Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: IXrIxz1/4hDmQWnusqwC10Q1FNROj2amsK/KctRnGas=
Subject key identifier: 16:E9:F6:60:3B:B5:8E:86:AC:74:BC:03:7D:18:98:E7:FF:C4:80:26
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3144BA02FD34766DE3D8CE5C5E3CBEC36CA08B6C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Fri 08 Aug 2025 00:40:39 +0000
ROA not before: Fri 08 Aug 2025 00:40:39 +0000
ROA not after: Fri 12 Sep 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:44:ba:02:fd:34:76:6d:e3:d8:ce:5c:5e:3c:be:c3:6c:a0:8b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Aug 8 00:40:39 2025 GMT
Not After : Sep 12 23:59:59 2025 GMT
Subject: serialNumber=ef77d21adbfd68095a64caab84d12f28311b67af983b82782384f9e7bb1668af, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:93:47:d7:79:f9:9d:54:77:e6:72:d6:b8:ff:
e2:cb:76:a7:bd:8a:f7:c6:e6:c3:85:fb:ac:dd:b9:
3d:40:c7:2b:d7:d6:99:fc:f7:48:c0:b6:72:d4:a7:
52:c7:aa:69:84:97:f6:23:8f:84:be:f9:87:53:22:
3a:53:7c:d4:c3:d9:e6:2b:32:cc:dc:a4:aa:e6:42:
45:0b:06:fe:05:86:28:d3:e8:7d:4d:5c:c6:75:37:
5c:7f:66:a3:0f:88:cb:8d:22:c7:a5:a8:df:b2:12:
44:a4:7a:7d:ee:54:89:50:19:20:85:fd:8a:35:c5:
f9:92:2b:9a:0e:cd:3c:17:59:bc:6f:fa:11:14:35:
1d:71:1a:47:f7:4c:4d:d4:d6:4a:fa:29:c6:11:38:
92:78:91:57:59:3c:e3:4a:1f:fc:43:3b:ef:8f:3f:
c6:a8:0e:c2:36:5e:53:85:27:d1:50:62:be:9f:54:
c1:2b:4c:d5:b4:40:37:5e:e5:39:92:96:a5:fe:cd:
50:78:c0:3d:cf:73:14:41:e2:68:30:26:56:0f:16:
b6:69:cf:9d:74:2e:ee:49:1d:37:01:45:67:99:23:
67:1a:66:eb:8d:31:e9:03:90:f4:c3:a8:6e:ca:08:
f3:bf:1a:f4:1d:0e:dd:23:87:81:ad:16:35:43:25:
fe:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E9:F6:60:3B:B5:8E:86:AC:74:BC:03:7D:18:98:E7:FF:C4:80:26
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
17:0a:c4:37:c7:ea:0c:08:02:e6:65:15:cc:fe:2f:05:53:cd:
3f:3c:bf:6b:80:9e:59:66:a2:dc:03:62:6c:88:2a:2c:65:eb:
d5:ce:28:06:6f:7d:22:4f:cf:ef:81:85:21:d3:cd:87:63:77:
28:1a:09:5d:f0:e0:df:ca:a6:b9:21:f6:e0:3f:a9:11:db:87:
92:f6:b9:00:6c:66:51:0f:59:11:a1:d5:79:a4:32:82:14:8d:
86:14:66:bf:17:8a:89:31:b7:a1:8d:5c:9d:31:fe:4f:f9:4d:
af:9b:94:a9:8c:fa:c6:19:7b:1b:16:65:9f:81:ba:f9:ca:23:
b2:c3:32:d3:e5:44:76:dd:a6:fd:c8:eb:c5:75:89:0a:b1:97:
c8:87:94:0c:6d:a7:26:8c:74:12:89:e8:05:30:b3:36:f0:fa:
64:4a:c3:73:b6:d3:c5:2e:49:b6:f3:10:c8:92:62:74:89:84:
f4:de:8b:47:49:bd:09:53:de:3e:b0:a3:c7:a7:67:f8:ab:29:
90:12:4c:c3:d1:d4:3f:aa:7f:72:94:db:55:a4:0c:8d:e2:f8:
12:15:d0:78:b3:38:24:6b:a4:3b:f0:c4:36:f2:15:b0:1b:61:
81:15:a0:dd:5b:d5:1e:cf:3c:21:d1:13:53:9a:99:33:91:c4:
a3:ff:6c:6a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMUS6Av00dm3j2M5cXjy+w2ygi2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA4MDgwMDQwMzlaFw0yNTA5MTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNzdkMjFhZGJmZDY4MDk1YTY0Y2FhYjg0ZDEyZjI4MzExYjY3YWY5ODNi
ODI3ODIzODRmOWU3YmIxNjY4YWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIuTR9d5+Z1Ud+Zy1rj/4st2p72K98bmw4X7rN25PUDHK9fWmfz3SMC2ctSn
UseqaYSX9iOPhL75h1MiOlN81MPZ5isyzNykquZCRQsG/gWGKNPofU1cxnU3XH9m
ow+Iy40ix6Wo37ISRKR6fe5UiVAZIIX9ijXF+ZIrmg7NPBdZvG/6ERQ1HXEaR/dM
TdTWSvopxhE4kniRV1k840of/EM7748/xqgOwjZeU4Un0VBivp9UwStM1bRAN17l
OZKWpf7NUHjAPc9zFEHiaDAmVg8WtmnPnXQu7kkdNwFFZ5kjZxpm640x6QOQ9MOo
bsoI878a9B0O3SOHga0WNUMl/ucCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQW6fZg
O7WOhqx0vAN9GJjn/8SAJjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEAFwrEN8fqDAgC5mUVzP4vBVPNPzy/a4CeWWai3ANi
bIgqLGXr1c4oBm99Ik/P74GFIdPNh2N3KBoJXfDg38qmuSH24D+pEduHkva5AGxm
UQ9ZEaHVeaQyghSNhhRmvxeKiTG3oY1cnTH+T/lNr5uUqYz6xhl7GxZln4G6+coj
ssMy0+VEdt2m/cjrxXWJCrGXyIeUDG2nJox0EonoBTCzNvD6ZErDc7bTxS5JtvMQ
yJJidImE9N6LR0m9CVPePrCjx6dn+KspkBJMw9HUP6p/cpTbVaQMjeL4EhXQeLM4
JGukO/DENvIVsBthgRWg3VvVHs88IdETU5qZM5HEo/9sag==
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:54:06 2025 by rpki-client