Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: DkKxKGbVFqgxwvX9FWq7/gE04aLqFOEPUtf5408LVaY=
Subject key identifier: 3C:47:5A:64:9E:34:A4:66:29:37:27:49:E7:97:38:74:46:12:75:55
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 066FB230F0D0B7E652D325EB1F3E2DDA44222A2A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Fri 11 Jul 2025 20:50:53 +0000
ROA not before: Fri 11 Jul 2025 20:50:53 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:6f:b2:30:f0:d0:b7:e6:52:d3:25:eb:1f:3e:2d:da:44:22:2a:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:53 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=8e54865d132a9459b484564a2734cfc47082804c4e8069b03e86f15b10e994b7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:ad:08:64:03:7e:7c:5f:1a:08:fa:fa:d4:a4:
2a:0c:ff:e5:66:5b:f0:1e:2e:0d:56:a0:5f:57:a5:
6f:78:d5:68:37:9b:2a:f8:67:93:0c:5e:72:bd:38:
24:8e:de:f1:a8:d5:fd:83:12:8c:e8:d3:3a:d7:55:
3a:21:49:5d:3c:61:d0:d4:ff:85:a0:57:f2:d1:27:
de:c6:84:2e:11:27:33:87:74:44:2b:b7:a9:d2:14:
ff:6c:69:87:c6:68:a0:0f:b2:40:23:42:c9:87:29:
f1:0a:40:5d:66:f0:b4:30:70:38:8a:ca:65:61:6c:
29:95:b6:9c:c6:1a:c2:74:5c:e5:b3:e5:e1:15:77:
8f:10:10:0a:44:45:c9:6d:1c:b0:85:ae:48:f4:8e:
e6:29:2c:d7:6d:38:96:45:92:4b:51:1c:4a:e8:f7:
11:6c:e5:74:cc:b4:39:52:ce:a6:cd:c4:f6:88:fb:
e1:c0:af:cd:90:4f:be:b0:31:2f:04:0a:86:87:2c:
0d:84:88:94:68:d2:ce:fd:84:3e:20:64:a7:19:51:
88:b9:ef:86:c2:f0:34:82:a1:81:d2:52:49:f6:0a:
00:46:e8:8f:68:c6:e6:af:f6:ef:3a:2f:52:75:0c:
28:ae:e0:6d:7d:8e:97:bd:02:27:a8:89:36:77:34:
e3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:47:5A:64:9E:34:A4:66:29:37:27:49:E7:97:38:74:46:12:75:55
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
60:91:84:cf:e2:57:f7:7e:71:34:de:83:ad:32:2e:36:5e:7c:
58:6c:50:67:43:d1:f9:ff:af:15:14:83:54:1d:cc:63:b0:96:
81:b3:76:fb:c4:7f:78:60:53:ab:e9:a1:89:1d:6c:b7:ee:a6:
49:7f:29:b2:9a:2e:57:af:97:f4:3d:d2:16:86:04:d3:00:c6:
6d:5a:e4:96:f2:e6:12:76:9d:15:ea:af:d4:c5:11:fc:c2:19:
fd:60:32:a9:90:a3:5b:52:f4:92:f3:4c:ce:20:b9:4f:f1:7a:
e7:8e:5d:18:5c:f8:50:b6:78:ca:3d:a4:7a:07:cf:a0:e5:b5:
bf:4a:01:64:73:61:f6:3a:ae:14:84:a0:5f:5b:c1:9d:eb:fd:
24:e7:94:30:fa:bb:86:b6:b8:47:50:c9:54:3d:95:96:6f:4f:
d6:45:95:65:1b:f7:bd:f4:6a:c2:f3:4e:33:d2:78:9d:71:02:
f0:cf:5e:80:ba:15:29:22:b4:0a:62:5c:f6:fb:80:01:32:68:
5a:99:1d:ed:11:a5:61:98:43:b9:e3:20:22:05:89:80:e6:d5:
53:a0:f7:eb:34:93:0e:0c:76:74:7d:2c:eb:f9:65:02:60:d4:
78:2f:44:73:a6:d6:c7:b8:77:d4:c9:54:4b:6c:23:43:4b:ca:
c6:83:53:7a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBm+yMPDQt+ZS0yXrHz4t2kQiKiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhlNTQ4NjVkMTMyYTk0NTliNDg0NTY0YTI3MzRjZmM0NzA4MjgwNGM0ZTgw
NjliMDNlODZmMTViMTBlOTk0YjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPitCGQDfnxfGgj6+tSkKgz/5WZb8B4uDVagX1elb3jVaDebKvhnkwxecr04
JI7e8ajV/YMSjOjTOtdVOiFJXTxh0NT/haBX8tEn3saELhEnM4d0RCu3qdIU/2xp
h8ZooA+yQCNCyYcp8QpAXWbwtDBwOIrKZWFsKZW2nMYawnRc5bPl4RV3jxAQCkRF
yW0csIWuSPSO5iks1204lkWSS1EcSuj3EWzldMy0OVLOps3E9oj74cCvzZBPvrAx
LwQKhocsDYSIlGjSzv2EPiBkpxlRiLnvhsLwNIKhgdJSSfYKAEboj2jG5q/27zov
UnUMKK7gbX2Ol70CJ6iJNnc041UCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ8R1pk
njSkZik3J0nnlzh0RhJ1VTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAYJGEz+JX935xNN6DrTIuNl58WGxQZ0PR+f+vFRSD
VB3MY7CWgbN2+8R/eGBTq+mhiR1st+6mSX8pspouV6+X9D3SFoYE0wDGbVrklvLm
EnadFeqv1MUR/MIZ/WAyqZCjW1L0kvNMziC5T/F6545dGFz4ULZ4yj2kegfPoOW1
v0oBZHNh9jquFISgX1vBnev9JOeUMPq7hra4R1DJVD2Vlm9P1kWVZRv3vfRqwvNO
M9J4nXEC8M9egLoVKSK0CmJc9vuAATJoWpkd7RGlYZhDueMgIgWJgObVU6D36zST
Dgx2dH0s6/llAmDUeC9Ec6bWx7h31MlUS2wjQ0vKxoNTeg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:07 2025 by rpki-client