Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: Xga8Vl4iLMzvR5W30sS2zZEzeE+PMSisiwM9Rl1BXRo=
Subject key identifier: 7C:C9:FD:2E:5F:76:B6:93:65:A8:AF:FE:43:3E:78:71:FD:A9:DC:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 580A2FB179CCE317CDE67C7F25D1D94A7AF8D004
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Mon 06 Oct 2025 18:10:01 +0000
ROA not before: Mon 06 Oct 2025 18:10:01 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:0a:2f:b1:79:cc:e3:17:cd:e6:7c:7f:25:d1:d9:4a:7a:f8:d0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:01 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=209b6a53bddffc7b70d1492bde949dd9500a91077b257f22c77e2dcb9e7cad0f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:53:be:d0:42:89:f5:9f:2d:e7:22:09:c9:e3:
8a:08:1f:6b:93:93:08:90:39:be:0e:64:81:bf:cf:
10:e2:b5:ad:e0:53:39:b0:25:c4:56:37:59:a9:b1:
09:ae:77:2c:35:c1:46:58:05:fd:11:fb:b0:ed:09:
54:af:92:36:b9:3e:de:66:be:8b:2b:95:f5:2b:38:
8f:a8:e4:d8:9a:35:02:f6:eb:8c:81:c6:39:cd:33:
6b:fe:c5:bd:88:8d:09:55:41:9b:84:f4:d9:73:60:
41:e4:af:be:b2:e0:39:d7:bb:ea:87:c3:92:2d:97:
bd:36:7b:58:51:23:1a:97:ad:97:40:f8:2b:b7:68:
89:cd:7b:35:93:bd:8a:b3:6c:72:d7:9f:45:d7:53:
15:fe:e8:84:42:9b:ea:32:f4:59:0f:8b:04:b2:21:
0e:ed:17:a2:8c:da:73:32:77:84:36:21:31:d9:05:
cc:5e:6d:20:3c:6d:3f:d8:f4:db:c1:7c:5a:3d:2d:
f6:e0:d4:cd:5a:ca:9d:12:9e:d6:42:54:ca:e8:0f:
37:c4:18:26:45:ec:eb:0c:94:18:00:5b:f3:92:2e:
34:f5:de:40:bc:3b:b3:26:3a:ae:1b:4b:c3:30:86:
15:db:18:4f:49:c6:3b:1a:31:c8:f2:ca:ec:76:80:
75:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C9:FD:2E:5F:76:B6:93:65:A8:AF:FE:43:3E:78:71:FD:A9:DC:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
cf:7e:4b:19:4f:ca:a4:48:bb:c1:31:98:fd:4e:0b:9b:cd:b8:
86:ae:72:a9:1e:61:31:c8:10:84:29:9b:98:f1:9e:5f:ae:26:
2f:22:f9:b7:94:43:28:a9:60:f1:17:54:f2:8e:d2:69:b2:c9:
6a:4c:79:6c:69:54:3a:1a:d4:e6:d1:f0:d5:85:44:9e:b3:78:
f3:03:49:9c:4e:b4:97:28:9b:2b:d2:dd:58:98:72:73:95:80:
fb:43:4a:14:dd:68:70:9c:1b:89:29:f2:35:c4:56:bb:a9:8a:
af:61:b6:a0:a4:f2:7a:a9:1d:1b:8e:e7:d1:8d:9f:67:63:e4:
fb:71:87:a2:07:e9:81:71:54:50:3d:18:91:e8:17:45:75:a6:
f8:58:e1:d0:2c:b1:29:77:eb:c9:a9:f7:02:8b:15:77:b8:01:
c9:ca:55:e7:10:3b:e2:87:f4:1b:ef:33:b5:c3:8a:77:bd:de:
15:09:10:00:f9:93:27:23:db:8a:4c:67:ec:4f:e3:54:5c:6c:
9f:0b:16:03:6b:2d:96:44:3c:c9:4d:65:39:4d:29:69:37:de:
59:0a:01:8a:75:5f:b7:bb:e5:a7:31:a8:86:0d:b3:0a:95:03:
86:4b:9a:7f:7e:be:b2:57:e7:b8:bd:cd:53:22:f6:33:6b:2d:
cf:4b:bb:2f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUWAovsXnM4xfN5nx/JdHZSnr40AQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMDFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIwOWI2YTUzYmRkZmZjN2I3MGQxNDkyYmRlOTQ5ZGQ5NTAwYTkxMDc3YjI1
N2YyMmM3N2UyZGNiOWU3Y2FkMGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANhTvtBCifWfLeciCcnjiggfa5OTCJA5vg5kgb/PEOK1reBTObAlxFY3Wamx
Ca53LDXBRlgF/RH7sO0JVK+SNrk+3ma+iyuV9Ss4j6jk2Jo1AvbrjIHGOc0za/7F
vYiNCVVBm4T02XNgQeSvvrLgOde76ofDki2XvTZ7WFEjGpetl0D4K7doic17NZO9
irNsctefRddTFf7ohEKb6jL0WQ+LBLIhDu0XoozaczJ3hDYhMdkFzF5tIDxtP9j0
28F8Wj0t9uDUzVrKnRKe1kJUyugPN8QYJkXs6wyUGABb85IuNPXeQLw7syY6rhtL
wzCGFdsYT0nGOxoxyPLK7HaAddMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR8yf0u
X3a2k2Wor/5DPnhx/ancMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAz35LGU/KpEi7wTGY/U4Lm824hq5yqR5hMcgQhCmb
mPGeX64mLyL5t5RDKKlg8RdU8o7SabLJakx5bGlUOhrU5tHw1YVEnrN48wNJnE60
lyibK9LdWJhyc5WA+0NKFN1ocJwbiSnyNcRWu6mKr2G2oKTyeqkdG47n0Y2fZ2Pk
+3GHogfpgXFUUD0YkegXRXWm+Fjh0CyxKXfryan3AosVd7gBycpV5xA74of0G+8z
tcOKd73eFQkQAPmTJyPbikxn7E/jVFxsnwsWA2stlkQ8yU1lOU0paTfeWQoBinVf
t7vlpzGohg2zCpUDhkuaf36+slfnuL3NUyL2M2stz0u7Lw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:04 2025 by rpki-client