Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
File: c0cc077c-c457-49fe-8373-08e978cb64fd.roa (raw, json)
Hash identifier: cSvKpvDTdiZHmyDq/2dPZZM7Fxnbco9jHwO8YZH52LY=
Subject key identifier: 82:5C:2D:29:AE:4C:5A:BA:43:DB:2D:04:F9:91:EE:9D:7C:49:F9:36
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 73FCD1B5CD0E10B446CE9D50A7DD798C6C07B8C9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
Signing time: Fri 26 Sep 2025 20:21:05 +0000
ROA not before: Fri 26 Sep 2025 20:21:05 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.254.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:fc:d1:b5:cd:0e:10:b4:46:ce:9d:50:a7:dd:79:8c:6c:07:b8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:05 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=73524a97d23d4b3d93cd9a8f6f4ad048847279f144f5784434a66f50df1b66f5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:2c:42:dd:d2:dc:cd:9f:7a:fe:b5:96:d4:4f:
fa:23:53:d3:22:97:4a:22:1f:53:8e:eb:c4:39:d2:
b6:30:c0:08:6a:ac:be:e9:79:06:09:eb:f5:3b:76:
94:0b:94:aa:58:36:36:43:ed:5c:c1:ba:1f:c6:70:
0e:e3:a8:b5:f0:8f:a0:12:6b:cc:df:8f:19:e8:74:
d3:be:c7:01:e4:e5:f5:c3:22:2d:16:22:2e:b9:e6:
51:5b:f8:44:21:96:d0:db:4a:d6:9f:68:75:3c:aa:
0d:95:77:b4:ca:25:48:82:94:ae:27:2f:1b:57:6c:
42:f1:5d:d8:f1:d9:ff:78:ec:e2:86:fb:ba:81:c6:
54:79:cd:d2:5c:93:55:4b:80:d4:50:5e:01:74:89:
05:b4:56:de:b2:6d:4e:25:28:a5:e9:ff:bc:1f:6f:
6c:15:a7:1b:cf:bc:c9:6f:6c:8e:2b:94:fc:ba:75:
f0:47:a6:5e:9b:7c:5e:f2:dd:03:ad:2a:28:06:00:
cd:3d:31:8b:da:d2:0d:97:18:28:07:fc:3a:af:b2:
39:43:50:ba:57:64:06:ad:55:ce:4b:09:5a:8f:29:
18:c3:46:41:f5:c0:12:fa:2d:bf:96:06:da:e6:54:
b3:45:ae:1d:ee:6b:15:f5:5b:ed:fc:40:1d:a8:b3:
f9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5C:2D:29:AE:4C:5A:BA:43:DB:2D:04:F9:91:EE:9D:7C:49:F9:36
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c0cc077c-c457-49fe-8373-08e978cb64fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.254.0.0/17
Signature Algorithm: sha256WithRSAEncryption
99:49:08:67:4b:40:63:6d:61:01:ff:89:23:ea:bd:3a:aa:a6:
ee:78:b2:c3:91:be:7a:58:e8:60:7e:5f:5b:f0:21:ac:4a:fc:
83:96:ec:9a:92:5e:95:54:c3:eb:04:92:22:b1:fe:fe:67:b1:
47:9c:e5:ef:33:3c:c9:35:eb:1f:86:13:05:c7:9a:3c:1d:49:
20:4b:53:56:19:11:a1:4e:a8:87:22:8c:64:04:de:2b:b0:ee:
82:28:67:57:ad:cc:e0:17:00:b9:1c:c1:37:31:5d:e1:52:ab:
19:10:f9:b6:f6:e1:0a:5e:22:bd:12:aa:09:ea:9a:99:97:80:
02:03:b8:11:27:30:27:b2:c0:e3:9e:70:bc:fb:3e:74:b6:1e:
63:f1:28:cb:34:57:8f:d0:d5:12:68:27:e0:9d:6e:47:b0:96:
7d:9b:23:dc:24:1b:07:3c:3c:ff:b0:93:f0:dc:9f:35:43:95:
2f:74:b5:a8:84:27:eb:7b:8f:54:7a:2a:eb:b9:60:85:44:7f:
d4:1b:b6:5e:50:3d:10:c4:fb:59:d4:f9:0c:fb:52:84:9d:14:
5f:4a:79:45:08:16:a4:40:36:44:a2:c4:35:e7:16:36:ff:37:
13:6b:80:a0:41:29:de:f4:3d:0d:6a:7c:de:31:d6:b5:d4:d9:
4c:13:3b:e1
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUc/zRtc0OELRGzp1Qp915jGwHuMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMDVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDczNTI0YTk3ZDIzZDRiM2Q5M2NkOWE4ZjZmNGFkMDQ4ODQ3Mjc5ZjE0NGY1
Nzg0NDM0YTY2ZjUwZGYxYjY2ZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANIsQt3S3M2fev61ltRP+iNT0yKXSiIfU47rxDnStjDACGqsvul5Bgnr9Tt2
lAuUqlg2NkPtXMG6H8ZwDuOotfCPoBJrzN+PGeh0077HAeTl9cMiLRYiLrnmUVv4
RCGW0NtK1p9odTyqDZV3tMolSIKUricvG1dsQvFd2PHZ/3js4ob7uoHGVHnN0lyT
VUuA1FBeAXSJBbRW3rJtTiUopen/vB9vbBWnG8+8yW9sjiuU/Lp18EemXpt8XvLd
A60qKAYAzT0xi9rSDZcYKAf8Oq+yOUNQuldkBq1VzksJWo8pGMNGQfXAEvotv5YG
2uZUs0WuHe5rFfVb7fxAHaiz+aMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSCXC0p
rkxaukPbLQT5ke6dfEn5NjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzBjYzA3N2MtYzQ1Ny00OWZlLTgzNzMtMDhlOTc4Y2I2NGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8P+ADAN
BgkqhkiG9w0BAQsFAAOCAQEAmUkIZ0tAY21hAf+JI+q9Oqqm7niyw5G+eljoYH5f
W/AhrEr8g5bsmpJelVTD6wSSIrH+/mexR5zl7zM8yTXrH4YTBceaPB1JIEtTVhkR
oU6ohyKMZATeK7DugihnV63M4BcAuRzBNzFd4VKrGRD5tvbhCl4ivRKqCeqamZeA
AgO4EScwJ7LA455wvPs+dLYeY/EoyzRXj9DVEmgn4J1uR7CWfZsj3CQbBzw8/7CT
8NyfNUOVL3S1qIQn63uPVHoq67lghUR/1Bu2XlA9EMT7WdT5DPtShJ0UX0p5RQgW
pEA2RKLENecWNv83E2uAoEEp3vQ9DWp83jHWtdTZTBM74Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:00:20 2025 by rpki-client