Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: rBL11J7a5abZ5GZEZJ/l9mZp2kDGWewG4nSbdBn5D5U=
Subject key identifier: AE:32:1F:C8:12:1B:78:CE:F7:0D:E1:68:66:8F:39:EB:12:9C:9D:FF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7D459879DF47632DF803CEA5FF2ED4FAEE8BE4DB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Fri 26 Sep 2025 20:20:59 +0000
ROA not before: Fri 26 Sep 2025 20:20:59 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:45:98:79:df:47:63:2d:f8:03:ce:a5:ff:2e:d4:fa:ee:8b:e4:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:20:59 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a3e8cade7c5ee97bf95f0d3c1608908245cfe401eed6cf0cf9f67d14950fdeb3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c2:ef:41:7d:c0:7e:d2:67:d8:28:5b:d7:45:
45:bf:cc:4c:ca:ff:08:b7:81:e3:99:f7:f1:cc:45:
97:b8:16:23:3b:85:b9:7b:06:9d:c5:0f:d3:5a:96:
31:38:05:b3:cf:ca:3c:ad:3c:ff:27:16:9f:26:80:
86:2d:95:7e:6d:b2:4f:38:d0:3c:b0:20:b0:35:9e:
89:1e:ab:3d:6e:cc:04:05:08:08:5b:2a:06:29:82:
a1:0a:64:4e:28:14:d8:51:29:d3:cf:cb:d6:d4:80:
54:70:49:84:8a:e4:98:d5:74:92:4d:9b:be:9d:b4:
dc:ed:80:b8:61:9d:93:73:00:5d:92:b3:81:96:47:
a4:f3:ee:ea:06:a1:ae:14:9b:83:2c:86:79:bd:5b:
09:71:40:c2:c4:ac:6d:2c:c4:19:34:c0:a1:00:fc:
28:a1:3b:b5:61:5c:db:ab:a7:d9:2b:0a:a9:a4:9d:
1e:1f:85:06:f4:3f:92:50:0a:46:4e:94:19:d3:ca:
57:b4:34:b3:bd:d8:05:40:a7:dc:3a:3d:2b:cd:73:
4c:9b:49:36:a5:40:70:55:20:e9:43:94:20:51:de:
ec:d3:19:9f:f2:da:2f:1c:2c:d4:7b:2d:76:0a:58:
05:1c:e3:f2:93:6c:fe:f7:2c:50:3a:ab:21:9f:c4:
ae:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:32:1F:C8:12:1B:78:CE:F7:0D:E1:68:66:8F:39:EB:12:9C:9D:FF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
59:82:7d:9c:fc:f3:a9:d8:2f:81:cf:8b:a1:47:a9:d9:2b:d8:
9f:88:ce:e3:ed:f3:3d:d9:69:63:73:1f:73:c3:dd:88:35:a1:
1f:9d:08:df:1c:58:bb:57:32:aa:9a:05:6d:c0:be:ae:c4:08:
20:14:8e:bb:70:64:19:67:6f:5d:37:70:8b:80:87:d9:4f:98:
93:e0:4b:30:ef:b0:59:f5:f4:09:ed:62:f1:ea:5e:bd:42:f7:
e6:be:9d:c6:2f:9c:02:68:ac:df:c1:a6:6a:43:66:34:0d:09:
32:14:89:11:96:47:6d:a5:10:9d:c5:82:b5:b5:2f:94:86:35:
ef:18:cb:31:e9:18:1a:60:94:51:19:e5:61:92:8f:0a:f3:9d:
b4:c6:81:fd:82:3e:a3:b5:ec:dc:1c:8b:03:37:d8:5e:a5:76:
12:46:bc:15:22:f1:97:11:8e:2d:b9:e0:a5:c9:08:6b:92:11:
59:0a:0b:05:72:44:65:ac:84:9c:5c:50:6b:2b:f1:4b:e5:06:
5b:53:aa:75:48:8a:77:33:d3:28:6b:0c:da:6c:ec:21:00:36:
0b:ec:27:e5:a8:83:08:cc:50:53:e5:55:b1:83:21:92:75:62:
25:1f:db:5c:b8:73:72:7a:07:9d:24:17:59:23:ef:1a:54:03:
4c:3c:8c:37
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfUWYed9HYy34A86l/y7U+u6L5NswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIwNTlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZThjYWRlN2M1ZWU5N2JmOTVmMGQzYzE2MDg5MDgyNDVjZmU0MDFlZWQ2
Y2YwY2Y5ZjY3ZDE0OTUwZmRlYjMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDC70F9wH7SZ9goW9dFRb/MTMr/CLeB45n38cxFl7gWIzuFuXsGncUP01qW
MTgFs8/KPK08/ycWnyaAhi2Vfm2yTzjQPLAgsDWeiR6rPW7MBAUICFsqBimCoQpk
TigU2FEp08/L1tSAVHBJhIrkmNV0kk2bvp203O2AuGGdk3MAXZKzgZZHpPPu6gah
rhSbgyyGeb1bCXFAwsSsbSzEGTTAoQD8KKE7tWFc26un2SsKqaSdHh+FBvQ/klAK
Rk6UGdPKV7Q0s73YBUCn3Do9K81zTJtJNqVAcFUg6UOUIFHe7NMZn/LaLxws1Hst
dgpYBRzj8pNs/vcsUDqrIZ/ErrMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSuMh/I
Eht4zvcN4WhmjznrEpyd/zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQBZgn2c/POp2C+Bz4uhR6nZK9ifiM7j7fM92Wljcx9z
w92INaEfnQjfHFi7VzKqmgVtwL6uxAggFI67cGQZZ29dN3CLgIfZT5iT4Esw77BZ
9fQJ7WLx6l69Qvfmvp3GL5wCaKzfwaZqQ2Y0DQkyFIkRlkdtpRCdxYK1tS+UhjXv
GMsx6RgaYJRRGeVhko8K8520xoH9gj6jtezcHIsDN9hepXYSRrwVIvGXEY4tueCl
yQhrkhFZCgsFckRlrIScXFBrK/FL5QZbU6p1SIp3M9MoawzabOwhADYL7CflqIMI
zFBT5VWxgyGSdWIlH9tcuHNyegedJBdZI+8aVANMPIw3
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:36 2025 by rpki-client