Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
File: dbc88f4b-781b-45e4-8402-e6b216deacc3.roa (raw, json)
Hash identifier: s0eTngSOorJkNnngwtGvexi6zTST1hvhqYmfjqWa0f8=
Subject key identifier: 75:72:86:3B:8A:0B:D2:18:42:B1:18:CE:93:1F:08:B9:92:45:4B:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3D28E8594AA1A6ADAF6DC482C87A984E8A0128A9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
Signing time: Fri 26 Sep 2025 20:10:07 +0000
ROA not before: Fri 26 Sep 2025 20:10:07 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 151.176.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:28:e8:59:4a:a1:a6:ad:af:6d:c4:82:c8:7a:98:4e:8a:01:28:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:07 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=601610b47c2ae953d5ab680530e96fb1f536bbafb1715d4a2ebb84634387b532, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:fd:46:b2:d8:48:57:b6:d5:9b:bb:a1:60:43:
a1:21:10:2d:4e:6c:71:36:b1:bf:7f:5a:91:ea:2b:
1f:82:e0:ea:b4:71:fc:be:fc:a4:72:34:17:1c:65:
97:0f:07:ab:0a:f7:c4:02:fd:ac:41:3b:ba:41:65:
0a:28:d5:ea:cf:76:b2:1a:34:b6:a6:b2:9a:e4:ef:
57:42:cb:a4:15:c6:d7:6c:51:83:26:95:f1:09:54:
88:c8:96:f3:bf:3a:64:3f:28:ad:d2:8d:e4:f3:4b:
c7:c8:1b:58:1c:8e:9c:35:11:23:96:9e:c9:c6:84:
ad:56:d8:e7:02:39:58:d5:df:cb:7a:c3:0b:6c:01:
08:20:80:21:06:f4:9e:a8:f0:63:18:29:c9:d3:a9:
bf:1b:39:85:89:aa:bd:d8:3f:bd:1e:7a:34:e2:fd:
fc:e4:7a:d0:40:2c:6b:32:51:06:d5:ca:c1:a3:4e:
94:38:bb:a6:55:88:9c:77:5e:bc:8e:de:3e:6b:76:
fd:58:df:6f:41:07:c2:4a:af:58:cf:75:63:77:a9:
53:04:a3:eb:cf:ad:57:01:61:66:ba:97:08:da:de:
ba:d3:9e:73:3a:73:80:0a:e8:f9:1b:62:70:f9:81:
d6:7d:93:a6:79:b6:dc:89:16:22:f2:f9:bb:2d:d6:
fa:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:72:86:3B:8A:0B:D2:18:42:B1:18:CE:93:1F:08:B9:92:45:4B:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dbc88f4b-781b-45e4-8402-e6b216deacc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.176.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:1e:55:b2:08:5b:ae:2c:e5:30:f4:c8:6e:88:69:18:e3:b1:
5a:18:f8:98:6f:9f:82:b9:19:91:26:e2:04:a9:61:f7:1b:92:
94:1c:f4:bd:3a:c9:e0:2c:34:ec:95:fc:f9:0a:f3:42:ae:49:
71:b1:00:88:a4:6a:4e:00:1e:5e:a5:5c:46:cf:1f:64:b3:5e:
b4:fc:35:e9:d8:f5:36:a6:85:7b:d3:e2:cf:c8:af:3a:13:82:
7e:c3:25:20:b7:3b:3d:b9:3a:fa:0f:2c:83:d6:65:9a:d5:bf:
12:cb:c2:3a:bd:fb:26:c3:c3:db:1b:0e:c2:9d:b2:38:f6:de:
6b:99:a7:60:44:03:b3:e3:73:27:cb:56:5e:c7:5b:61:5a:e0:
a1:3a:3d:16:3c:99:8e:e7:76:a2:2a:08:0e:1f:7c:a4:2e:ec:
53:2f:20:b3:92:02:4c:ac:e9:f2:f1:25:2c:dc:b2:ff:eb:19:
d1:04:d2:a0:58:e2:01:d2:67:24:59:a6:0b:34:50:72:bd:ad:
88:40:8d:49:3e:49:a5:b5:1b:6c:f3:d5:ef:10:df:32:67:5d:
8d:d6:9b:d9:67:dc:32:0c:9b:f5:bc:e6:20:0a:d0:22:09:24:
26:ee:fc:2c:eb:21:04:15:b2:82:f6:33:8a:00:01:53:0d:d7:
74:58:74:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPSjoWUqhpq2vbcSCyHqYTooBKKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMDdaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMTYxMGI0N2MyYWU5NTNkNWFiNjgwNTMwZTk2ZmIxZjUzNmJiYWZiMTcx
NWQ0YTJlYmI4NDYzNDM4N2I1MzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMD9RrLYSFe21Zu7oWBDoSEQLU5scTaxv39akeorH4Lg6rRx/L78pHI0Fxxl
lw8Hqwr3xAL9rEE7ukFlCijV6s92sho0tqaymuTvV0LLpBXG12xRgyaV8QlUiMiW
8786ZD8ordKN5PNLx8gbWByOnDURI5aeycaErVbY5wI5WNXfy3rDC2wBCCCAIQb0
nqjwYxgpydOpvxs5hYmqvdg/vR56NOL9/OR60EAsazJRBtXKwaNOlDi7plWInHde
vI7ePmt2/Vjfb0EHwkqvWM91Y3epUwSj68+tVwFhZrqXCNreutOeczpzgAro+Rti
cPmB1n2Tpnm23IkWIvL5uy3W+uUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR1coY7
igvSGEKxGM6THwi5kkVLCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGJjODhmNGItNzgxYi00NWU0LTg0MDItZTZiMjE2ZGVhY2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJewMA0G
CSqGSIb3DQEBCwUAA4IBAQAJHlWyCFuuLOUw9MhuiGkY47FaGPiYb5+CuRmRJuIE
qWH3G5KUHPS9OsngLDTslfz5CvNCrklxsQCIpGpOAB5epVxGzx9ks160/DXp2PU2
poV70+LPyK86E4J+wyUgtzs9uTr6DyyD1mWa1b8Sy8I6vfsmw8PbGw7CnbI49t5r
madgRAOz43Mny1Zex1thWuChOj0WPJmO53aiKggOH3ykLuxTLyCzkgJMrOny8SUs
3LL/6xnRBNKgWOIB0mckWaYLNFByva2IQI1JPkmltRts89XvEN8yZ12N1pvZZ9wy
DJv1vOYgCtAiCSQm7vws6yEEFbKC9jOKAAFTDdd0WHRI
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:17 2025 by rpki-client