Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
File: 695716ab-c4db-435d-95fe-4143be62030e.roa (raw, json)
Hash identifier: u/cfidwiXMaBQnBsyBudmeXMb6gpARd3pPSWS9UYvLA=
Subject key identifier: 97:F7:E2:2B:9E:72:2B:AC:D5:2C:5A:20:F4:BC:A0:D0:53:94:C8:4B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DDB59E6E041A64D8F60AD39B6B2462DD2D22964
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
Signing time: Sat 27 Sep 2025 00:52:26 +0000
ROA not before: Sat 27 Sep 2025 00:52:26 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 139.79.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:db:59:e6:e0:41:a6:4d:8f:60:ad:39:b6:b2:46:2d:d2:d2:29:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:26 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=8473283b379ce1d2120bc5034ebaeb9cc54e8f6c2dee7f154edc309050ab887a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ef:e0:72:cb:2b:60:a0:cd:7c:f7:f8:1a:6c:
cb:11:c8:a3:34:28:35:cc:e1:e0:09:d4:ca:db:2f:
17:10:53:7c:a8:cc:bd:fd:a4:00:4f:71:87:be:78:
63:28:0e:ad:fb:36:e6:3f:2a:5d:d6:b1:b2:50:28:
18:04:ff:8e:f8:5f:b8:76:2f:f3:b6:e9:d0:45:28:
fa:9d:22:ea:14:95:d0:a5:61:22:c9:b2:36:ec:0b:
b9:a9:86:7e:e7:de:15:db:8f:1c:91:dd:4e:9c:7f:
e3:ea:70:24:1b:c3:41:46:51:df:8d:e9:01:30:eb:
63:87:cc:e6:35:33:00:34:dc:3d:df:de:eb:bd:01:
81:e2:8c:3f:86:a1:83:5b:3a:77:05:c1:77:ba:ab:
6e:16:68:09:84:45:4f:af:e6:1c:53:25:9e:75:ca:
35:77:6f:d6:aa:44:20:0b:c4:16:b7:63:9f:94:ad:
4e:8c:e5:5a:b8:8e:ae:09:fc:fd:cf:ad:da:8e:ae:
54:e2:61:3f:7d:d9:0a:c2:cb:6e:a3:b0:c7:a8:98:
2d:a7:1f:2d:63:18:4b:b5:cf:1a:f3:a0:49:4f:f8:
81:dc:f9:ee:6c:93:c7:e9:67:df:66:b0:1f:be:79:
1e:5a:a5:26:22:0c:98:b5:dc:5c:32:6a:ca:c1:99:
f7:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F7:E2:2B:9E:72:2B:AC:D5:2C:5A:20:F4:BC:A0:D0:53:94:C8:4B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/695716ab-c4db-435d-95fe-4143be62030e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.79.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3a:cb:a3:1d:7d:02:c4:d2:5c:3e:2b:19:7c:7f:fb:47:5a:24:
24:68:9b:a7:3f:aa:64:38:d6:80:47:fc:29:41:59:e1:ab:00:
3b:b0:d5:a3:86:14:db:c2:2b:e0:fa:0c:76:77:79:2c:04:15:
f5:d8:6d:09:62:c9:4e:a6:5c:ab:7d:ad:43:27:4a:43:72:e9:
e2:82:c9:b5:fc:2b:48:aa:e1:af:d9:b4:f6:8a:02:b8:9d:d3:
dd:13:ac:e3:da:ce:80:6a:48:84:bc:a4:c8:b8:79:a5:63:75:
9c:a3:0c:19:91:32:50:91:c5:50:22:1b:76:b9:b3:63:37:ee:
fe:c5:51:4a:2a:fa:78:47:cf:fa:61:99:1c:c5:fa:27:f7:cb:
9e:11:2a:58:d6:bc:bd:84:4d:23:2e:ab:d5:34:8f:fe:9b:0e:
46:35:18:16:a3:25:d6:1c:cd:be:53:0f:ae:e6:a7:19:e1:95:
8d:75:6f:2b:2d:5c:89:30:5d:8f:d2:9c:6d:cc:98:87:17:bc:
ec:b8:44:30:c5:64:e6:1d:6f:ea:b1:32:6c:2b:4f:04:8c:90:
78:f4:b6:f7:8b:8e:18:e1:2e:4c:c4:5e:ab:85:1f:22:63:e6:
2b:7a:d1:4c:a3:10:e0:0e:bd:dd:8b:53:f0:a1:58:7a:f4:b6:
2d:91:f7:e8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDdtZ5uBBpk2PYK05trJGLdLSKWQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyMjZaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg0NzMyODNiMzc5Y2UxZDIxMjBiYzUwMzRlYmFlYjljYzU0ZThmNmMyZGVl
N2YxNTRlZGMzMDkwNTBhYjg4N2ExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3v4HLLK2CgzXz3+BpsyxHIozQoNczh4AnUytsvFxBTfKjMvf2kAE9xh754
YygOrfs25j8qXdaxslAoGAT/jvhfuHYv87bp0EUo+p0i6hSV0KVhIsmyNuwLuamG
fufeFduPHJHdTpx/4+pwJBvDQUZR343pATDrY4fM5jUzADTcPd/e670BgeKMP4ah
g1s6dwXBd7qrbhZoCYRFT6/mHFMlnnXKNXdv1qpEIAvEFrdjn5StTozlWriOrgn8
/c+t2o6uVOJhP33ZCsLLbqOwx6iYLacfLWMYS7XPGvOgSU/4gdz57myTx+ln32aw
H755HlqlJiIMmLXcXDJqysGZ96sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSX9+Ir
nnIrrNUsWiD0vKDQU5TISzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Njk1NzE2YWItYzRkYi00MzVkLTk1ZmUtNDE0M2JlNjIwMzBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAItPMA0G
CSqGSIb3DQEBCwUAA4IBAQA6y6MdfQLE0lw+Kxl8f/tHWiQkaJunP6pkONaAR/wp
QVnhqwA7sNWjhhTbwivg+gx2d3ksBBX12G0JYslOplyrfa1DJ0pDcunigsm1/CtI
quGv2bT2igK4ndPdE6zj2s6AakiEvKTIuHmlY3WcowwZkTJQkcVQIht2ubNjN+7+
xVFKKvp4R8/6YZkcxfon98ueESpY1ry9hE0jLqvVNI/+mw5GNRgWoyXWHM2+Uw+u
5qcZ4ZWNdW8rLVyJMF2P0pxtzJiHF7zsuEQwxWTmHW/qsTJsK08EjJB49Lb3i44Y
4S5MxF6rhR8iY+YretFMoxDgDr3di1PwoVh69LYtkffo
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:34:39 2025 by rpki-client