Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
File: bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa (raw, json)
Hash identifier: lwy52LjWBWVm89AeKiLmgCffdZ1T3gAbGB3u/kGjSYs=
Subject key identifier: 2C:58:D9:4A:78:48:6C:70:78:E7:FE:B8:5F:60:EB:BB:70:06:5B:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0883C9A28E5CA8E0B3FE61A14803E24B8D353A80
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
Signing time: Fri 26 Sep 2025 20:10:09 +0000
ROA not before: Fri 26 Sep 2025 20:10:09 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 152.134.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:83:c9:a2:8e:5c:a8:e0:b3:fe:61:a1:48:03:e2:4b:8d:35:3a:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:09 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=1371326bcb8129e64bba9432ccfd3823c6158bf5f8f631ff3050c2ae02128875, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:e2:58:a8:d9:f5:46:e2:55:a6:25:42:05:
f0:5c:74:7c:e6:6e:b5:94:f8:98:7e:62:50:dc:b7:
14:57:45:12:ec:86:91:3c:0d:61:55:5b:a5:3a:fe:
82:41:35:78:17:5e:da:bf:8b:11:48:bc:89:af:53:
23:7d:49:d1:0f:88:14:0a:93:5d:ac:93:37:ae:4d:
7c:6b:e1:24:09:27:49:8e:2f:61:e9:f1:5b:db:c3:
46:11:74:d9:0c:96:6d:2d:96:24:d3:66:cb:e6:bf:
d9:f0:0a:90:9e:4d:04:6b:b6:82:16:62:df:db:2e:
4b:a3:4e:41:ee:b8:5f:62:31:f4:63:4d:4c:09:c9:
15:22:7f:43:56:9e:60:27:d6:26:f9:e1:aa:7a:db:
ec:82:b7:11:58:98:23:df:c7:f2:8e:ef:24:6a:ba:
94:b7:8c:6c:d4:38:d6:7e:36:bc:30:8f:a8:f8:84:
c8:24:d0:4a:0d:83:27:3e:f4:96:34:c2:cd:ec:b2:
34:b0:08:02:63:5f:49:85:77:95:8f:bc:61:2c:aa:
ca:39:58:dd:ed:e3:89:22:44:97:3d:57:21:9e:72:
a0:f1:64:58:dd:3a:a7:3a:56:2e:32:16:59:88:e7:
32:6b:ee:33:9d:d7:c5:ac:1f:37:d1:8e:77:1d:60:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:58:D9:4A:78:48:6C:70:78:E7:FE:B8:5F:60:EB:BB:70:06:5B:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bedc2172-50df-4ea7-8c38-eba2cdf2d5db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
89:44:68:29:f0:c3:a9:a3:f4:a2:02:13:5a:41:51:5c:79:f9:
3f:f4:1a:7a:ba:07:61:57:93:ba:6f:81:d8:86:ef:8c:40:f9:
b2:0b:84:98:90:d3:0a:ed:71:b7:b7:09:54:50:33:1c:ee:0d:
96:2b:9d:89:3d:f9:55:ce:7b:92:5c:3d:8c:74:36:6c:86:53:
91:68:82:2d:53:f7:e3:4b:e5:3d:a9:09:5c:02:e0:87:9a:64:
35:d4:9e:91:dc:08:3f:8f:54:68:86:4b:93:48:7c:a7:b8:82:
a0:96:c8:25:33:94:7b:89:a9:b6:3a:e5:98:ed:70:b9:76:89:
98:07:23:5e:59:7d:4f:c2:b9:bf:23:c4:41:b8:60:99:6b:15:
20:a0:b3:e6:62:a7:1f:d1:4b:90:38:e2:a9:1d:34:82:50:4e:
a7:d2:bc:fd:63:d2:eb:57:5f:ce:20:28:37:5b:82:c3:b4:f6:
58:39:1a:a4:a2:c1:cb:65:9f:51:70:e7:23:75:98:cd:42:6e:
89:9d:0e:db:3b:f5:e8:0c:f1:4a:69:51:d9:bc:e2:9f:bd:d8:
84:27:fb:38:aa:87:0c:5e:75:64:bc:5c:68:1b:a6:fe:a4:04:
ee:56:7c:f3:4c:fc:b5:d7:65:81:a1:4a:93:01:2b:94:f7:86:
a9:0d:9e:d4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCIPJoo5cqOCz/mGhSAPiS401OoAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMDlaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzNzEzMjZiY2I4MTI5ZTY0YmJhOTQzMmNjZmQzODIzYzYxNThiZjVmOGY2
MzFmZjMwNTBjMmFlMDIxMjg4NzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKN94lio2fVG4lWmJUIF8Fx0fOZutZT4mH5iUNy3FFdFEuyGkTwNYVVbpTr+
gkE1eBde2r+LEUi8ia9TI31J0Q+IFAqTXayTN65NfGvhJAknSY4vYenxW9vDRhF0
2QyWbS2WJNNmy+a/2fAKkJ5NBGu2ghZi39suS6NOQe64X2Ix9GNNTAnJFSJ/Q1ae
YCfWJvnhqnrb7IK3EViYI9/H8o7vJGq6lLeMbNQ41n42vDCPqPiEyCTQSg2DJz70
ljTCzeyyNLAIAmNfSYV3lY+8YSyqyjlY3e3jiSJElz1XIZ5yoPFkWN06pzpWLjIW
WYjnMmvuM53XxawfN9GOdx1gcc8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQsWNlK
eEhscHjn/rhfYOu7cAZbyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVkYzIxNzItNTBkZi00ZWE3LThjMzgtZWJhMmNkZjJkNWRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJiGMA0G
CSqGSIb3DQEBCwUAA4IBAQCJRGgp8MOpo/SiAhNaQVFcefk/9Bp6ugdhV5O6b4HY
hu+MQPmyC4SYkNMK7XG3twlUUDMc7g2WK52JPflVznuSXD2MdDZshlORaIItU/fj
S+U9qQlcAuCHmmQ11J6R3Ag/j1RohkuTSHynuIKglsglM5R7iam2OuWY7XC5domY
ByNeWX1Pwrm/I8RBuGCZaxUgoLPmYqcf0UuQOOKpHTSCUE6n0rz9Y9LrV1/OICg3
W4LDtPZYORqkosHLZZ9RcOcjdZjNQm6JnQ7bO/XoDPFKaVHZvOKfvdiEJ/s4qocM
XnVkvFxoG6b+pATuVnzzTPy112WBoUqTASuU94apDZ7U
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:07 2025 by rpki-client