Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: F3KeOQ8z7S3RSilTVHljo1X9h9Bn+gue3s/7f8UJe3I=
Subject key identifier: 5C:62:8D:F4:24:40:CF:66:C7:1F:6E:82:A9:A7:27:A6:3D:88:A4:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FDB250B04F972FE5BCF65F231FDE70441E9C81C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Mon 06 Oct 2025 18:10:29 +0000
ROA not before: Mon 06 Oct 2025 18:10:29 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:db:25:0b:04:f9:72:fe:5b:cf:65:f2:31:fd:e7:04:41:e9:c8:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:29 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=6598af68ca7b64950a07a2d2ab472140653f2c82311d510f9caf08c87ec87387, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:be:e4:c9:47:12:61:36:1c:fe:17:ac:ff:9b:
ec:9f:48:c6:44:7f:f7:5e:d8:67:35:29:16:74:ce:
ea:3a:32:07:45:f7:d0:2b:31:38:4b:28:7b:c2:a9:
38:f0:3c:b7:15:22:a1:d3:7c:bd:2d:63:b2:c5:77:
c1:83:44:ca:e5:72:3c:51:a6:0e:f4:9b:a3:83:c4:
6e:26:aa:e5:f2:7c:4c:e4:e1:e7:c7:79:f1:99:01:
70:66:42:dd:88:7d:8b:d9:9d:49:10:b6:df:be:af:
6b:69:33:6c:cd:03:4d:0b:8a:bc:cd:da:ff:f7:2d:
20:6a:26:8d:9b:2d:63:bc:b5:03:33:12:db:5d:70:
11:08:e8:b8:1a:3f:d0:26:f3:a4:e9:21:fe:12:41:
46:08:ba:14:f1:0c:e3:92:82:0e:65:80:67:4f:78:
74:b6:a5:e2:af:31:be:fd:6b:98:70:6d:54:52:ab:
97:a3:31:75:a3:45:a9:b5:6b:b4:a4:83:7a:95:ac:
17:e2:66:24:bd:3d:13:f9:9f:ba:3e:e7:1d:bb:02:
32:9b:32:d2:53:1f:9f:eb:74:bf:c4:ac:a8:cd:e2:
96:c9:5e:f4:c2:c4:e5:4e:83:a8:e0:89:b8:09:53:
58:c6:ad:da:6a:97:62:3d:b7:53:0d:f5:a2:20:6e:
6b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:62:8D:F4:24:40:CF:66:C7:1F:6E:82:A9:A7:27:A6:3D:88:A4:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
00:29:80:5a:8b:3d:a9:71:43:1c:30:da:ec:89:c5:ec:c9:d7:
0a:85:3f:ea:2e:b5:b1:d5:9c:db:53:6d:cb:d9:06:c7:d9:b1:
4d:97:2d:2a:bc:84:c2:50:65:68:46:43:45:66:0e:b2:01:86:
c6:1c:b9:fa:5c:c7:47:15:a5:ff:26:e5:4c:7d:c7:e9:d9:d0:
e0:a6:d4:cd:93:9b:bd:db:64:14:af:b3:2c:68:77:b1:89:fe:
c5:23:5a:9e:ab:12:ca:8a:be:07:9b:ea:14:52:a7:f8:18:26:
e0:1c:f9:93:fb:8b:1b:a2:1c:26:50:ac:2c:44:63:69:13:54:
1d:09:f6:17:fc:14:c4:de:39:bd:9e:4a:56:62:5d:9a:90:75:
a0:2a:f5:ce:86:09:23:7d:8f:b7:21:db:b3:9d:97:fa:94:d6:
f8:ce:af:f3:8c:16:6d:9d:f3:be:f8:22:36:ad:b2:71:84:1b:
9b:b8:a0:75:e6:cc:5b:a4:e3:29:f0:2c:bf:bc:2c:8e:31:fd:
f7:2d:e1:02:7d:2c:95:83:ea:2b:92:38:9b:c5:d5:28:a4:37:
79:f0:12:12:18:f7:2d:e3:4b:58:b3:50:bc:c0:74:f7:e3:d9:
9e:6c:94:22:d4:60:0d:37:ee:8a:54:41:a6:f3:d7:12:6a:a9:
57:03:2c:21
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf9slCwT5cv5bz2XyMf3nBEHpyBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMjlaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1OThhZjY4Y2E3YjY0OTUwYTA3YTJkMmFiNDcyMTQwNjUzZjJjODIzMTFk
NTEwZjljYWYwOGM4N2VjODczODcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMi+5MlHEmE2HP4XrP+b7J9IxkR/917YZzUpFnTO6joyB0X30CsxOEsoe8Kp
OPA8txUiodN8vS1jssV3wYNEyuVyPFGmDvSbo4PEbiaq5fJ8TOTh58d58ZkBcGZC
3Yh9i9mdSRC2376va2kzbM0DTQuKvM3a//ctIGomjZstY7y1AzMS211wEQjouBo/
0CbzpOkh/hJBRgi6FPEM45KCDmWAZ094dLal4q8xvv1rmHBtVFKrl6MxdaNFqbVr
tKSDepWsF+JmJL09E/mfuj7nHbsCMpsy0lMfn+t0v8SsqM3ilsle9MLE5U6DqOCJ
uAlTWMat2mqXYj23Uw31oiBua58CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcYo30
JEDPZscfboKppyemPYikcTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAAKYBaiz2pcUMcMNrsicXsydcKhT/qLrWx1ZzbU23L
2QbH2bFNly0qvITCUGVoRkNFZg6yAYbGHLn6XMdHFaX/JuVMfcfp2dDgptTNk5u9
22QUr7MsaHexif7FI1qeqxLKir4Hm+oUUqf4GCbgHPmT+4sbohwmUKwsRGNpE1Qd
CfYX/BTE3jm9nkpWYl2akHWgKvXOhgkjfY+3IduznZf6lNb4zq/zjBZtnfO++CI2
rbJxhBubuKB15sxbpOMp8Cy/vCyOMf33LeECfSyVg+orkjibxdUopDd58BISGPct
40tYs1C8wHT349mebJQi1GANN+6KVEGm89cSaqlXAywh
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:40:01 2025 by rpki-client