Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
File: d485a465-65e9-4a19-a397-f29d1a36d166.roa (raw, json)
Hash identifier: qIguL2o42Z8AHWkYPozhXrV7KjYEbZBybc+AyB9JlqM=
Subject key identifier: 9E:5F:4C:54:DD:45:47:C4:EC:61:D0:14:E4:04:75:27:97:F5:7F:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19CF38F021E672016D81D246DB4DA2A6329CFE17
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
Signing time: Fri 11 Jul 2025 20:50:03 +0000
ROA not before: Fri 11 Jul 2025 20:50:03 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:cf:38:f0:21:e6:72:01:6d:81:d2:46:db:4d:a2:a6:32:9c:fe:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:03 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=a46f7cf497e09babc6c489f2cc7101685b448828c7ce69f08b187f3d82655505, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e6:34:10:40:90:df:03:df:1f:b3:f8:e3:97:
ce:4f:5a:79:1c:41:01:6a:8b:92:30:26:25:1e:5d:
bb:62:c3:99:1d:cd:23:ae:c6:76:d2:a6:c7:ab:c0:
00:39:ea:14:35:32:76:d5:73:d4:63:be:5a:ce:d3:
05:90:bc:70:10:e5:e5:c5:34:6c:04:d9:84:7a:a3:
28:58:be:8b:d1:70:6c:41:4d:e4:f1:31:2a:ef:88:
d2:3c:45:b0:59:18:bc:f4:3a:42:5e:94:8a:ab:70:
46:cb:da:34:e6:32:ee:9d:b3:bc:bf:c0:61:90:fd:
75:51:1f:2a:e8:14:03:93:5e:39:33:51:65:85:7b:
92:91:19:13:99:eb:9d:4f:54:f5:ab:f1:a2:93:bb:
ab:b6:20:34:b0:75:fb:03:37:4a:13:60:8a:db:af:
01:33:42:a8:9d:22:74:73:64:c2:c4:e0:aa:c8:69:
86:fe:d2:c1:18:d5:94:f7:3b:4f:60:4b:0b:42:ed:
36:4d:83:9a:85:17:33:06:fa:61:e2:b6:ea:35:ec:
36:78:55:af:21:61:eb:d6:08:2e:c8:6e:4e:18:d4:
71:7a:3c:28:9e:91:2a:cc:d5:53:3e:77:cc:94:c3:
58:2e:ee:5d:86:49:cc:32:56:68:66:c3:91:7d:53:
22:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5F:4C:54:DD:45:47:C4:EC:61:D0:14:E4:04:75:27:97:F5:7F:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d485a465-65e9-4a19-a397-f29d1a36d166.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:ad:17:1b:d1:b1:7c:6e:70:71:25:78:85:48:93:73:0d:12:
ed:31:f7:84:50:8c:41:4c:4a:b9:97:62:b2:9a:9c:56:4b:25:
81:30:62:ed:93:64:83:7e:33:3f:fc:1b:ac:d7:b2:35:5f:3a:
df:61:dd:1f:11:49:69:45:8c:c2:e5:3b:ca:fd:0a:b2:4a:8e:
70:af:99:86:54:6f:8f:74:4f:4f:05:7c:d2:f5:d4:c4:e2:0f:
e7:df:f1:86:12:9c:8a:fc:5d:55:1b:aa:92:9d:dd:39:4f:e3:
84:38:d3:eb:c2:f4:ab:b6:ed:e0:ae:f9:5f:ea:9d:03:aa:d1:
41:42:a8:ec:e4:04:8b:4a:4b:da:9a:62:c3:06:cc:c0:28:3c:
f3:56:a5:4c:99:35:fa:ed:7b:47:16:04:b5:ce:79:52:c3:a0:
7a:6f:90:54:e3:09:44:d3:ab:71:94:ed:56:22:4a:be:9a:ce:
e8:68:eb:45:15:38:67:e5:bd:e1:0b:5a:c6:b4:a3:3f:c5:11:
52:1c:b1:67:55:39:2e:cd:c2:8f:91:96:bf:db:fe:1c:b8:ed:
cd:0b:c9:b5:b3:9b:6f:e6:c2:6f:8d:03:e3:fd:e2:7a:7b:e0:
92:fb:db:bc:56:7f:83:50:c8:e0:4d:a1:96:b9:40:f3:0c:42:
d8:ea:62:16
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGc848CHmcgFtgdJG202ipjKc/hcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwMDNaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0NmY3Y2Y0OTdlMDliYWJjNmM0ODlmMmNjNzEwMTY4NWI0NDg4MjhjN2Nl
NjlmMDhiMTg3ZjNkODI2NTU1MDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/mNBBAkN8D3x+z+OOXzk9aeRxBAWqLkjAmJR5du2LDmR3NI67GdtKmx6vA
ADnqFDUydtVz1GO+Ws7TBZC8cBDl5cU0bATZhHqjKFi+i9FwbEFN5PExKu+I0jxF
sFkYvPQ6Ql6UiqtwRsvaNOYy7p2zvL/AYZD9dVEfKugUA5NeOTNRZYV7kpEZE5nr
nU9U9avxopO7q7YgNLB1+wM3ShNgituvATNCqJ0idHNkwsTgqshphv7SwRjVlPc7
T2BLC0LtNk2DmoUXMwb6YeK26jXsNnhVryFh69YILshuThjUcXo8KJ6RKszVUz53
zJTDWC7uXYZJzDJWaGbDkX1TIv0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSeX0xU
3UVHxOxh0BTkBHUnl/V/wzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQ4NWE0NjUtNjVlOS00YTE5LWEzOTctZjI5ZDFhMzZkMTY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMMRADAN
BgkqhkiG9w0BAQsFAAOCAQEA1q0XG9GxfG5wcSV4hUiTcw0S7TH3hFCMQUxKuZdi
spqcVkslgTBi7ZNkg34zP/wbrNeyNV8632HdHxFJaUWMwuU7yv0KskqOcK+ZhlRv
j3RPTwV80vXUxOIP59/xhhKcivxdVRuqkp3dOU/jhDjT68L0q7bt4K75X+qdA6rR
QUKo7OQEi0pL2ppiwwbMwCg881alTJk1+u17RxYEtc55UsOgem+QVOMJRNOrcZTt
ViJKvprO6GjrRRU4Z+W94QtaxrSjP8URUhyxZ1U5Ls3Cj5GWv9v+HLjtzQvJtbOb
b+bCb40D4/3ienvgkvvbvFZ/g1DI4E2hlrlA8wxC2OpiFg==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:35:53 2025 by rpki-client