Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: z5sFRDy2eVx/rX75dAOHGtqgfD/h+VrCRfYpAnj564Y=
Subject key identifier: 8C:32:BF:9B:E3:8C:14:5B:7D:2A:5D:32:11:B8:E0:38:C8:48:16:C1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39399A3132A58E89ED4D2CD7DAAAE1110B0F0420
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Mon 21 Jul 2025 17:00:10 +0000
ROA not before: Mon 21 Jul 2025 17:00:10 +0000
ROA not after: Mon 25 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:39:9a:31:32:a5:8e:89:ed:4d:2c:d7:da:aa:e1:11:0b:0f:04:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 21 17:00:10 2025 GMT
Not After : Aug 25 23:59:59 2025 GMT
Subject: serialNumber=55bac242f72d4da07688453159803f981497430376500f729c8176002e4dd6d8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4e:49:63:4b:fd:46:b1:73:17:25:9a:cf:b1:
b1:5d:34:f6:11:c1:f0:ad:c3:77:c1:83:66:2a:17:
0d:d1:7f:49:c0:d6:d9:dd:95:76:74:5b:98:19:f0:
10:5b:71:97:12:fe:fc:87:eb:5d:5a:d0:7b:5f:37:
02:fd:e2:26:c1:61:61:55:a1:a9:d3:54:86:db:ae:
37:7e:47:9a:bf:e8:0d:35:b8:0c:b7:ae:15:07:37:
43:e1:ba:d9:c7:55:f3:7d:98:07:46:37:60:8e:aa:
5a:5b:be:58:32:6e:39:a8:63:96:ca:5f:3d:1b:32:
e3:9a:fc:01:45:63:f2:8e:9f:98:0c:50:59:02:4f:
c6:14:7b:42:64:37:58:ee:f3:93:c5:42:1c:0e:af:
6c:5f:d2:de:d9:53:8c:b5:85:f5:5a:9c:50:69:40:
fb:ac:47:68:a3:a8:90:3a:fe:d0:49:fa:79:00:0c:
b1:e6:93:39:c3:38:f7:48:b1:95:56:41:9c:30:8b:
25:94:f4:80:0c:b8:37:5b:fb:d3:43:72:0d:0a:8d:
d2:0a:a8:df:11:29:9e:3b:1a:86:cd:40:5e:b3:f7:
80:b1:9f:9c:7b:d2:3a:95:99:39:dd:67:1d:5a:13:
15:e3:4f:f7:e3:02:f5:68:67:3c:eb:e9:e5:ec:46:
99:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:32:BF:9B:E3:8C:14:5B:7D:2A:5D:32:11:B8:E0:38:C8:48:16:C1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
58:72:82:ac:a3:aa:0a:58:20:5d:74:a1:1a:e6:12:c4:69:6d:
22:92:f2:81:2e:7f:15:5e:e3:12:a9:3b:17:78:9b:9f:fc:18:
19:d6:9e:5c:a5:4e:49:48:ac:7f:91:03:c7:a1:1d:df:33:54:
7e:89:d1:14:13:ad:6d:6b:3b:34:ae:54:19:1e:ee:08:63:80:
55:1f:b0:aa:b1:87:97:7c:a6:54:7c:1d:64:a8:5c:85:eb:a2:
17:43:3f:3b:c0:74:b6:31:79:91:d9:c4:34:29:fd:e2:1d:da:
d2:e8:20:7b:10:37:61:7c:df:36:2d:9f:28:d9:81:78:80:3c:
17:d0:a0:b9:c2:c1:46:68:d5:a1:ad:af:3c:55:6f:ec:80:1c:
07:a7:72:c0:e4:59:c7:a1:2f:f6:ac:84:2e:cb:1c:85:51:77:
9d:9b:4a:61:e5:53:d6:2c:7a:92:5d:30:e4:f3:fa:99:a6:1a:
c5:fe:af:f3:9d:7c:51:e3:c2:b5:70:5e:48:74:ae:3c:0f:60:
3e:bc:a7:4a:27:58:e3:e5:15:d7:7d:b5:4e:71:84:de:dd:18:
ef:c0:7b:7d:d0:c5:15:99:b5:d3:13:01:e9:27:2a:f9:98:91:
c5:e3:11:dd:0c:52:b4:40:48:9a:ed:35:14:7c:b9:88:0c:bb:
75:db:87:0d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOTmaMTKljontTSzX2qrhEQsPBCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjExNzAwMTBaFw0yNTA4MjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDU1YmFjMjQyZjcyZDRkYTA3Njg4NDUzMTU5ODAzZjk4MTQ5NzQzMDM3NjUw
MGY3MjljODE3NjAwMmU0ZGQ2ZDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJZOSWNL/Uaxcxclms+xsV009hHB8K3Dd8GDZioXDdF/ScDW2d2VdnRbmBnw
EFtxlxL+/IfrXVrQe183Av3iJsFhYVWhqdNUhtuuN35Hmr/oDTW4DLeuFQc3Q+G6
2cdV832YB0Y3YI6qWlu+WDJuOahjlspfPRsy45r8AUVj8o6fmAxQWQJPxhR7QmQ3
WO7zk8VCHA6vbF/S3tlTjLWF9VqcUGlA+6xHaKOokDr+0En6eQAMseaTOcM490ix
lVZBnDCLJZT0gAy4N1v700NyDQqN0gqo3xEpnjsahs1AXrP3gLGfnHvSOpWZOd1n
HVoTFeNP9+MC9WhnPOvp5exGmbECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSMMr+b
44wUW30qXTIRuOA4yEgWwTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQBYcoKso6oKWCBddKEa5hLEaW0ikvKBLn8VXuMSqTsX
eJuf/BgZ1p5cpU5JSKx/kQPHoR3fM1R+idEUE61tazs0rlQZHu4IY4BVH7CqsYeX
fKZUfB1kqFyF66IXQz87wHS2MXmR2cQ0Kf3iHdrS6CB7EDdhfN82LZ8o2YF4gDwX
0KC5wsFGaNWhra88VW/sgBwHp3LA5FnHoS/2rIQuyxyFUXedm0ph5VPWLHqSXTDk
8/qZphrF/q/znXxR48K1cF5IdK48D2A+vKdKJ1jj5RXXfbVOcYTe3RjvwHt90MUV
mbXTEwHpJyr5mJHF4xHdDFK0QEia7TUUfLmIDLt124cN
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:41:27 2025 by rpki-client