Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: OtRc14J3eajEyBg8plCDgEnby5mLiQ7tZqSsNES79lo=
Subject key identifier: 40:26:5C:48:75:29:13:41:15:1F:FE:24:5A:9E:2B:86:76:8B:EB:8D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7FE800C68265A981C6B33231B72255E1B2BA52A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Fri 26 Sep 2025 20:21:00 +0000
ROA not before: Fri 26 Sep 2025 20:21:00 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:e8:00:c6:82:65:a9:81:c6:b3:32:31:b7:22:55:e1:b2:ba:52:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:00 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=46871eea70e3c4dc811e7b0c2a3a2f4f6288e266ce79fc609b31990009cde1c1, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:31:bd:62:f6:de:c6:06:3e:eb:06:4a:da:4d:
27:fd:a4:a5:bf:f3:99:d1:87:d5:30:3a:7b:9d:1a:
c4:74:52:d8:a8:87:33:6a:d4:73:7a:bc:61:d5:50:
51:45:4f:34:52:18:86:5d:ce:6d:64:52:e0:bc:1f:
70:5e:a1:3d:f0:72:f0:95:5b:85:3b:ad:dd:a5:68:
c7:4d:67:63:e3:96:04:18:8e:8f:02:4c:b8:55:56:
0a:f1:b4:29:d3:73:ca:95:20:55:a0:8e:72:72:d7:
83:ac:29:ad:8e:63:d8:fc:a3:af:8a:7f:5f:16:15:
83:b8:f5:2b:f7:7a:ea:22:5d:25:af:52:fd:f5:40:
bb:6b:d7:67:7c:f7:fa:73:23:7f:4d:68:c4:2a:c3:
a2:d0:ab:6d:ae:f8:3d:9c:d6:82:54:9a:fa:1e:22:
f6:ae:69:36:ad:f9:e4:f1:37:dc:49:b3:27:e1:a6:
89:6f:53:cc:6c:ee:34:d2:19:d8:e9:60:0b:5d:4d:
bb:41:6d:2f:a7:70:63:84:be:e2:8f:71:dd:96:ab:
92:63:f3:fb:7a:ba:5a:e4:56:82:bb:68:f8:5b:2e:
49:29:85:b1:b0:20:f7:22:4a:ce:dc:03:d1:3b:4b:
98:e2:1e:2e:0b:c5:63:68:f8:c1:ad:aa:9b:e3:2f:
d0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:26:5C:48:75:29:13:41:15:1F:FE:24:5A:9E:2B:86:76:8B:EB:8D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:03:ce:e7:44:4f:e3:52:9f:68:66:c9:c8:0e:50:2f:21:fa:
7d:0d:4d:02:29:77:2f:0e:e3:15:e5:ef:cf:18:6e:cb:47:36:
ed:02:b6:06:cf:f9:f2:23:a2:78:84:ad:bb:fb:e0:4d:e6:f8:
5b:71:57:8e:cf:60:c9:4a:e6:69:34:8f:23:3a:64:81:6d:1a:
b5:0a:5a:d9:2c:77:27:c5:47:37:81:d0:63:c6:27:44:46:2a:
96:53:0d:16:1a:51:73:21:6f:8e:fe:46:c7:60:67:78:e3:7d:
68:a6:88:df:0d:26:c4:2a:29:7c:80:53:3a:54:bf:c0:25:74:
0f:7b:28:18:36:96:c5:b5:53:f2:72:f5:46:78:5c:a9:f2:3f:
05:de:fa:63:ef:56:aa:af:71:a5:04:3c:f2:1e:7d:5d:87:7f:
56:37:f1:40:ed:69:87:08:1e:fb:e1:7e:4c:7a:8b:a4:dc:c1:
24:8b:49:cc:b5:d3:62:7b:15:6d:fa:a5:76:1e:6e:ad:95:2c:
ad:67:7c:ca:e2:15:ae:22:1f:50:88:c2:a6:ec:0e:8c:e4:f3:
65:5a:d8:7b:e8:ff:37:5f:1c:01:c5:1b:9a:99:fc:88:06:cc:
b1:ac:39:04:0f:09:2b:d2:aa:de:b3:13:e4:01:ac:5f:07:b9:
fc:9a:c4:e2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf+gAxoJlqYHGszIxtyJV4bK6UqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMDBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ2ODcxZWVhNzBlM2M0ZGM4MTFlN2IwYzJhM2EyZjRmNjI4OGUyNjZjZTc5
ZmM2MDliMzE5OTAwMDljZGUxYzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJsxvWL23sYGPusGStpNJ/2kpb/zmdGH1TA6e50axHRS2KiHM2rUc3q8YdVQ
UUVPNFIYhl3ObWRS4LwfcF6hPfBy8JVbhTut3aVox01nY+OWBBiOjwJMuFVWCvG0
KdNzypUgVaCOcnLXg6wprY5j2Pyjr4p/XxYVg7j1K/d66iJdJa9S/fVAu2vXZ3z3
+nMjf01oxCrDotCrba74PZzWglSa+h4i9q5pNq355PE33EmzJ+GmiW9TzGzuNNIZ
2OlgC11Nu0FtL6dwY4S+4o9x3ZarkmPz+3q6WuRWgrto+FsuSSmFsbAg9yJKztwD
0TtLmOIeLgvFY2j4wa2qm+Mv0J8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRAJlxI
dSkTQRUf/iRaniuGdovrjTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQAEA87nRE/jUp9oZsnIDlAvIfp9DU0CKXcvDuMV5e/P
GG7LRzbtArYGz/nyI6J4hK27++BN5vhbcVeOz2DJSuZpNI8jOmSBbRq1ClrZLHcn
xUc3gdBjxidERiqWUw0WGlFzIW+O/kbHYGd4431opojfDSbEKil8gFM6VL/AJXQP
eygYNpbFtVPycvVGeFyp8j8F3vpj71aqr3GlBDzyHn1dh39WN/FA7WmHCB774X5M
eouk3MEki0nMtdNiexVt+qV2Hm6tlSytZ3zK4hWuIh9QiMKm7A6M5PNlWth76P83
XxwBxRuamfyIBsyxrDkEDwkr0qresxPkAaxfB7n8msTi
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:28 2025 by rpki-client