Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: B6xH1aFgLcLC0xnVd6qt9+XkBYUb3gfn6ZS83M6dHjY=
Subject key identifier: 43:11:9B:13:48:E6:09:25:6A:D6:B5:3A:22:49:CA:5C:C1:F7:5A:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 300DFED97B9812245444FED323042BB4D87E557B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Fri 11 Jul 2025 20:50:54 +0000
ROA not before: Fri 11 Jul 2025 20:50:54 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:0d:fe:d9:7b:98:12:24:54:44:fe:d3:23:04:2b:b4:d8:7e:55:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:54 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3346cc70192110e143e66566ff3431e551626d9a891fac35e02f9962010b006e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ae:e9:5d:1e:41:55:3c:a2:f4:e8:f8:23:33:
2e:04:58:70:77:84:50:f9:c3:06:87:73:0d:de:22:
eb:b1:ae:15:40:d5:31:bc:f0:10:38:bc:77:a4:5a:
44:fa:d0:55:39:42:28:bd:05:90:0e:ce:05:00:8d:
e9:45:e6:e2:b8:18:fe:72:40:2d:3c:10:2f:f5:41:
7f:ca:18:e1:11:76:c4:7b:4d:bb:30:04:f0:8f:59:
83:e6:48:6c:8c:40:16:7b:37:8e:52:db:f4:1c:36:
a5:17:d8:ac:9d:a4:db:7f:74:11:f0:f4:51:87:fe:
88:88:a5:8d:f0:88:29:fb:48:a9:b7:06:20:92:d0:
4a:fa:b4:b5:4c:f5:bf:55:28:ec:3f:e2:4d:84:70:
a3:a3:19:6b:ff:08:89:db:f4:aa:05:d7:39:10:12:
d2:f0:40:c1:86:b3:bb:1a:dc:32:65:e4:3b:38:d0:
8b:55:41:47:c1:4d:4d:27:cc:e6:41:59:39:2e:a7:
f3:3e:94:3f:4e:e8:d1:8c:22:f8:25:31:17:e7:1a:
4b:1d:eb:33:4d:45:1a:a4:36:89:5a:60:04:7e:b6:
0e:0b:40:06:f5:71:0f:10:b3:7c:fc:1c:3a:04:2d:
61:aa:95:fa:13:cf:64:f8:37:dc:fa:91:bb:8c:fc:
ed:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:11:9B:13:48:E6:09:25:6A:D6:B5:3A:22:49:CA:5C:C1:F7:5A:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
89:03:fc:ad:31:81:28:42:b2:24:7e:ec:15:60:d3:0e:1f:96:
7d:d9:d6:ed:27:09:7f:8f:7b:49:ee:13:2e:39:27:58:0f:f9:
25:14:b0:7c:f1:ba:5c:34:9c:5d:d9:ac:5f:c1:76:56:36:2e:
c1:ee:85:f3:f0:af:18:91:bf:84:d3:6f:8b:4a:1e:90:ca:9d:
98:48:37:21:65:9e:98:7a:cc:ea:fe:43:66:8a:f9:ff:7d:50:
7d:94:ad:b6:c7:a8:9c:00:c4:5e:18:2a:ba:33:37:45:f5:b8:
d6:59:3d:6b:28:35:e1:a0:fb:cc:22:3e:95:cd:82:6e:d6:9d:
56:a1:1e:7f:34:84:f6:d1:b5:f4:7d:80:cd:c3:78:6e:68:10:
39:57:1f:fb:6b:07:f8:8c:77:5d:bf:c3:0e:64:25:6f:a6:8f:
9f:d1:db:76:06:70:10:9a:46:95:c6:84:55:a5:42:9a:b8:66:
f8:c0:4c:51:dc:05:bf:78:34:91:d4:63:8e:98:60:8e:66:18:
94:6f:86:b9:31:60:2a:1b:9c:62:24:b2:39:90:73:5b:2d:66:
62:b5:1d:d9:f3:5e:d7:68:7d:f9:64:54:1d:2d:53:1e:90:c4:
bb:b0:f2:01:b5:63:42:ce:fd:a5:bc:89:16:71:b1:ba:73:e1:
20:28:41:6b
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMA3+2XuYEiRURP7TIwQrtNh+VXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDMzNDZjYzcwMTkyMTEwZTE0M2U2NjU2NmZmMzQzMWU1NTE2MjZkOWE4OTFm
YWMzNWUwMmY5OTYyMDEwYjAwNmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKuu6V0eQVU8ovTo+CMzLgRYcHeEUPnDBodzDd4i67GuFUDVMbzwEDi8d6Ra
RPrQVTlCKL0FkA7OBQCN6UXm4rgY/nJALTwQL/VBf8oY4RF2xHtNuzAE8I9Zg+ZI
bIxAFns3jlLb9Bw2pRfYrJ2k2390EfD0UYf+iIiljfCIKftIqbcGIJLQSvq0tUz1
v1Uo7D/iTYRwo6MZa/8Iidv0qgXXORAS0vBAwYazuxrcMmXkOzjQi1VBR8FNTSfM
5kFZOS6n8z6UP07o0Ywi+CUxF+caSx3rM01FGqQ2iVpgBH62DgtABvVxDxCzfPwc
OgQtYaqV+hPPZPg33PqRu4z87csCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRDEZsT
SOYJJWrWtToiScpcwfdaazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAiQP8rTGBKEKyJH7sFWDTDh+WfdnW7ScJf497Se4T
LjknWA/5JRSwfPG6XDScXdmsX8F2VjYuwe6F8/CvGJG/hNNvi0oekMqdmEg3IWWe
mHrM6v5DZor5/31QfZSttseonADEXhgqujM3RfW41lk9ayg14aD7zCI+lc2Cbtad
VqEefzSE9tG19H2AzcN4bmgQOVcf+2sH+Ix3Xb/DDmQlb6aPn9HbdgZwEJpGlcaE
VaVCmrhm+MBMUdwFv3g0kdRjjphgjmYYlG+GuTFgKhucYiSyOZBzWy1mYrUd2fNe
12h9+WRUHS1THpDEu7DyAbVjQs79pbyJFnGxunPhIChBaw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:51 2025 by rpki-client