Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: yvqOYibO1WLKOCBv5R1mP4NiYZp71uuLiunXxFcMu58=
Subject key identifier: 4F:F5:78:74:76:AB:18:FD:DC:6D:1B:6A:AA:8D:63:96:2F:1E:C2:CC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: DD494AA5ACB207E9674D21803D2D767F23218A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Fri 26 Sep 2025 20:10:06 +0000
ROA not before: Fri 26 Sep 2025 20:10:06 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
dd:49:4a:a5:ac:b2:07:e9:67:4d:21:80:3d:2d:76:7f:23:21:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:06 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=ac3910bbd23f57226cfa49b129e6800fad32045e0c0f860ac0a980c35815f4e0, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ee:62:e7:23:a7:f2:03:12:fc:44:54:fd:d9:
0c:ff:c4:e9:31:a2:36:01:a3:33:39:59:69:3d:62:
74:a1:0b:21:c9:82:44:d1:74:17:96:c4:de:99:ba:
0a:3f:a9:76:3a:49:e0:9f:a1:9f:55:58:38:c2:92:
b0:1a:95:dd:40:f8:ad:3a:12:5a:04:4c:da:30:50:
14:a3:28:0a:7e:9c:2d:f9:ea:c6:de:76:73:38:67:
3e:65:b1:77:28:69:a9:2c:b3:c1:b6:f1:c2:a7:16:
3f:17:ea:4e:e8:cf:45:e8:01:03:7b:d7:08:e1:47:
3a:d7:99:9e:04:73:fd:6f:3f:1b:50:d7:5a:48:19:
54:30:14:5c:64:6a:64:e0:48:01:3f:9b:30:92:7e:
bb:52:ff:6f:eb:3d:40:b1:9c:19:64:83:09:d6:2f:
21:c8:3e:a8:71:16:02:0f:71:5b:2f:3c:ef:23:30:
68:0e:c4:5c:75:2f:fa:f5:df:c8:f6:bf:38:46:c0:
52:36:4c:d5:81:b2:76:94:4b:fe:c0:09:8e:b6:42:
2d:c2:3d:48:ce:9b:62:7c:d6:f8:fd:da:68:99:e8:
96:bc:84:91:f3:5a:f8:a4:c1:07:09:82:02:15:1a:
98:0e:af:0c:65:e6:b6:b8:4a:f2:2d:e6:8f:85:bc:
54:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:F5:78:74:76:AB:18:FD:DC:6D:1B:6A:AA:8D:63:96:2F:1E:C2:CC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:97:fb:90:14:a5:e5:7e:f5:61:dc:56:72:9b:44:53:57:36:
3e:67:79:7c:9d:78:f5:ab:94:62:d0:f0:e6:aa:48:24:b9:9c:
dd:66:32:07:50:1e:d3:90:35:a2:23:0b:0f:3e:29:b9:88:fe:
ac:03:43:3c:3a:a3:f9:31:22:56:ef:06:55:c8:21:8b:fc:9d:
4d:7b:6a:31:ee:74:29:cc:ba:aa:6e:42:0a:b9:1f:05:4b:d6:
de:47:87:c5:7b:6c:e4:67:ab:4a:fe:fc:1c:29:18:1e:5b:ab:
a8:ae:9e:57:88:33:6c:a6:ba:b3:e1:64:21:ec:f3:27:e2:d6:
05:e8:d0:37:74:fb:67:76:56:f8:7f:15:14:98:4a:bf:ac:bc:
9d:89:e6:f2:31:1d:b2:60:1d:c4:d6:33:f5:9c:90:62:cd:1d:
b0:e3:6d:49:15:36:18:22:1d:92:37:04:65:3d:eb:74:00:2b:
a5:ce:3f:37:cd:53:9c:9d:e1:4f:7b:fe:72:45:88:0e:10:a5:
17:c6:54:bb:29:55:94:00:14:f9:4e:95:45:c3:06:53:bb:32:
ef:d7:e9:c4:24:38:fb:d3:87:3a:88:b2:eb:b8:51:b4:b9:cc:
91:19:d6:01:7b:d6:b1:3f:85:0e:af:f2:fb:3f:55:0a:ad:3e:
9a:22:1f:af
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAN1JSqWssgfpZ00hgD0tdn8jIYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMDZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMzkxMGJiZDIzZjU3MjI2Y2ZhNDliMTI5ZTY4MDBmYWQzMjA0NWUwYzBm
ODYwYWMwYTk4MGMzNTgxNWY0ZTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/uYucjp/IDEvxEVP3ZDP/E6TGiNgGjMzlZaT1idKELIcmCRNF0F5bE3pm6
Cj+pdjpJ4J+hn1VYOMKSsBqV3UD4rToSWgRM2jBQFKMoCn6cLfnqxt52czhnPmWx
dyhpqSyzwbbxwqcWPxfqTujPRegBA3vXCOFHOteZngRz/W8/G1DXWkgZVDAUXGRq
ZOBIAT+bMJJ+u1L/b+s9QLGcGWSDCdYvIcg+qHEWAg9xWy887yMwaA7EXHUv+vXf
yPa/OEbAUjZM1YGydpRL/sAJjrZCLcI9SM6bYnzW+P3aaJnolryEkfNa+KTBBwmC
AhUamA6vDGXmtrhK8i3mj4W8VCkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRP9Xh0
dqsY/dxtG2qqjWOWLx7CzDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQCjl/uQFKXlfvVh3FZym0RTVzY+Z3l8nXj1q5Ri0PDm
qkgkuZzdZjIHUB7TkDWiIwsPPim5iP6sA0M8OqP5MSJW7wZVyCGL/J1Ne2ox7nQp
zLqqbkIKuR8FS9beR4fFe2zkZ6tK/vwcKRgeW6uorp5XiDNsprqz4WQh7PMn4tYF
6NA3dPtndlb4fxUUmEq/rLydiebyMR2yYB3E1jP1nJBizR2w421JFTYYIh2SNwRl
Pet0ACulzj83zVOcneFPe/5yRYgOEKUXxlS7KVWUABT5TpVFwwZTuzLv1+nEJDj7
04c6iLLruFG0ucyRGdYBe9axP4UOr/L7P1UKrT6aIh+v
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:18 2025 by rpki-client