Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: VZqysr9Fx0087H1uAAn37oiGSzvr2bNNBuGmQK+O0nQ=
Subject key identifier: 9B:14:C5:5A:4C:C9:5F:38:A4:71:99:FB:28:D4:38:B4:29:8B:2F:2E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E9F3354388BCB3EB2BA9846E00BBB04FD057FBA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Fri 26 Sep 2025 20:10:15 +0000
ROA not before: Fri 26 Sep 2025 20:10:15 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:9f:33:54:38:8b:cb:3e:b2:ba:98:46:e0:0b:bb:04:fd:05:7f:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:15 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=44310f25812e6d6c91f05eba6928c7ec64ea951052564f4a7c82df34e2b4d81a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c2:0b:ef:93:e8:03:f4:50:fb:d0:b8:85:bb:
65:b0:17:6b:7f:1b:5f:79:71:39:44:d2:fc:2f:61:
bf:fd:e1:9c:0b:42:71:62:41:11:f9:f8:19:ee:05:
cf:06:fd:40:b5:9e:7e:05:c9:bb:86:c3:ab:48:61:
26:13:1e:c1:3f:c4:04:b7:f8:01:e3:96:58:8c:b7:
58:df:e3:60:4a:4c:86:03:2b:b4:39:14:3f:60:ac:
66:e8:5a:fa:04:e2:ce:d8:9a:33:ec:79:9d:ff:f3:
b4:59:26:79:d4:93:64:54:78:b3:df:de:cb:df:9a:
22:25:53:32:9f:a4:ce:69:36:4a:c0:c1:4a:88:1d:
fd:6d:1b:8a:8c:4a:5c:b4:e6:74:47:75:d0:8a:2f:
19:cc:8d:b2:60:d2:bf:9d:bd:54:d2:5f:e9:a1:04:
f1:16:2b:5a:87:46:f8:b0:42:06:48:73:04:49:cb:
55:00:db:c9:22:34:37:21:30:79:e7:bc:3c:65:ec:
0c:07:97:e3:8a:5d:57:4c:b7:ca:08:62:d0:4d:0e:
d3:4a:19:1f:30:61:28:2a:1c:18:59:ab:0a:f8:a6:
bf:74:34:70:09:2f:09:dc:f2:9c:78:a2:f2:73:95:
bc:1c:04:50:03:06:0b:a8:79:b7:21:b8:4b:5f:79:
8c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:14:C5:5A:4C:C9:5F:38:A4:71:99:FB:28:D4:38:B4:29:8B:2F:2E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:ee:96:f1:45:bc:54:65:b4:d1:06:46:d0:f9:b8:fd:18:7d:
47:96:57:83:f4:9e:b9:f9:0a:bb:85:25:d3:e7:ce:a6:e6:3f:
75:0c:ff:8c:97:e1:f7:af:06:83:20:95:ff:b2:f3:2d:08:67:
65:41:da:9b:86:a8:95:16:c2:65:35:00:b8:7b:13:b3:45:c6:
0b:b9:df:15:0e:70:4e:a8:9d:4a:85:49:b8:46:0a:4a:09:60:
8e:40:ea:fc:92:b5:af:0f:eb:a7:95:ff:12:60:f8:14:4b:f9:
7c:b8:db:fb:f0:ee:c2:15:c0:bb:99:a7:7d:a6:94:55:be:e3:
a5:16:48:61:41:bb:05:3b:a9:1f:90:72:b3:23:78:1f:8c:01:
d6:92:49:59:76:84:3a:1f:1c:c2:af:39:4b:59:42:3c:8f:6c:
1d:f9:8f:e7:ff:8e:66:e1:e3:7c:7b:eb:0a:76:73:99:1a:e5:
8f:e5:48:7a:74:f2:ba:f9:08:d5:02:80:cd:48:02:44:b6:9c:
11:62:4b:9e:84:23:4e:2b:a6:f3:7a:af:b2:aa:ec:39:e7:b4:
c0:af:34:6f:8d:43:79:82:1c:9c:ae:0e:ab:89:bf:a1:d3:d9:
cd:b6:df:07:77:c8:0d:91:26:3e:b6:a9:29:ab:7f:7d:56:ee:
04:92:23:1c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbp8zVDiLyz6yuphG4Au7BP0Ff7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMTVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ0MzEwZjI1ODEyZTZkNmM5MWYwNWViYTY5MjhjN2VjNjRlYTk1MTA1MjU2
NGY0YTdjODJkZjM0ZTJiNGQ4MWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3CC++T6AP0UPvQuIW7ZbAXa38bX3lxOUTS/C9hv/3hnAtCcWJBEfn4Ge4F
zwb9QLWefgXJu4bDq0hhJhMewT/EBLf4AeOWWIy3WN/jYEpMhgMrtDkUP2CsZuha
+gTiztiaM+x5nf/ztFkmedSTZFR4s9/ey9+aIiVTMp+kzmk2SsDBSogd/W0bioxK
XLTmdEd10IovGcyNsmDSv529VNJf6aEE8RYrWodG+LBCBkhzBEnLVQDbySI0NyEw
eee8PGXsDAeX44pdV0y3yghi0E0O00oZHzBhKCocGFmrCvimv3Q0cAkvCdzynHii
8nOVvBwEUAMGC6h5tyG4S195jGkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSbFMVa
TMlfOKRxmfso1Di0KYsvLjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAqu6W8UW8VGW00QZG0Pm4/Rh9R5ZXg/SeufkKu4Ul
0+fOpuY/dQz/jJfh968GgyCV/7LzLQhnZUHam4aolRbCZTUAuHsTs0XGC7nfFQ5w
TqidSoVJuEYKSglgjkDq/JK1rw/rp5X/EmD4FEv5fLjb+/DuwhXAu5mnfaaUVb7j
pRZIYUG7BTupH5BysyN4H4wB1pJJWXaEOh8cwq85S1lCPI9sHfmP5/+OZuHjfHvr
CnZzmRrlj+VIenTyuvkI1QKAzUgCRLacEWJLnoQjTium83qvsqrsOee0wK80b41D
eYIcnK4Oq4m/odPZzbbfB3fIDZEmPrapKat/fVbuBJIjHA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:37:57 2025 by rpki-client