Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: 8WXsh4zeJBDp3PCBzN6n0iUL0K1EurLGy7vYX5b0dFc=
Subject key identifier: 4A:55:23:D3:F5:3B:6F:5A:3F:38:0D:82:E9:8A:6F:78:9D:41:60:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29E7A95C38E63C11C5AB20D35236BEC6A87335FB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Mon 06 Oct 2025 18:10:32 +0000
ROA not before: Mon 06 Oct 2025 18:10:32 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:e7:a9:5c:38:e6:3c:11:c5:ab:20:d3:52:36:be:c6:a8:73:35:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:32 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=af89cd54583db30c6f10a9623e7880aa8ee46deedd3ef4e16eab9c63615ae95b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:55:95:32:ca:52:61:b4:ef:ed:67:ad:f8:b3:
53:76:7c:96:44:8e:53:bf:b1:0b:8f:9d:d9:8f:c8:
16:a5:5c:38:a7:0f:71:3c:5d:83:1b:17:dc:ec:bc:
ab:73:55:f9:56:f4:31:2e:f1:48:61:74:19:2a:f2:
7a:6a:a4:b7:64:66:04:41:75:26:e7:dd:f3:a1:0a:
51:71:ca:79:bf:e3:b9:fd:a5:64:1c:29:ce:e8:8e:
b7:50:de:15:7f:f2:65:ee:f8:5d:a4:da:2b:2a:b5:
47:36:10:8f:36:80:29:2c:64:f2:18:7b:01:93:a3:
10:67:85:7b:13:bf:3a:83:be:08:7b:76:f1:92:79:
db:9b:d5:3f:b4:7d:13:c9:14:01:23:b2:38:6e:b9:
e1:63:c0:68:cb:d8:21:ed:f0:31:67:84:67:f1:be:
4c:d0:12:8f:8d:d6:eb:89:13:6d:da:b7:96:7b:52:
30:5a:b0:42:79:ec:74:69:f7:d4:16:d5:91:25:5c:
80:76:a9:20:ca:9b:c9:37:61:ec:6d:eb:54:ab:b5:
90:b9:be:c2:ad:a7:0d:dd:a6:e7:7a:6b:87:99:44:
61:ec:ea:1a:67:fa:29:42:29:46:50:b2:84:49:8e:
d5:37:2f:2e:b2:f7:81:1f:d4:a5:ba:f8:aa:16:57:
3d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:55:23:D3:F5:3B:6F:5A:3F:38:0D:82:E9:8A:6F:78:9D:41:60:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
a7:af:1d:9d:32:02:0b:9c:a5:cd:95:25:aa:45:9d:9c:c9:7a:
93:e4:85:e6:0a:19:8b:ce:6d:ef:ea:52:23:b6:ae:fc:da:97:
63:57:ad:45:6d:66:1f:86:72:4e:0d:7a:77:0b:71:83:80:e6:
5d:8c:6d:5c:3b:f3:fb:70:3d:58:2b:20:34:0c:ab:f5:48:aa:
81:00:b7:92:fa:08:37:63:a1:42:43:4d:57:17:fa:0b:4b:60:
e6:4b:f6:e7:76:e9:f4:02:66:13:06:d3:c9:c3:2d:2f:8e:61:
4a:73:19:a6:2f:25:54:6b:ba:ef:1a:82:5c:91:bd:2c:5f:e1:
2e:6d:14:52:6d:52:77:d9:a8:c3:60:50:fb:e3:f4:dd:dc:18:
23:4c:8a:a9:d5:a3:2e:35:88:4e:54:39:43:cf:83:63:c0:e1:
53:57:bf:99:87:0a:53:84:28:50:ad:7d:c2:2c:da:23:e4:3e:
e3:d4:b8:fa:59:20:a2:14:45:ef:78:bb:89:fe:97:f4:68:a6:
db:5e:e2:e6:55:f2:a2:52:47:3e:d6:e9:6a:f7:0a:e9:76:2e:
f4:a7:38:bb:2c:c0:0d:7c:d5:5d:a3:45:1f:ce:27:f1:66:0c:
59:9d:ce:9f:dd:86:79:7f:c1:83:4e:91:2c:ca:7d:7d:30:70:
c2:11:50:f9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKeepXDjmPBHFqyDTUja+xqhzNfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmODljZDU0NTgzZGIzMGM2ZjEwYTk2MjNlNzg4MGFhOGVlNDZkZWVkZDNl
ZjRlMTZlYWI5YzYzNjE1YWU5NWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALhVlTLKUmG07+1nrfizU3Z8lkSOU7+xC4+d2Y/IFqVcOKcPcTxdgxsX3Oy8
q3NV+Vb0MS7xSGF0GSryemqkt2RmBEF1Jufd86EKUXHKeb/juf2lZBwpzuiOt1De
FX/yZe74XaTaKyq1RzYQjzaAKSxk8hh7AZOjEGeFexO/OoO+CHt28ZJ525vVP7R9
E8kUASOyOG654WPAaMvYIe3wMWeEZ/G+TNASj43W64kTbdq3lntSMFqwQnnsdGn3
1BbVkSVcgHapIMqbyTdh7G3rVKu1kLm+wq2nDd2m53prh5lEYezqGmf6KUIpRlCy
hEmO1TcvLrL3gR/Upbr4qhZXPekCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKVSPT
9TtvWj84DYLpim94nUFgHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEAp68dnTICC5ylzZUlqkWdnMl6k+SF5goZi85t
7+pSI7au/NqXY1etRW1mH4ZyTg16dwtxg4DmXYxtXDvz+3A9WCsgNAyr9UiqgQC3
kvoIN2OhQkNNVxf6C0tg5kv253bp9AJmEwbTycMtL45hSnMZpi8lVGu67xqCXJG9
LF/hLm0UUm1Sd9mow2BQ++P03dwYI0yKqdWjLjWITlQ5Q8+DY8DhU1e/mYcKU4Qo
UK19wizaI+Q+49S4+lkgohRF73i7if6X9Gim217i5lXyolJHPtbpavcK6XYu9Kc4
uyzADXzVXaNFH84n8WYMWZ3On92GeX/Bg06RLMp9fTBwwhFQ+Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:24 2025 by rpki-client