Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: f1naeqinTbatRFxStibgnEWNQASrmpuPB0iZrQkCD0g=
Subject key identifier: 30:AA:9F:C3:78:47:AC:04:A7:61:04:E2:88:80:C3:A7:B8:D0:75:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31B38FA7F7C8319F24CE867FDEB8E70D61C63D6E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Fri 10 Oct 2025 17:10:05 +0000
ROA not before: Fri 10 Oct 2025 17:10:05 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:b3:8f:a7:f7:c8:31:9f:24:ce:86:7f:de:b8:e7:0d:61:c6:3d:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 10 17:10:05 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=4ffe9758504848ec5ac50bbaa3dd322ee275671f1e57f5d9df56fe2b2b9e7b2c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e6:fa:e0:c2:77:7d:14:dc:54:d7:00:71:d6:
27:d1:14:9b:d1:39:84:c9:53:c5:c4:cf:d4:64:4f:
31:3d:27:66:f2:45:66:9c:e5:3f:41:17:da:ec:91:
58:68:98:92:d5:24:31:fa:0f:7d:6a:d6:fe:ca:b6:
17:93:68:3d:aa:77:5e:9f:54:23:70:27:cb:4a:20:
28:e3:9a:2a:2d:d0:42:59:41:ac:5e:4a:04:ec:b5:
12:bc:91:28:9a:09:23:aa:9b:c2:8b:fc:0c:a9:cd:
27:c7:27:e6:4b:f6:c7:36:cb:bf:af:0a:ee:7f:fd:
29:21:24:b6:e0:1d:12:41:7f:7c:2b:6e:ba:73:ac:
51:9e:03:35:f2:c8:16:85:ff:71:3e:24:85:39:f9:
97:09:2c:c3:73:e4:ce:67:1d:5c:41:7f:67:6c:84:
9c:59:da:d1:22:65:e9:85:82:c0:3b:44:90:ef:f8:
b2:61:ab:58:f5:6e:da:c1:55:6d:50:85:18:74:9d:
21:c8:e9:f0:a6:3b:d8:1b:80:23:47:82:f6:05:94:
08:c9:37:53:99:df:87:42:44:ca:be:72:7e:f9:58:
1f:70:45:63:9f:75:0c:48:2c:e6:a5:a5:9f:68:f1:
55:2a:e9:80:d5:2b:f8:fe:04:58:94:a6:4d:8b:2a:
45:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AA:9F:C3:78:47:AC:04:A7:61:04:E2:88:80:C3:A7:B8:D0:75:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
81:68:4c:2b:0c:61:40:bd:7d:40:ee:61:5a:e5:40:7c:c7:1b:
b1:34:25:81:8a:fa:5f:e3:3e:27:4d:2a:83:fe:38:75:d9:ce:
63:fb:9c:09:06:ce:6d:0b:5e:96:9a:63:b8:40:74:fe:78:a3:
9a:22:ca:2d:86:e4:81:df:73:3a:53:37:49:4a:15:12:d7:61:
6e:37:1d:be:ea:e6:a2:53:d0:fc:08:65:8e:d6:d3:19:bc:7f:
4a:69:02:41:7b:ad:38:5f:5a:86:65:4d:7b:e8:87:89:b2:da:
4c:48:76:ba:6a:20:81:85:54:34:f7:b7:8a:1e:6c:4a:92:57:
e1:6b:ea:2b:08:12:10:d6:4e:c3:29:b5:14:f9:c6:4d:4f:d3:
3f:e9:af:c6:4c:42:3c:74:d1:01:12:7e:96:eb:53:09:d6:c2:
46:cf:06:e5:15:c0:e5:53:92:51:0e:38:f1:53:23:75:7a:f5:
d1:54:40:52:ba:c4:0e:08:b2:09:2b:56:93:c2:d2:93:be:1e:
99:bd:93:67:1c:41:ba:a9:93:9f:f3:c0:c9:a6:bb:0b:33:25:
fc:68:e5:05:18:f4:81:20:ec:ed:fa:6d:a5:7b:88:df:41:00:
bf:19:9f:93:21:d3:7c:d7:5d:da:b7:88:50:63:43:df:cb:4d:
6f:c1:fd:c0
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMbOPp/fIMZ8kzoZ/3rjnDWHGPW4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTAxNzEwMDVaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDRmZmU5NzU4NTA0ODQ4ZWM1YWM1MGJiYWEzZGQzMjJlZTI3NTY3MWYxZTU3
ZjVkOWRmNTZmZTJiMmI5ZTdiMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvm+uDCd30U3FTXAHHWJ9EUm9E5hMlTxcTP1GRPMT0nZvJFZpzlP0EX2uyR
WGiYktUkMfoPfWrW/sq2F5NoPap3Xp9UI3Any0ogKOOaKi3QQllBrF5KBOy1EryR
KJoJI6qbwov8DKnNJ8cn5kv2xzbLv68K7n/9KSEktuAdEkF/fCtuunOsUZ4DNfLI
FoX/cT4khTn5lwksw3PkzmcdXEF/Z2yEnFna0SJl6YWCwDtEkO/4smGrWPVu2sFV
bVCFGHSdIcjp8KY72BuAI0eC9gWUCMk3U5nfh0JEyr5yfvlYH3BFY591DEgs5qWl
n2jxVSrpgNUr+P4EWJSmTYsqRVsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQwqp/D
eEesBKdhBOKIgMOnuNB1mzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAgWhMKwxhQL19QO5hWuVAfMcbsTQlgYr6X+M+J00q
g/44ddnOY/ucCQbObQtelppjuEB0/nijmiLKLYbkgd9zOlM3SUoVEtdhbjcdvurm
olPQ/AhljtbTGbx/SmkCQXutOF9ahmVNe+iHibLaTEh2umoggYVUNPe3ih5sSpJX
4WvqKwgSENZOwym1FPnGTU/TP+mvxkxCPHTRARJ+lutTCdbCRs8G5RXA5VOSUQ44
8VMjdXr10VRAUrrEDgiyCStWk8LSk74emb2TZxxBuqmTn/PAyaa7CzMl/GjlBRj0
gSDs7fptpXuI30EAvxmfkyHTfNdd2reIUGND38tNb8H9wA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:14 2025 by rpki-client