Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: OdYn9bMAFj4gRsZUDXNiq2i5TOHNxZla9uT8rhaWDsw=
Subject key identifier: 47:B2:71:EA:A6:D8:AF:5F:52:54:22:B8:91:02:D8:C3:37:92:4A:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6BE06540C7030A394C7FA9D072EB0901EA2548CF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Mon 06 Oct 2025 18:10:04 +0000
ROA not before: Mon 06 Oct 2025 18:10:04 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:e0:65:40:c7:03:0a:39:4c:7f:a9:d0:72:eb:09:01:ea:25:48:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:04 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=f4a953e6b09b4a27b06d8aa1c361733a94ec34b193a82f003e22ba34ada7a2c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9a:79:54:17:84:e4:16:a3:3b:39:c9:9d:b6:
a8:09:22:04:7a:d3:1e:41:d4:77:1a:b6:ee:7c:0a:
22:ff:e0:c2:ea:3d:78:88:15:8f:24:e5:5e:95:95:
b1:cf:2b:60:35:b4:54:21:3e:c8:a0:bf:3a:20:53:
8b:76:4c:ea:bd:d6:fa:8a:41:dd:ac:1e:8e:eb:c0:
c6:02:37:81:7c:3b:06:60:a0:26:65:4d:2a:6b:b9:
0b:92:6c:aa:66:23:46:ee:e4:ec:83:a0:f8:92:03:
5f:95:76:51:81:53:70:6b:8e:60:6c:e4:19:3d:08:
d7:80:8b:7d:d1:00:71:44:9b:e4:8d:e3:9e:71:09:
50:52:42:23:bd:f5:f2:a3:96:90:ec:17:5e:39:91:
c0:24:61:fb:8f:5a:fe:1b:57:6f:4a:6f:a4:9b:f4:
44:db:47:d6:98:dd:50:ca:64:a5:37:66:01:17:36:
51:a5:ba:4a:de:b2:a5:dd:b0:b5:1f:c7:cb:63:32:
7b:b7:00:64:24:19:58:de:dc:97:2e:4a:3d:96:2d:
48:93:78:a3:f6:e9:68:c3:32:8d:e9:da:2e:84:4b:
fb:02:81:f6:69:b3:62:ca:3c:e5:e3:ef:32:6a:52:
a6:11:08:a0:e6:cf:e2:0d:48:78:17:61:f7:83:2d:
38:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:B2:71:EA:A6:D8:AF:5F:52:54:22:B8:91:02:D8:C3:37:92:4A:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:24:8b:12:88:f4:ef:56:87:cb:ac:50:c5:54:61:ff:aa:c7:
1d:f5:4c:6d:14:97:28:9f:fb:ac:9e:89:68:d0:99:6e:b1:fd:
75:2d:0d:8b:f9:e2:b3:b1:a9:ad:62:0d:a1:cb:83:e0:51:95:
28:53:7a:61:99:20:12:8f:93:11:e1:80:5c:46:ab:aa:29:a6:
09:34:7c:9c:0b:68:30:15:9b:9c:65:1c:14:0d:2e:57:20:8d:
ae:44:45:ee:a7:0a:57:92:5b:cd:c9:3a:66:87:f5:c6:08:a6:
f7:aa:3d:d6:65:69:11:ae:63:90:5f:a7:ed:20:6b:1f:9c:52:
1a:7a:83:8b:ef:f1:48:97:19:dc:25:bd:80:83:28:6d:df:c1:
6b:e4:9a:1f:28:87:4f:12:65:34:81:dc:46:ef:ae:a8:57:a3:
77:98:c8:6d:34:20:4e:7b:0d:55:25:65:bd:26:12:dd:31:5c:
24:61:70:99:14:05:d4:9c:a9:b1:26:af:28:d8:db:06:2d:5a:
f0:9c:17:99:c7:86:00:95:21:b9:87:fb:43:60:13:1e:70:01:
79:c9:4a:d3:6d:40:ef:ef:9b:f6:08:97:ac:ab:92:6d:ad:72:
30:a9:a1:b3:01:f7:0c:47:9e:17:d2:cd:dc:dd:f5:d8:d5:fd:
85:70:ca:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUa+BlQMcDCjlMf6nQcusJAeolSM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMDRaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY0YTk1M2U2YjA5YjRhMjdiMDZkOGFhMWMzNjE3MzNhOTRlYzM0YjE5M2E4
MmYwMDNlMjJiYTM0YWRhN2EyYzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALOaeVQXhOQWozs5yZ22qAkiBHrTHkHUdxq27nwKIv/gwuo9eIgVjyTlXpWV
sc8rYDW0VCE+yKC/OiBTi3ZM6r3W+opB3awejuvAxgI3gXw7BmCgJmVNKmu5C5Js
qmYjRu7k7IOg+JIDX5V2UYFTcGuOYGzkGT0I14CLfdEAcUSb5I3jnnEJUFJCI731
8qOWkOwXXjmRwCRh+49a/htXb0pvpJv0RNtH1pjdUMpkpTdmARc2UaW6St6ypd2w
tR/Hy2Mye7cAZCQZWN7cly5KPZYtSJN4o/bpaMMyjenaLoRL+wKB9mmzYso85ePv
MmpSphEIoObP4g1IeBdh94MtOEECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRHsnHq
ptivX1JUIriRAtjDN5JKZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQA8JIsSiPTvVofLrFDFVGH/qscd9UxtFJcon/usnolo
0Jlusf11LQ2L+eKzsamtYg2hy4PgUZUoU3phmSASj5MR4YBcRquqKaYJNHycC2gw
FZucZRwUDS5XII2uREXupwpXklvNyTpmh/XGCKb3qj3WZWkRrmOQX6ftIGsfnFIa
eoOL7/FIlxncJb2Agyht38Fr5JofKIdPEmU0gdxG766oV6N3mMhtNCBOew1VJWW9
JhLdMVwkYXCZFAXUnKmxJq8o2NsGLVrwnBeZx4YAlSG5h/tDYBMecAF5yUrTbUDv
75v2CJesq5JtrXIwqaGzAfcMR54X0s3c3fXY1f2FcMr7
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:07:17 2025 by rpki-client