkyZjJl
OThkYWI0MTA2Y2RmMTVhY2VhZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJEVI1UqCNVcaU2p/D2Tk3bexbL5QpMlEqCQYSEpGTmw2FlWizfs1alonECg
+Ed6pKf4vMtXd2XaBPhBOfF99U7nRCK6zEiM/lHi1rzr+HtUIXHTOeKLEHarm4Cd
DQdFQlCBvnxKKvrTHU+1j4h0iIGkRvvm1RLptLIuFVhhD5+46u98/r8CpANQfLcU
OiW9tMZv0754uEBhemUllvL5FsKkdj73cifTjQU8keFUYrxDdgouh5ZKRE+jW7w2
YCqQWw/GvvaaY6aKEvoVPeHwptKPCvABw/Mk+F7slpAP3UCX0cBAvWg71tIbWhIK
a6UR3te2yN0E86PPLxR3eGicE/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQveMDI
MgOekedBtv01pHNmTsAI1zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQAjtxuy421R0grvuxXprCNFrfTX62Zuop+b8hl1XkaM
7MDTO1T7MjLngV3/hmdR4IWhRsFvlX3nJSbDOqC03kDgXDleMoFUoJ29Djcu+w6T
UfrLcJ4JPc+3ukyO0dDoMLQ2QSWThIyjRyI/fGZEH/cyj5FvDzhEY6snUnVNOv9c
Rk+Zs1DXfBotiKrVl/TIS83uiKIbJKRoDiwI3eGyY3MhZZdSmto7ueWB4k3h5LD+
LsPxC3e52YBzg5TbKXPMoTDEnK3TOuB9yPBjlEDQIT1iZEnvGf/mrEaKOcFu+Pw2
V6R7o5nwKVNl+20qcwNAT+gJMLA5J6eV5RAF+DmNPGxI
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:33:21 2025 by rpki-client