Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: EoWGcdD+A/XbO3Rv0Yu/0o5D/0/68YvyVBVw3DJkC2E=
Subject key identifier: C7:2E:5E:73:69:4E:87:D2:D7:BF:3A:25:C0:33:15:64:DF:4A:2B:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4E9CFC2CE59B90EB8CFD52EA597C0C5BD43C8198
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Fri 10 Oct 2025 17:10:04 +0000
ROA not before: Fri 10 Oct 2025 17:10:04 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:9c:fc:2c:e5:9b:90:eb:8c:fd:52:ea:59:7c:0c:5b:d4:3c:81:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 10 17:10:04 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=9a680daea86b223c0f3abd75eb0902011c925aa2fb0d6b8d62bf35c6b01a55b5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:45:ea:64:05:5c:1b:37:8e:6b:6c:04:d4:67:
b3:88:04:db:34:03:02:3c:b3:01:ee:16:52:81:12:
62:f7:0d:02:2a:ff:b0:87:6b:e7:d2:ff:31:46:cb:
bc:41:ec:4c:61:b9:e8:47:05:11:f3:f7:4f:06:3e:
e1:10:13:de:09:6a:de:a6:eb:d7:18:f5:d0:18:f6:
d0:60:f1:8d:c4:63:ed:60:90:ce:05:9a:df:18:4b:
51:79:b7:d9:86:3a:83:d9:e5:b6:b7:d4:7e:33:d9:
03:dc:19:b7:c9:72:2e:b8:ce:63:2f:53:4d:47:01:
48:8a:75:83:ad:b9:bd:2b:7e:b5:0c:ef:03:7a:74:
1f:8e:4c:34:53:9f:ee:4f:2f:81:20:ad:ea:8f:dc:
fd:ac:a0:94:8b:88:f5:56:e0:a5:76:9f:1c:7b:f7:
bd:13:80:6d:01:ba:60:49:50:5e:d4:e5:7e:90:ad:
af:af:d1:79:e4:f8:06:92:19:4f:47:e5:31:c1:f9:
43:88:55:52:ba:6f:07:44:9f:7b:d9:08:3e:50:46:
15:69:0f:ac:96:62:6f:bd:17:d3:4c:e0:3d:79:ff:
b4:53:4e:3a:36:4b:8b:ce:6e:a2:60:7c:05:5a:2f:
79:b6:2a:81:ee:79:16:d1:e0:09:6f:fc:5e:f1:53:
df:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:2E:5E:73:69:4E:87:D2:D7:BF:3A:25:C0:33:15:64:DF:4A:2B:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:ca:10:10:0c:1e:5e:2b:49:09:51:3a:77:66:ef:0a:8e:e5:
96:92:c9:52:0c:ad:8b:08:b1:66:73:fe:a7:d5:31:a7:f3:30:
3d:5b:c0:38:21:ce:0e:ac:3a:31:aa:84:3f:1b:d6:5b:fd:40:
54:59:5c:c7:8f:40:6d:a4:1f:29:f8:09:81:45:8c:99:56:54:
d3:7d:bc:a2:cf:32:5a:1e:9d:b9:0c:f2:00:2a:61:05:6d:56:
bd:72:2e:c6:ae:17:f9:5d:96:b9:86:b0:6b:8b:e8:68:a4:70:
ac:af:31:7c:4c:d6:10:3e:29:60:d4:1f:30:6a:3a:c7:6e:bf:
8d:36:2e:38:84:76:3c:7f:fa:e9:8d:b2:dc:7a:59:c0:bc:a3:
ef:2d:17:8e:af:ea:5a:f1:ba:77:96:b2:b3:41:4c:f3:71:88:
c5:99:ca:f0:d2:08:85:4e:e8:b5:c7:ea:03:ff:f1:e8:7d:7e:
62:97:0e:cc:61:f7:90:51:7a:08:0e:09:66:fc:ba:3b:ce:c9:
c1:55:e8:a2:7b:d5:8d:47:82:70:9d:26:33:80:9a:aa:fb:c3:
e1:fa:01:41:9c:17:f5:b2:7f:ca:4f:dc:e7:fd:5b:24:99:71:
4a:a0:39:ce:6e:f1:9a:2a:3c:3a:0a:a2:0c:ac:c6:19:68:bb:
86:c5:88:93
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTpz8LOWbkOuM/VLqWXwMW9Q8gZgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTAxNzEwMDRaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhNjgwZGFlYTg2YjIyM2MwZjNhYmQ3NWViMDkwMjAxMWM5MjVhYTJmYjBk
NmI4ZDYyYmYzNWM2YjAxYTU1YjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpF6mQFXBs3jmtsBNRns4gE2zQDAjyzAe4WUoESYvcNAir/sIdr59L/MUbL
vEHsTGG56EcFEfP3TwY+4RAT3glq3qbr1xj10Bj20GDxjcRj7WCQzgWa3xhLUXm3
2YY6g9nltrfUfjPZA9wZt8lyLrjOYy9TTUcBSIp1g625vSt+tQzvA3p0H45MNFOf
7k8vgSCt6o/c/ayglIuI9VbgpXafHHv3vROAbQG6YElQXtTlfpCtr6/ReeT4BpIZ
T0flMcH5Q4hVUrpvB0Sfe9kIPlBGFWkPrJZib70X00zgPXn/tFNOOjZLi85uomB8
BVovebYqge55FtHgCW/8XvFT30ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTHLl5z
aU6H0te/OiXAMxVk30orxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEALsoQEAweXitJCVE6d2bvCo7llpLJUgytiwixZnP+
p9Uxp/MwPVvAOCHODqw6MaqEPxvWW/1AVFlcx49AbaQfKfgJgUWMmVZU0328os8y
Wh6duQzyACphBW1WvXIuxq4X+V2WuYawa4voaKRwrK8xfEzWED4pYNQfMGo6x26/
jTYuOIR2PH/66Y2y3HpZwLyj7y0Xjq/qWvG6d5ays0FM83GIxZnK8NIIhU7otcfq
A//x6H1+YpcOzGH3kFF6CA4JZvy6O87JwVXoonvVjUeCcJ0mM4CaqvvD4foBQZwX
9bJ/yk/c5/1bJJlxSqA5zm7xmio8OgqiDKzGGWi7hsWIkw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:19 2025 by rpki-client