Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: oJohWjlC0jHD22j5+nGjBWKkipYGcoXo/FzFzb4UONQ=
Subject key identifier: 95:BE:EC:64:03:09:03:CF:90:B1:1C:9D:7D:AF:D9:2B:0E:A3:3D:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C049E25DB794DAB7EC8A2EF4D7637F2CFE99F73
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Sat 27 Sep 2025 00:52:27 +0000
ROA not before: Sat 27 Sep 2025 00:52:27 +0000
ROA not after: Sat 01 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:27:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:04:9e:25:db:79:4d:ab:7e:c8:a2:ef:4d:76:37:f2:cf:e9:9f:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 27 00:52:27 2025 GMT
Not After : Nov 1 23:59:59 2025 GMT
Subject: serialNumber=c1b24c6875a13ade5fab7d09fd045398945ea61e305826f195ce9c9c5f5daba5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f6:3f:52:24:d7:6d:67:fc:16:9d:84:8d:fa:
09:f7:ef:03:6d:98:a4:7b:7c:56:7d:8d:04:ba:21:
b5:0a:c5:20:da:c3:97:4c:d9:93:af:8a:1e:9c:13:
4e:d4:55:a3:a5:6b:bf:47:fb:46:8d:c7:ec:af:3e:
e2:28:09:3d:99:a0:4d:fd:97:30:75:36:2c:74:9d:
10:0d:5c:5a:a6:9e:ec:4f:35:8c:98:a2:f7:34:f2:
e8:79:e0:25:f9:a1:2e:d2:14:44:2e:37:d4:95:24:
f4:c3:f2:32:6e:d8:50:b8:bb:22:5d:f9:66:62:a4:
5f:42:37:cc:e9:e3:8d:f1:92:cc:73:48:96:ad:02:
29:3f:d2:ef:2a:28:8d:95:4f:da:a5:d0:29:1e:1b:
01:8d:b9:dc:82:b8:4c:01:40:cc:83:8b:9d:63:16:
0c:7a:4d:96:9a:0a:9d:63:fe:3f:2b:90:82:7a:f8:
c4:44:54:a0:cf:fe:e1:ee:24:56:f7:78:1e:01:d3:
97:dc:97:ed:43:11:e2:7a:b9:f4:20:cc:ee:6b:66:
6b:5e:c7:cc:48:f2:19:fd:00:9c:ab:fc:50:4d:41:
ec:9b:8d:89:4c:35:2d:b5:94:42:8c:31:61:0a:35:
92:9c:04:af:fd:29:44:45:09:e5:13:17:18:3e:66:
22:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BE:EC:64:03:09:03:CF:90:B1:1C:9D:7D:AF:D9:2B:0E:A3:3D:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
03:2a:b3:16:e2:ae:cb:12:0a:7a:f2:c5:81:e8:52:8a:cf:5b:
7a:48:2c:68:97:59:64:14:d4:c4:45:b1:75:3f:70:14:2a:8e:
36:c1:e2:87:33:2b:c7:2d:7f:14:84:9a:dc:53:32:d7:3b:05:
18:c7:9c:9f:48:64:c9:99:f1:5b:ab:95:85:33:30:2b:e3:51:
dc:59:a2:34:21:f5:14:7d:b3:18:29:4e:58:54:16:9d:35:5b:
94:cb:bb:9f:5c:d4:ce:14:fb:f4:ec:08:12:4e:74:4e:66:9a:
e6:de:c1:6f:7c:a3:c5:0b:7c:e5:cf:eb:82:55:5d:6f:9c:97:
c8:05:dd:9e:1e:2b:e4:f5:ad:09:da:38:cd:d3:f5:2d:7f:84:
4c:85:d2:96:0e:ae:9a:5c:f2:cb:cf:00:2b:9b:05:50:ed:ef:
62:6d:49:71:42:d1:68:73:92:18:14:3e:59:14:b0:3b:2f:cd:
31:aa:d7:e8:d8:f5:27:14:b9:97:a3:8c:c7:42:f1:bd:eb:0b:
8a:26:6a:24:68:af:89:af:d0:d1:2d:b4:5a:7b:0a:67:19:47:
f4:c8:ae:14:d2:56:cb:6a:80:bb:ce:3f:48:a2:2d:c8:2f:ec:
87:36:fe:6a:5a:c9:a4:3d:56:30:f7:b2:a6:34:8d:d6:ba:0f:
46:a4:d5:c8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDASeJdt5Tat+yKLvTXY38s/pn3MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjcwMDUyMjdaFw0yNTExMDEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxYjI0YzY4NzVhMTNhZGU1ZmFiN2QwOWZkMDQ1Mzk4OTQ1ZWE2MWUzMDU4
MjZmMTk1Y2U5YzljNWY1ZGFiYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMT2P1Ik121n/BadhI36CffvA22YpHt8Vn2NBLohtQrFINrDl0zZk6+KHpwT
TtRVo6Vrv0f7Ro3H7K8+4igJPZmgTf2XMHU2LHSdEA1cWqae7E81jJii9zTy6Hng
JfmhLtIURC431JUk9MPyMm7YULi7Il35ZmKkX0I3zOnjjfGSzHNIlq0CKT/S7yoo
jZVP2qXQKR4bAY253IK4TAFAzIOLnWMWDHpNlpoKnWP+PyuQgnr4xERUoM/+4e4k
Vvd4HgHTl9yX7UMR4nq59CDM7mtma17HzEjyGf0AnKv8UE1B7JuNiUw1LbWUQowx
YQo1kpwEr/0pREUJ5RMXGD5mIk8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSVvuxk
AwkDz5CxHJ19r9krDqM9jzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAAyqzFuKuyxIKevLFgehSis9bekgsaJdZZBTUxEWx
dT9wFCqONsHihzMrxy1/FISa3FMy1zsFGMecn0hkyZnxW6uVhTMwK+NR3FmiNCH1
FH2zGClOWFQWnTVblMu7n1zUzhT79OwIEk50Tmaa5t7Bb3yjxQt85c/rglVdb5yX
yAXdnh4r5PWtCdo4zdP1LX+ETIXSlg6umlzyy88AK5sFUO3vYm1JcULRaHOSGBQ+
WRSwOy/NMarX6Nj1JxS5l6OMx0LxvesLiiZqJGivia/Q0S20WnsKZxlH9MiuFNJW
y2qAu84/SKItyC/shzb+alrJpD1WMPeypjSN1roPRqTVyA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:36:36 2025 by rpki-client