Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: DcaddeTrMek4GEjwZsInbQ1qL4T3R8iJaHXyiGcRLIw=
Subject key identifier: 50:64:7E:20:B7:EC:A0:74:FA:E7:B5:E0:9B:11:92:C5:5C:CC:31:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2E4C5C0185DACDDBD749B79A02AF98810BD4997B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Fri 25 Jul 2025 17:00:06 +0000
ROA not before: Fri 25 Jul 2025 17:00:06 +0000
ROA not after: Fri 29 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:4c:5c:01:85:da:cd:db:d7:49:b7:9a:02:af:98:81:0b:d4:99:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jul 25 17:00:06 2025 GMT
Not After : Aug 29 23:59:59 2025 GMT
Subject: serialNumber=2cd6e0aaa7600324c1c4331e96753dfe00be33352d1fa76e879a8b178384c82d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:ac:5f:ea:2b:be:0a:a1:70:64:70:eb:08:
b8:fa:89:f2:7a:b9:cd:7d:30:ac:87:f0:2d:df:61:
b3:28:64:35:10:fd:b4:9c:36:2d:30:e9:00:bc:21:
73:e1:69:75:45:f8:30:7a:97:cc:f1:94:44:f7:e4:
89:28:4f:a0:13:ca:6a:05:00:ae:3e:cd:23:16:ec:
57:dc:e9:f8:9a:3e:22:b7:5b:76:43:ad:6e:2c:9d:
f1:51:ff:99:27:33:22:26:50:a7:17:20:31:b1:10:
8e:88:7d:aa:4a:4a:d9:fa:99:d3:29:f2:27:fa:64:
f6:04:08:41:22:fc:5a:89:d6:2e:e7:d0:14:14:20:
fe:88:bc:d2:97:c8:fa:8c:8a:7e:d8:17:fb:7d:fc:
92:7c:ae:5d:b4:cd:e6:b3:d1:8f:24:33:c1:6a:9b:
76:5f:f7:a9:b7:ab:3b:97:4b:00:79:96:fa:fb:97:
0d:df:16:39:af:21:fd:b6:98:ff:d8:28:ac:0d:e5:
58:f2:6e:91:04:ab:8f:af:a5:c8:a7:95:a6:2e:ae:
5c:f2:86:a3:6b:cd:38:61:84:cc:5b:97:53:fb:1b:
5a:15:69:4a:85:e6:52:46:a8:6c:2d:48:33:90:c3:
20:5f:07:eb:30:54:fb:6f:71:1b:27:56:52:0b:8f:
f8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:64:7E:20:B7:EC:A0:74:FA:E7:B5:E0:9B:11:92:C5:5C:CC:31:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
c2:0a:75:98:00:0b:ac:d6:27:d6:ea:0c:4f:71:70:2f:9f:0e:
d3:f8:4b:7f:c1:bc:63:12:17:6a:b1:36:12:10:1c:81:59:4b:
93:8c:b2:58:20:c6:f4:d5:8b:42:d3:84:1a:66:d7:77:9e:40:
36:02:cc:90:02:10:c2:3e:7f:ad:78:3c:9f:a2:35:93:41:26:
e3:34:cb:6d:87:9f:25:86:e4:7c:1d:56:4a:89:b2:b5:36:ec:
fb:42:f0:02:e5:23:10:db:0e:47:6a:07:66:26:6f:4d:86:91:
1e:f4:52:c2:3c:5f:c2:48:5f:5c:69:64:4d:af:06:27:66:a9:
b2:54:44:18:84:44:5a:22:53:9d:f5:ac:5f:85:cc:f7:25:30:
89:ca:20:d6:e0:41:a3:84:5b:31:24:da:91:a6:76:3f:75:cf:
bc:33:b3:ab:75:2d:80:0e:09:62:85:ff:3a:6a:c2:ea:b8:b2:
17:28:a7:dd:d7:cf:33:86:ed:50:0d:54:70:14:7a:b5:ee:f1:
4d:f1:83:2f:cd:da:d9:09:61:b1:73:01:df:57:db:53:9f:ce:
64:ac:07:d0:36:3f:22:43:37:cb:9c:d0:1d:96:6c:d3:fd:e1:
b2:6e:85:cd:e4:24:fe:23:c6:e8:f8:b6:c6:07:a4:2a:3a:f4:
5a:e6:a9:04
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIULkxcAYXazdvXSbeaAq+YgQvUmXswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA3MjUxNzAwMDZaFw0yNTA4MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjZDZlMGFhYTc2MDAzMjRjMWM0MzMxZTk2NzUzZGZlMDBiZTMzMzUyZDFm
YTc2ZTg3OWE4YjE3ODM4NGM4MmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCErF/qK74KoXBkcOsIuPqJ8nq5zX0wrIfwLd9hsyhkNRD9tJw2LTDpALwh
c+FpdUX4MHqXzPGURPfkiShPoBPKagUArj7NIxbsV9zp+Jo+IrdbdkOtbiyd8VH/
mSczIiZQpxcgMbEQjoh9qkpK2fqZ0ynyJ/pk9gQIQSL8WonWLufQFBQg/oi80pfI
+oyKftgX+338knyuXbTN5rPRjyQzwWqbdl/3qberO5dLAHmW+vuXDd8WOa8h/baY
/9gorA3lWPJukQSrj6+lyKeVpi6uXPKGo2vNOGGEzFuXU/sbWhVpSoXmUkaobC1I
M5DDIF8H6zBU+29xGydWUguP+K8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRQZH4g
t+ygdPrnteCbEZLFXMwxLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAwgp1mAALrNYn1uoMT3FwL58O0/hLf8G8YxIXarE2
EhAcgVlLk4yyWCDG9NWLQtOEGmbXd55ANgLMkAIQwj5/rXg8n6I1k0Em4zTLbYef
JYbkfB1WSomytTbs+0LwAuUjENsOR2oHZiZvTYaRHvRSwjxfwkhfXGlkTa8GJ2ap
slREGIREWiJTnfWsX4XM9yUwicog1uBBo4RbMSTakaZ2P3XPvDOzq3UtgA4JYoX/
OmrC6riyFyin3dfPM4btUA1UcBR6te7xTfGDL83a2QlhsXMB31fbU5/OZKwH0DY/
IkM3y5zQHZZs0/3hsm6FzeQk/iPG6Pi2xgekKjr0WuapBA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 21:30:39 2025 by rpki-client