Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: txtZEaZCInMS9rMUvSzDBqtA5aWSK0ryX7wSssthWhk=
Subject key identifier: B4:20:F7:55:4C:93:D7:C9:F9:74:BE:81:6F:69:E3:B8:3E:D5:2F:F2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 62ED635BE67172DAD41FDDB30D8AE778E4B027B8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Mon 21 Jul 2025 17:00:04 +0000
ROA not before: Mon 21 Jul 2025 17:00:04 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:ed:63:5b:e6:71:72:da:d4:1f:dd:b3:0d:8a:e7:78:e4:b0:27:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:04 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=952f20dd1f69ba68ca3c6570f352cb4aab4e8c0436c42b2d5589bed6fcd23020, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:3f:93:e4:79:93:4c:dd:4b:3a:0c:40:52:
48:c4:a1:88:cc:51:cd:93:3b:21:9b:ab:2c:3f:9b:
44:58:8c:60:55:ed:ba:91:da:b6:50:a8:db:da:26:
04:35:9b:10:07:f4:6a:9f:71:a6:2c:90:76:be:cc:
e2:a8:83:4b:a6:f9:d2:9a:b1:02:37:b9:1b:8e:6f:
66:7e:f5:72:3b:b0:42:fc:35:b9:e2:37:b1:d6:40:
19:8b:a8:ca:fd:07:20:ec:eb:c4:4f:ac:a6:fc:3c:
d6:64:51:85:aa:f6:13:92:92:69:5b:18:dc:bf:2d:
d7:14:70:ef:4e:f8:5e:d4:81:c6:7f:42:bc:ab:77:
3f:bc:3c:49:db:35:a0:50:64:aa:43:cc:db:96:5a:
ea:cf:00:94:59:cb:73:53:f9:4e:f3:ed:a5:27:89:
56:d9:6e:85:ef:61:6c:41:7d:5d:55:e9:42:4f:11:
a3:be:32:44:d0:da:7b:c4:bd:85:84:4c:ec:52:4b:
7a:cd:bb:2d:66:97:60:d5:e5:61:46:b3:31:3d:3e:
95:89:76:03:83:1b:f2:5d:46:b3:cd:c8:4e:2b:5c:
9b:01:e7:7b:bb:dd:81:cb:f7:27:f5:3b:2a:a8:e8:
ec:ca:6f:c5:5f:f7:ea:72:b3:eb:d9:11:23:cb:13:
26:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:20:F7:55:4C:93:D7:C9:F9:74:BE:81:6F:69:E3:B8:3E:D5:2F:F2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
47:c1:50:59:35:b2:52:3b:43:47:91:44:77:14:33:89:5e:e0:
92:86:71:af:15:49:db:29:12:e8:07:13:ac:ab:6a:f0:55:aa:
76:9b:dc:1e:c5:27:f4:8c:0b:30:75:9e:15:57:c2:fc:1e:92:
f4:53:1b:34:e3:ad:67:4a:14:f7:e5:7b:bb:c1:30:e3:b3:60:
85:a7:12:79:9e:03:96:06:af:69:be:51:34:44:9c:47:13:0d:
5b:f4:a1:43:27:13:72:86:7f:24:a5:8f:4e:0c:30:f2:cb:6f:
46:fb:e2:c7:04:b8:66:51:bb:7f:8e:42:1c:94:37:a6:84:55:
06:71:0d:65:01:43:4d:44:a9:45:04:c3:46:02:58:d5:05:32:
d3:88:a9:6d:23:bd:ba:a5:29:ad:27:fd:81:88:be:29:3e:bb:
be:44:4d:fa:64:b7:9b:27:c9:6e:05:de:03:24:b8:ab:54:8d:
96:8c:80:aa:85:f1:d8:4f:a2:c1:11:73:0a:71:00:15:3e:1a:
55:6f:4e:e1:d6:94:60:46:04:ec:6d:8e:81:1a:ef:b7:00:1a:
fb:f5:e1:5d:08:0c:12:91:8b:1e:d8:d0:94:60:e8:ec:e2:75:
b6:cc:ef:a4:d6:f0:98:d3:dc:a5:6b:39:a3:ae:c3:00:da:19:
c9:62:c8:6b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYu1jW+ZxctrUH92zDYrneOSwJ7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwMDRaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1MmYyMGRkMWY2OWJhNjhjYTNjNjU3MGYzNTJjYjRhYWI0ZThjMDQzNmM0
MmIyZDU1ODliZWQ2ZmNkMjMwMjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAuP5PkeZNM3Us6DEBSSMShiMxRzZM7IZurLD+bRFiMYFXtupHatlCo29om
BDWbEAf0ap9xpiyQdr7M4qiDS6b50pqxAje5G45vZn71cjuwQvw1ueI3sdZAGYuo
yv0HIOzrxE+spvw81mRRhar2E5KSaVsY3L8t1xRw7074XtSBxn9CvKt3P7w8Sds1
oFBkqkPM25Za6s8AlFnLc1P5TvPtpSeJVtluhe9hbEF9XVXpQk8Ro74yRNDae8S9
hYRM7FJLes27LWaXYNXlYUazMT0+lYl2A4Mb8l1Gs83ITitcmwHne7vdgcv3J/U7
Kqjo7MpvxV/36nKz69kRI8sTJikCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS0IPdV
TJPXyfl0voFvaeO4PtUv8jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQBHwVBZNbJSO0NHkUR3FDOJXuCShnGvFUnbKRLoBxOs
q2rwVap2m9wexSf0jAswdZ4VV8L8HpL0Uxs0461nShT35Xu7wTDjs2CFpxJ5ngOW
Bq9pvlE0RJxHEw1b9KFDJxNyhn8kpY9ODDDyy29G++LHBLhmUbt/jkIclDemhFUG
cQ1lAUNNRKlFBMNGAljVBTLTiKltI726pSmtJ/2BiL4pPru+RE36ZLebJ8luBd4D
JLirVI2WjICqhfHYT6LBEXMKcQAVPhpVb07h1pRgRgTsbY6BGu+3ABr79eFdCAwS
kYse2NCUYOjs4nW2zO+k1vCY09ylazmjrsMA2hnJYshr
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:36:41 2025 by rpki-client