Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
File: 4eb66819-e335-446d-8ca8-7436f3cd196d.roa (raw, json)
Hash identifier: Tu7lVZkDc7r188ZqufWelLpe6oHJ+KGmqPlcdUpUqOw=
Subject key identifier: 89:67:8B:3D:1C:31:C7:68:96:B3:ED:EC:67:8B:19:81:8E:7A:7E:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 096EF183722DA0BE002F355AFB20F093A8C5D5F2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
Signing time: Fri 26 Sep 2025 20:10:04 +0000
ROA not before: Fri 26 Sep 2025 20:10:04 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.128.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:6e:f1:83:72:2d:a0:be:00:2f:35:5a:fb:20:f0:93:a8:c5:d5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:04 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=942949df9854b4be46cd9cd5656b32f07d6e2a93027a13965f4561302e22d948, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2c:a6:2c:8b:ab:38:8c:23:63:a0:d2:75:a7:
dc:9f:2f:3b:74:31:b9:29:4c:e3:d2:63:e0:09:c7:
fa:18:86:2f:12:9a:21:87:1f:4f:1d:0a:1a:8f:a6:
b6:9b:82:90:b2:f2:37:5e:bd:cd:61:36:d5:ce:d7:
c5:41:9f:96:bb:62:ca:c0:86:4f:42:81:db:2a:6c:
ec:be:e6:49:c6:54:d9:29:a6:80:b0:69:5a:14:5f:
6f:27:5a:f7:f6:c4:2e:f4:3b:34:2d:e4:82:d9:10:
43:65:3d:3f:02:99:42:cf:0f:4b:1e:6e:90:e6:07:
6d:00:0b:42:d4:03:0b:54:db:45:95:bc:a4:3a:12:
d1:60:de:74:14:13:64:50:a8:f9:e4:ce:7e:2e:9b:
8b:ec:61:de:6e:0e:f6:ce:0a:aa:2f:74:f3:66:69:
e4:26:f4:dc:22:7d:13:84:75:ee:34:64:92:0d:bc:
18:2b:fb:09:6c:8e:7c:cb:d3:8f:89:27:13:b9:b3:
28:d1:2b:f6:8f:c4:d0:03:3a:53:43:45:63:43:cb:
31:da:ec:ef:e3:fd:9e:a8:e3:4e:8a:da:c1:2c:c5:
88:d1:2f:ad:8c:19:6e:6b:c7:fc:54:62:32:93:e0:
f6:51:9a:7a:99:88:47:49:22:3c:c3:a5:54:21:3a:
93:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:67:8B:3D:1C:31:C7:68:96:B3:ED:EC:67:8B:19:81:8E:7A:7E:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4eb66819-e335-446d-8ca8-7436f3cd196d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.128.0/18
Signature Algorithm: sha256WithRSAEncryption
23:0f:4a:1a:88:7f:25:e2:80:4a:43:ce:6c:90:8d:21:2b:3b:
d4:61:53:f4:b7:a9:15:a1:b6:2e:dd:07:e0:6c:85:b9:f2:1c:
09:6e:50:7a:d3:31:d9:2a:03:35:5d:6d:e9:1c:80:e1:a5:a5:
66:52:e0:45:cf:0a:53:67:52:89:50:9f:f7:92:58:b7:df:14:
0c:56:9c:67:ca:f2:44:b9:af:b2:08:00:51:2e:bd:4b:97:80:
fc:d1:46:d1:99:87:3a:4b:49:53:85:b4:7b:d4:1b:24:3c:2f:
44:43:ed:08:48:da:4a:4f:2d:a6:3a:95:77:4d:b9:20:e7:47:
3d:44:a7:04:ce:54:19:ae:89:b9:47:b2:da:2b:0c:4c:a9:7f:
3e:20:c1:4b:6a:77:07:3e:22:91:a8:1b:a9:8b:4b:ce:47:1f:
68:be:7d:f9:5d:47:55:5e:df:fa:f4:67:39:ca:91:13:b9:24:
e5:dc:3e:80:0d:f5:6b:e9:ec:11:d3:5c:e3:2d:32:ac:ef:b1:
02:38:f5:65:72:e1:68:86:1e:8f:0d:4e:95:ef:0c:95:92:3a:
7f:d5:32:a1:eb:e0:ff:dd:ce:89:29:80:77:3c:c4:55:0d:c9:
b5:c9:ef:97:74:55:90:4b:97:a6:3e:c3:9a:98:2d:9a:b7:6d:
de:0b:df:e2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCW7xg3ItoL4ALzVa+yDwk6jF1fIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMDRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0Mjk0OWRmOTg1NGI0YmU0NmNkOWNkNTY1NmIzMmYwN2Q2ZTJhOTMwMjdh
MTM5NjVmNDU2MTMwMmUyMmQ5NDgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALcspiyLqziMI2Og0nWn3J8vO3QxuSlM49Jj4AnH+hiGLxKaIYcfTx0KGo+m
tpuCkLLyN169zWE21c7XxUGflrtiysCGT0KB2yps7L7mScZU2SmmgLBpWhRfbyda
9/bELvQ7NC3kgtkQQ2U9PwKZQs8PSx5ukOYHbQALQtQDC1TbRZW8pDoS0WDedBQT
ZFCo+eTOfi6bi+xh3m4O9s4Kqi9082Zp5Cb03CJ9E4R17jRkkg28GCv7CWyOfMvT
j4knE7mzKNEr9o/E0AM6U0NFY0PLMdrs7+P9nqjjTorawSzFiNEvrYwZbmvH/FRi
MpPg9lGaepmIR0kiPMOlVCE6k0sCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSJZ4s9
HDHHaJaz7exnixmBjnp+2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGViNjY4MTktZTMzNS00NDZkLThjYTgtNzQzNmYzY2QxOTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBo9BgDAN
BgkqhkiG9w0BAQsFAAOCAQEAIw9KGoh/JeKASkPObJCNISs71GFT9LepFaG2Lt0H
4GyFufIcCW5QetMx2SoDNV1t6RyA4aWlZlLgRc8KU2dSiVCf95JYt98UDFacZ8ry
RLmvsggAUS69S5eA/NFG0ZmHOktJU4W0e9QbJDwvREPtCEjaSk8tpjqVd025IOdH
PUSnBM5UGa6JuUey2isMTKl/PiDBS2p3Bz4ikagbqYtLzkcfaL59+V1HVV7f+vRn
OcqRE7kk5dw+gA31a+nsEdNc4y0yrO+xAjj1ZXLhaIYejw1Ole8MlZI6f9Uyoevg
/93OiSmAdzzEVQ3Jtcnvl3RVkEuXpj7Dmpgtmrdt3gvf4g==
-----END CERTIFICATE-----
Generated at Tue Oct 21 01:58:41 2025 by rpki-client