Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
File: 80e298e3-975b-4cea-9586-8d04a37a53a2.roa (raw, json)
Hash identifier: PiFWddFPOTGZh/7YTM8Xc4wlVK8idZ7tZeks8ofjykg=
Subject key identifier: 11:1C:BF:08:1F:43:10:75:99:34:15:DF:BA:42:60:D7:1A:B4:7F:A4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0934FFA42EEDB771EF84110BD9AC17ED83572390
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
Signing time: Mon 13 Oct 2025 18:00:07 +0000
ROA not before: Mon 13 Oct 2025 18:00:07 +0000
ROA not after: Mon 17 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:34:ff:a4:2e:ed:b7:71:ef:84:11:0b:d9:ac:17:ed:83:57:23:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 13 18:00:07 2025 GMT
Not After : Nov 17 23:59:59 2025 GMT
Subject: serialNumber=edd13ed1b747a1bdc62da56160f81ef16205c9a627daf6957b3b0c40dd37c7c3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f4:51:98:10:be:31:fc:c4:d9:00:27:a2:ab:
7b:8e:c8:6e:be:a9:c0:ac:0c:67:41:2f:02:27:72:
e8:72:8a:48:39:77:f5:64:62:2e:ab:95:2e:e9:f1:
25:97:ed:b4:f4:01:3a:62:b5:64:d5:1c:2c:06:18:
4e:e2:f6:87:ad:1d:fb:fe:3b:e2:3e:94:2b:57:df:
36:2b:c2:64:21:79:67:41:51:51:ce:b9:14:17:0a:
ca:d5:b6:1d:43:0a:42:b7:6b:7c:48:08:48:fc:9c:
2a:de:fe:76:d5:8e:22:97:59:ec:23:4f:a1:b8:d4:
92:70:9a:ef:9c:8e:a9:91:3c:a9:60:c1:09:6b:e4:
68:67:14:04:39:69:8b:da:e5:f6:3d:5d:e3:64:1c:
83:23:11:c1:91:a0:8c:97:84:d8:88:eb:97:ac:9d:
8b:d2:f9:9c:8d:18:c1:3e:c6:ca:e9:db:d5:90:14:
37:d9:cb:d3:d0:9e:bc:62:33:0a:c9:49:41:20:88:
ac:cd:3a:9a:ee:c8:b9:4a:1d:62:4c:14:65:6d:29:
99:97:5b:71:a4:f6:cf:c3:70:d4:82:bf:b3:53:b3:
2f:44:82:40:a5:51:9a:1f:06:e8:fe:4f:fe:e1:d8:
7c:8c:90:bd:72:71:f8:16:b2:09:9e:bb:0e:e5:8c:
58:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1C:BF:08:1F:43:10:75:99:34:15:DF:BA:42:60:D7:1A:B4:7F:A4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:62:cb:e3:89:4e:7d:4f:94:c9:05:89:96:1a:44:9b:59:e1:
31:8a:d3:c4:8a:7a:98:79:5e:fa:da:61:79:3a:4c:d6:2d:59:
b5:5c:26:9c:80:2d:91:6a:18:d5:ee:4d:d6:bb:b9:eb:fe:7d:
37:02:7d:45:ed:da:cb:d6:65:1f:d4:3b:9d:c6:cb:5d:92:60:
23:40:31:3d:33:d9:f4:40:ab:0c:04:b0:93:9c:a9:f3:bd:cc:
10:f5:72:1d:81:e6:02:60:fd:9f:03:ed:e3:54:8b:6f:15:4d:
f9:91:f5:e1:fd:0e:35:6f:33:3d:ac:dc:5b:a2:50:3f:f3:a6:
10:42:da:75:7f:46:2f:1a:31:69:5e:46:19:9f:38:57:c3:b1:
24:9e:86:61:c2:49:65:b7:0e:e8:5b:28:ef:01:43:43:6f:aa:
fb:43:0c:ca:85:84:94:fc:e4:bc:44:b5:00:de:81:6a:ee:78:
d1:e4:a1:e3:5f:3e:c0:2c:99:19:1e:b3:e8:69:77:64:aa:d6:
8c:8d:08:b2:84:ae:d0:c0:06:70:04:6f:0e:d8:d5:e1:99:fd:
dd:3d:c8:5c:8e:50:be:52:1c:78:e1:8e:ef:21:61:b7:f7:2c:
7c:77:d8:c3:42:6c:88:ed:b8:ee:ae:a3:12:17:8b:10:8f:9c:
57:0c:93:67
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCTT/pC7tt3HvhBEL2awX7YNXI5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTMxODAwMDdaFw0yNTExMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkZDEzZWQxYjc0N2ExYmRjNjJkYTU2MTYwZjgxZWYxNjIwNWM5YTYyN2Rh
ZjY5NTdiM2IwYzQwZGQzN2M3YzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKv0UZgQvjH8xNkAJ6Kre47Ibr6pwKwMZ0EvAidy6HKKSDl39WRiLquVLunx
JZfttPQBOmK1ZNUcLAYYTuL2h60d+/474j6UK1ffNivCZCF5Z0FRUc65FBcKytW2
HUMKQrdrfEgISPycKt7+dtWOIpdZ7CNPobjUknCa75yOqZE8qWDBCWvkaGcUBDlp
i9rl9j1d42QcgyMRwZGgjJeE2Ijrl6ydi9L5nI0YwT7Gyunb1ZAUN9nL09CevGIz
CslJQSCIrM06mu7IuUodYkwUZW0pmZdbcaT2z8Nw1IK/s1OzL0SCQKVRmh8G6P5P
/uHYfIyQvXJx+BayCZ67DuWMWEcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQRHL8I
H0MQdZk0Fd+6QmDXGrR/pDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBlMjk4ZTMtOTc1Yi00Y2VhLTk1ODYtOGQwNGEzN2E1M2EyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADldMA0G
CSqGSIb3DQEBCwUAA4IBAQAOYsvjiU59T5TJBYmWGkSbWeExitPEinqYeV762mF5
OkzWLVm1XCacgC2RahjV7k3Wu7nr/n03An1F7drL1mUf1DudxstdkmAjQDE9M9n0
QKsMBLCTnKnzvcwQ9XIdgeYCYP2fA+3jVItvFU35kfXh/Q41bzM9rNxbolA/86YQ
Qtp1f0YvGjFpXkYZnzhXw7EknoZhwklltw7oWyjvAUNDb6r7QwzKhYSU/OS8RLUA
3oFq7njR5KHjXz7ALJkZHrPoaXdkqtaMjQiyhK7QwAZwBG8O2NXhmf3dPchcjlC+
Uhx44Y7vIWG39yx8d9jDQmyI7bjurqMSF4sQj5xXDJNn
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:24 2025 by rpki-client