Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: ugDgs2n/hLlWVuTKIjFYmhdLIYXQaE6f76SGULZup5k=
Subject key identifier: 0A:F4:42:B4:3C:1D:B1:F9:81:D2:40:FA:49:24:50:B6:76:0D:56:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0E295ED8370EDA2965CA71DFF60351C3A5ACE20F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Fri 11 Jul 2025 20:50:54 +0000
ROA not before: Fri 11 Jul 2025 20:50:54 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 00:46:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:29:5e:d8:37:0e:da:29:65:ca:71:df:f6:03:51:c3:a5:ac:e2:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 11 20:50:54 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=35ad32c4b5d686aaf03ec29b38a575efce571c129aea21e188b6402a0121f5fa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e7:39:50:10:e9:e7:b1:af:9b:e8:d9:32:80:
9f:1e:ca:77:56:57:5c:90:82:db:31:8a:0b:51:cf:
15:56:0d:3b:57:38:30:40:cc:4a:97:2e:13:ff:52:
22:14:8e:cf:e2:62:8b:c3:4c:2f:3c:13:90:62:a0:
2a:28:e0:55:bc:15:f5:dc:3f:0c:75:fa:ba:6f:d0:
9a:49:dd:90:07:b3:e8:03:d4:e0:51:7f:28:e9:ed:
86:42:26:00:e7:1d:a9:3c:b8:7c:b3:e4:04:e4:a9:
71:99:19:07:5e:d7:c4:d5:d2:22:9c:77:8d:20:2e:
06:c8:35:14:22:4d:bf:38:8a:47:bc:57:83:e0:e4:
4a:25:b6:da:74:3e:85:ec:1e:7f:22:b0:c9:05:11:
4c:d8:89:66:ea:be:e6:0b:29:80:5a:79:8c:e2:67:
8f:b2:da:30:09:86:a5:7c:ae:51:dc:66:24:8c:f8:
6c:dd:39:a7:82:95:db:8d:71:2d:14:2b:b6:d9:97:
3d:5d:5d:9a:a6:7b:4f:74:17:d9:82:9c:35:f6:2b:
db:cb:c7:34:5d:a3:fb:00:c2:a5:c1:e3:63:4c:0b:
56:d4:10:83:a6:35:ea:7f:6f:bf:fa:e5:cf:f0:30:
f2:d6:0c:f5:c3:9d:93:22:77:7e:c5:75:19:5c:06:
cd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F4:42:B4:3C:1D:B1:F9:81:D2:40:FA:49:24:50:B6:76:0D:56:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
9c:09:37:e8:4d:27:38:b5:0c:86:cc:a9:d7:bc:e6:23:12:55:
7c:69:33:43:02:06:8a:8e:5d:85:bd:45:62:ca:aa:91:5f:5a:
14:cc:9d:dc:dc:af:f2:97:8a:66:af:b9:2f:ab:b1:bb:99:01:
3a:2d:70:87:42:8d:70:c4:f3:04:df:05:db:2d:9c:7d:2b:43:
2c:9d:94:46:ea:2a:c8:7c:e1:93:60:58:98:b1:0b:65:b2:11:
be:f0:2d:ce:9f:5c:e4:c3:53:02:81:4b:25:45:59:38:e4:cc:
dd:48:64:00:26:c0:57:bf:71:62:bc:a2:42:42:13:22:e7:84:
37:0e:ca:ed:a9:f5:c8:dd:52:20:95:74:f6:31:78:e6:d7:c9:
ed:b9:40:2d:20:2c:bb:5f:71:b1:50:f1:80:26:72:b6:14:45:
89:18:4a:6a:3a:3b:7e:9d:92:e4:0c:40:1e:bd:8f:68:16:b8:
f1:b7:b5:3e:c7:f3:ee:35:75:b5:b7:1d:93:6b:a6:ce:06:82:
8f:8f:d8:8b:2d:a2:2c:1d:24:4e:8f:85:4e:3f:11:0d:c8:79:
34:2e:69:b3:ca:5e:19:c3:fc:ed:52:5f:96:c9:d4:3c:90:b6:
40:df:70:19:19:90:4b:f0:f1:4e:0d:5b:b3:ef:92:79:69:af:
7f:dc:e9:38
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDile2DcO2illynHf9gNRw6Ws4g8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MTEyMDUwNTRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1YWQzMmM0YjVkNjg2YWFmMDNlYzI5YjM4YTU3NWVmY2U1NzFjMTI5YWVh
MjFlMTg4YjY0MDJhMDEyMWY1ZmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7nOVAQ6eexr5vo2TKAnx7Kd1ZXXJCC2zGKC1HPFVYNO1c4MEDMSpcuE/9S
IhSOz+Jii8NMLzwTkGKgKijgVbwV9dw/DHX6um/QmkndkAez6APU4FF/KOnthkIm
AOcdqTy4fLPkBOSpcZkZB17XxNXSIpx3jSAuBsg1FCJNvziKR7xXg+DkSiW22nQ+
hewefyKwyQURTNiJZuq+5gspgFp5jOJnj7LaMAmGpXyuUdxmJIz4bN05p4KV241x
LRQrttmXPV1dmqZ7T3QX2YKcNfYr28vHNF2j+wDCpcHjY0wLVtQQg6Y16n9vv/rl
z/Aw8tYM9cOdkyJ3fsV1GVwGzaMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQK9EK0
PB2x+YHSQPpJJFC2dg1W3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAnAk36E0nOLUMhsyp17zmIxJVfGkzQwIGio5dhb1F
YsqqkV9aFMyd3Nyv8peKZq+5L6uxu5kBOi1wh0KNcMTzBN8F2y2cfStDLJ2URuoq
yHzhk2BYmLELZbIRvvAtzp9c5MNTAoFLJUVZOOTM3UhkACbAV79xYryiQkITIueE
Nw7K7an1yN1SIJV09jF45tfJ7blALSAsu19xsVDxgCZythRFiRhKajo7fp2S5AxA
Hr2PaBa48be1Psfz7jV1tbcdk2umzgaCj4/Yiy2iLB0kTo+FTj8RDch5NC5ps8pe
GcP87VJflsnUPJC2QN9wGRmQS/DxTg1bs++SeWmvf9zpOA==
-----END CERTIFICATE-----
Generated at Tue Aug 5 08:10:32 2025 by rpki-client