Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: RdNkw8WBCPiOmSlxnMuv2QslMRONX2AkX432TVgRFzE=
Subject key identifier: F7:79:E4:E2:BB:5E:6E:FE:CA:5C:AB:EC:81:65:87:13:6A:C9:36:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 50CC6E9FAF0789E3B183D26F46A4A418F58739F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Fri 26 Sep 2025 20:10:17 +0000
ROA not before: Fri 26 Sep 2025 20:10:17 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:cc:6e:9f:af:07:89:e3:b1:83:d2:6f:46:a4:a4:18:f5:87:39:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:17 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=0e0c06596ba8c1ad2b33bb45eeb3658a6b84cc70e587be7b5ce436fe4aceb353, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a9:5c:1a:0e:44:12:03:c7:02:4d:ae:28:1e:
7c:aa:2f:ea:7c:cd:f1:fe:e9:b9:69:33:33:37:41:
02:15:d4:06:0a:59:0e:3d:54:7d:b6:ab:b2:59:a5:
0b:94:68:ac:29:f2:26:6d:d7:e0:0b:91:2f:46:97:
53:80:40:55:7d:c0:43:ea:9b:80:15:66:9f:ab:c4:
10:d2:9e:28:65:bf:ec:e9:0c:94:b9:bc:3b:68:1f:
0a:9a:0e:44:80:0b:14:5e:51:8e:3b:af:e3:d5:80:
21:35:3c:59:c6:48:65:00:ab:ca:9d:0f:c1:3a:29:
1a:91:b9:73:75:f2:30:5e:b4:1a:49:6b:21:82:20:
a1:52:4d:f8:09:b5:b8:a7:94:b6:63:3c:c0:37:6e:
97:04:7c:62:9e:92:8f:a5:66:e5:27:22:48:64:6a:
92:bf:99:5a:08:54:17:2d:01:84:22:ce:21:bb:29:
c9:70:49:1e:40:87:e9:e8:5d:86:c3:ff:a4:1b:68:
4e:5e:62:8d:be:40:9a:c3:28:e2:de:b1:07:40:ee:
58:e2:54:3e:80:16:cb:56:a9:ed:45:0a:95:c9:53:
00:b9:c4:67:77:ff:43:44:26:f8:d9:63:fc:a8:cb:
b8:59:94:47:4f:86:a0:0c:ae:eb:5a:19:0b:0e:b2:
81:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:79:E4:E2:BB:5E:6E:FE:CA:5C:AB:EC:81:65:87:13:6A:C9:36:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:ff:af:28:cc:bf:f5:20:fb:74:b5:9e:54:d0:9e:f6:ae:d8:
7e:9a:da:4e:5c:b8:91:58:e5:c7:65:e1:70:b2:88:61:0b:58:
bb:e0:71:ce:6a:41:ed:88:f6:93:af:54:f5:04:bf:b0:66:fe:
05:46:4e:93:ce:c8:38:0c:b7:fc:0f:f0:69:21:b5:f2:01:b3:
98:48:3a:46:3e:dd:64:24:cd:3f:21:f7:30:6d:f7:f3:05:f9:
c8:8a:6a:43:0a:cf:95:ac:40:f7:36:90:32:b7:a1:d6:a8:2f:
5c:cd:e0:68:ca:1e:03:51:18:12:ad:a4:54:84:5a:2e:96:7a:
92:94:db:8e:e1:6f:20:23:46:71:24:a4:44:c2:41:8b:9b:d4:
dc:17:25:9b:0f:27:2b:47:4e:4c:f6:d0:c5:68:a6:83:43:ee:
c2:2d:e9:d3:23:df:14:ca:78:21:65:06:c0:05:3c:9f:a9:4c:
7a:58:ea:19:14:b9:44:7c:f6:86:bb:18:62:3c:48:85:da:70:
6a:a7:6e:41:36:cf:5b:2f:82:31:ed:2c:17:da:3b:27:18:ca:
c0:21:58:0f:54:f1:4c:d2:7d:d9:a2:7d:7d:5e:00:b9:a8:9c:
6e:f4:2b:97:10:fc:86:42:af:62:c6:18:93:48:5e:e9:17:2a:
99:ec:95:75
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUMxun68HieOxg9JvRqSkGPWHOfkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMTdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMGMwNjU5NmJhOGMxYWQyYjMzYmI0NWVlYjM2NThhNmI4NGNjNzBlNTg3
YmU3YjVjZTQzNmZlNGFjZWIzNTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN+pXBoORBIDxwJNrigefKov6nzN8f7puWkzMzdBAhXUBgpZDj1Ufbarslml
C5RorCnyJm3X4AuRL0aXU4BAVX3AQ+qbgBVmn6vEENKeKGW/7OkMlLm8O2gfCpoO
RIALFF5Rjjuv49WAITU8WcZIZQCryp0PwTopGpG5c3XyMF60GklrIYIgoVJN+Am1
uKeUtmM8wDdulwR8Yp6Sj6Vm5SciSGRqkr+ZWghUFy0BhCLOIbspyXBJHkCH6ehd
hsP/pBtoTl5ijb5AmsMo4t6xB0DuWOJUPoAWy1ap7UUKlclTALnEZ3f/Q0Qm+Nlj
/KjLuFmUR0+GoAyu61oZCw6ygSUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3eeTi
u15u/spcq+yBZYcTask2hDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAtf+vKMy/9SD7dLWeVNCe9q7YfpraTly4kVjlx2Xh
cLKIYQtYu+BxzmpB7Yj2k69U9QS/sGb+BUZOk87IOAy3/A/waSG18gGzmEg6Rj7d
ZCTNPyH3MG338wX5yIpqQwrPlaxA9zaQMreh1qgvXM3gaMoeA1EYEq2kVIRaLpZ6
kpTbjuFvICNGcSSkRMJBi5vU3Bclmw8nK0dOTPbQxWimg0Puwi3p0yPfFMp4IWUG
wAU8n6lMeljqGRS5RHz2hrsYYjxIhdpwaqduQTbPWy+CMe0sF9o7JxjKwCFYD1Tx
TNJ92aJ9fV4AuaicbvQrlxD8hkKvYsYYk0he6RcqmeyVdQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:37:55 2025 by rpki-client