Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/338cbdf4-937d-41ee-8ec5-ca45e166a036.roa
File: 338cbdf4-937d-41ee-8ec5-ca45e166a036.roa (raw, json)
Hash identifier: VcidfvFkEpog7OzgYtSbw2hRNtVWGH/sj6690dfL3w8=
Subject key identifier: D7:0F:84:CC:F4:41:86:98:1A:83:19:74:02:CC:63:21:94:73:1D:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05B7CC06C6407F0D2B688D98EAFC11936BDD2B37
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/338cbdf4-937d-41ee-8ec5-ca45e166a036.roa
Signing time: Fri 26 Sep 2025 20:10:19 +0000
ROA not before: Fri 26 Sep 2025 20:10:19 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 7224
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:b7:cc:06:c6:40:7f:0d:2b:68:8d:98:ea:fc:11:93:6b:dd:2b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:19 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=26206849a326047c8f65ced6ec069bce7b3bd1a07bd47a883a98d87b490cbd30, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:16:dc:5a:68:b2:6c:d2:c5:cf:a6:cf:ed:88:
28:a6:5e:20:a0:b0:4d:52:8d:a4:63:62:a7:84:1a:
cc:6f:e9:bc:81:14:f1:92:a9:7c:63:48:c3:b3:2d:
bf:c9:96:c0:13:68:a1:18:a1:6d:ef:5e:8a:7a:9b:
97:f1:58:e3:14:78:87:01:e7:4b:ac:7d:a9:7f:0a:
e6:c4:bd:51:c7:55:94:57:cf:f5:53:98:fe:1f:95:
2d:0f:68:0d:11:7c:b1:9a:ab:6b:f0:4d:e4:22:45:
f3:db:3c:50:14:55:5d:fc:0f:b8:58:56:6b:80:9f:
75:e1:d8:db:7b:84:dc:d3:14:42:4e:6d:ff:de:72:
2d:c8:56:30:6b:ad:43:22:11:4c:61:81:4f:56:36:
10:72:1c:87:9c:0b:f6:82:d2:6f:3e:e3:d9:38:dc:
d4:28:ce:0e:fd:16:59:a1:17:2e:eb:2f:35:ba:0e:
69:67:3b:f9:2f:f6:f4:20:2c:0b:03:9b:10:eb:5d:
c7:55:4e:61:03:90:9d:9e:8e:f3:50:63:1b:b8:a5:
72:9e:72:f6:3e:0e:d4:df:f5:97:d2:8f:a4:61:3b:
0d:e1:4f:13:a6:2d:8f:b4:b9:6a:03:c7:b7:60:23:
83:dc:e1:61:bf:54:b0:75:2f:6e:50:65:76:29:09:
4c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0F:84:CC:F4:41:86:98:1A:83:19:74:02:CC:63:21:94:73:1D:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/338cbdf4-937d-41ee-8ec5-ca45e166a036.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
17:55:c3:d0:fa:c3:f5:81:22:70:af:a5:70:8e:16:b5:2a:c5:
ac:37:71:9c:c3:a7:c4:43:4f:17:86:25:16:62:e5:f1:18:bc:
46:4e:24:cb:90:c3:88:91:04:f6:8f:6f:7c:ef:7f:a1:71:9d:
52:8b:d8:73:2d:59:ef:98:85:98:82:1b:63:3f:48:cc:a5:50:
c2:87:21:88:5d:e4:0e:9b:06:3b:fd:d0:7c:18:94:b3:e5:84:
35:4d:7e:12:1e:6e:01:eb:7e:71:25:89:d0:06:ba:e8:99:92:
99:e6:b4:66:90:6f:84:66:65:01:52:b3:1f:a6:af:b4:5f:2f:
07:de:2b:a8:94:9a:82:6d:2d:be:4c:46:de:94:cd:9c:13:86:
b9:75:79:d9:57:c2:c8:12:c6:35:5b:03:ac:8e:60:7c:94:0c:
19:ba:38:f8:36:1c:c4:32:44:f6:bc:4b:ca:c4:8e:be:85:93:
f3:66:8a:15:6a:39:66:dd:7e:7a:82:6f:c2:87:ff:55:92:c0:
d0:1f:e6:a8:e9:d8:96:91:23:f3:93:c8:48:3c:e4:bb:d2:a9:
c6:c5:a0:cf:e3:42:c4:e5:87:53:b8:36:8d:a5:18:21:e9:00:
f0:6c:2e:34:a6:85:42:e2:28:97:21:32:14:ed:bc:b5:4b:cd:
7b:ce:39:df
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUBbfMBsZAfw0raI2Y6vwRk2vdKzcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDI2MjA2ODQ5YTMyNjA0N2M4ZjY1Y2VkNmVjMDY5YmNlN2IzYmQxYTA3YmQ0
N2E4ODNhOThkODdiNDkwY2JkMzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUW3FposmzSxc+mz+2IKKZeIKCwTVKNpGNip4QazG/pvIEU8ZKpfGNIw7Mt
v8mWwBNooRihbe9einqbl/FY4xR4hwHnS6x9qX8K5sS9UcdVlFfP9VOY/h+VLQ9o
DRF8sZqra/BN5CJF89s8UBRVXfwPuFhWa4CfdeHY23uE3NMUQk5t/95yLchWMGut
QyIRTGGBT1Y2EHIch5wL9oLSbz7j2Tjc1CjODv0WWaEXLusvNboOaWc7+S/29CAs
CwObEOtdx1VOYQOQnZ6O81BjG7ilcp5y9j4O1N/1l9KPpGE7DeFPE6Ytj7S5agPH
t2Ajg9zhYb9UsHUvblBldikJTG0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTXD4TM
9EGGmBqDGXQCzGMhlHMdJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzM4Y2JkZjQtOTM3ZC00MWVlLThlYzUtY2E0NWUxNjZhMDM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAF1XD0PrD9YEicK+lcI4WtSrFrDdxnMOnxENPF4Yl
FmLl8Ri8Rk4ky5DDiJEE9o9vfO9/oXGdUovYcy1Z75iFmIIbYz9IzKVQwochiF3k
DpsGO/3QfBiUs+WENU1+Eh5uAet+cSWJ0Aa66JmSmea0ZpBvhGZlAVKzH6avtF8v
B94rqJSagm0tvkxG3pTNnBOGuXV52VfCyBLGNVsDrI5gfJQMGbo4+DYcxDJE9rxL
ysSOvoWT82aKFWo5Zt1+eoJvwof/VZLA0B/mqOnYlpEj85PISDzku9KpxsWgz+NC
xOWHU7g2jaUYIekA8GwuNKaFQuIolyEyFO28tUvNe8453w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:52:16 2025 by rpki-client