Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: WQa/ITWm3gCKWaoGhxVvjLMeNQcEXOUx3aVYV586BCM=
Subject key identifier: AC:59:7B:92:5F:CB:F3:C7:0D:CB:9F:A7:57:19:91:8B:BF:A2:B8:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 13E3B715BDC00C1CA408CE79BF047320F69CA6AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Fri 26 Sep 2025 20:20:59 +0000
ROA not before: Fri 26 Sep 2025 20:20:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:e3:b7:15:bd:c0:0c:1c:a4:08:ce:79:bf:04:73:20:f6:9c:a6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=f2211e684b9c74887ebf0d2f853a1759d4d9e274266d4745dbbb9226bd5015c6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0c:e0:95:f0:0f:c0:2f:6b:d1:b7:dd:09:f3:
6e:08:3b:74:f9:5a:4f:35:59:ef:f0:fc:d6:8c:70:
66:7a:30:5b:7c:6e:7f:82:7c:bc:37:a1:ea:11:84:
bd:9b:7c:5c:50:4a:3d:68:84:a5:19:c9:1f:91:4e:
dd:91:60:ba:7a:a9:63:e6:2a:7c:6e:b7:6e:8f:b7:
47:38:c6:b4:45:50:49:60:36:ce:68:13:49:16:d9:
55:41:a0:6b:54:b5:a4:cc:fb:02:2e:4c:76:ee:9f:
a3:9c:4e:59:1e:5a:09:ae:e6:c0:f2:0b:5f:57:21:
84:62:80:bb:58:9f:7f:9b:43:53:6a:ca:41:f9:1c:
c4:a6:40:e9:fd:1b:d4:56:4f:15:e9:99:9d:35:d9:
af:f4:5e:26:ab:58:47:eb:ce:7c:be:42:a4:de:df:
17:24:f1:f4:39:4a:84:63:53:95:cd:d2:8b:84:7d:
14:36:e0:3a:cf:62:22:95:57:30:88:b7:0a:d5:7e:
37:8a:7c:0a:a7:9c:88:8b:7a:e0:54:27:e2:61:3c:
11:10:fc:0f:8b:9a:1d:3e:ac:f1:92:33:a8:df:14:
10:94:da:e7:c8:65:86:ff:5d:27:6d:07:d5:1e:2e:
0c:7d:71:64:b3:ae:94:ba:07:c7:25:78:1b:e6:2d:
cd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:59:7B:92:5F:CB:F3:C7:0D:CB:9F:A7:57:19:91:8B:BF:A2:B8:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2f:0c:f6:23:95:73:aa:f0:1b:69:33:88:02:89:bb:2a:99:44:
c5:bb:c5:a0:3c:92:9c:9b:a1:93:2d:1d:1f:4d:b5:18:bd:4e:
64:e7:26:a4:b1:a2:7e:49:84:f4:58:72:48:20:56:07:5d:fa:
f6:b4:a7:8e:b4:b5:b5:58:8c:9d:30:9d:fe:98:b8:a0:6c:f5:
32:c1:56:c7:2e:17:1e:f5:e3:61:23:86:3a:94:28:0d:83:54:
31:2d:bb:a9:01:23:ca:38:2c:a9:9e:4c:11:b9:f9:7e:8f:0a:
44:3f:08:c6:cb:dd:88:24:a2:2f:7b:3e:cc:ed:66:00:03:c4:
cb:36:2b:b2:3d:83:e9:69:20:67:c0:71:e1:17:c3:77:46:33:
f1:21:c0:8b:b4:31:7b:83:38:0a:d3:3e:88:dd:2d:a2:01:61:
9c:66:dd:5d:cd:26:f4:e6:8f:f2:9a:5d:bd:17:ef:fa:e9:73:
cf:f8:88:ec:20:af:af:82:d4:fa:31:71:c0:1b:50:92:f3:6c:
df:d0:3d:0e:51:3f:4a:c5:4c:97:5d:95:6d:34:88:84:97:05:
34:ed:65:7d:34:36:28:f3:70:72:73:69:42:7c:11:8b:68:dd:
d6:08:f0:eb:7f:1e:a7:e6:46:bd:fa:9d:61:2b:f9:61:3b:e1:
ad:36:09:8d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUE+O3Fb3ADBykCM55vwRzIPacpq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyMjExZTY4NGI5Yzc0ODg3ZWJmMGQyZjg1M2ExNzU5ZDRkOWUyNzQyNjZk
NDc0NWRiYmI5MjI2YmQ1MDE1YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoM4JXwD8Ava9G33Qnzbgg7dPlaTzVZ7/D81oxwZnowW3xuf4J8vDeh6hGE
vZt8XFBKPWiEpRnJH5FO3ZFgunqpY+YqfG63bo+3RzjGtEVQSWA2zmgTSRbZVUGg
a1S1pMz7Ai5Mdu6fo5xOWR5aCa7mwPILX1chhGKAu1iff5tDU2rKQfkcxKZA6f0b
1FZPFemZnTXZr/ReJqtYR+vOfL5CpN7fFyTx9DlKhGNTlc3Si4R9FDbgOs9iIpVX
MIi3CtV+N4p8CqeciIt64FQn4mE8ERD8D4uaHT6s8ZIzqN8UEJTa58hlhv9dJ20H
1R4uDH1xZLOulLoHxyV4G+Ytzf8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSsWXuS
X8vzxw3Ln6dXGZGLv6K4cTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQAvDPYjlXOq8BtpM4gCibsqmUTFu8WgPJKcm6GTLR0f
TbUYvU5k5yaksaJ+SYT0WHJIIFYHXfr2tKeOtLW1WIydMJ3+mLigbPUywVbHLhce
9eNhI4Y6lCgNg1QxLbupASPKOCypnkwRufl+jwpEPwjGy92IJKIvez7M7WYAA8TL
NiuyPYPpaSBnwHHhF8N3RjPxIcCLtDF7gzgK0z6I3S2iAWGcZt1dzSb05o/yml29
F+/66XPP+IjsIK+vgtT6MXHAG1CS82zf0D0OUT9KxUyXXZVtNIiElwU07WV9NDYo
83Byc2lCfBGLaN3WCPDrfx6n5ka9+p1hK/lhO+GtNgmN
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:48 2025 by rpki-client