Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
File: e398b47e-9867-4e71-96db-760f9102a39f.roa (raw, json)
Hash identifier: 9a9u0XOTq/hr1TnNpMstO/2xQlm9pKkhypu1zSWi5tY=
Subject key identifier: 75:A5:8E:37:9E:00:8B:FE:46:CD:D2:8B:5B:14:5F:DE:85:C1:30:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1238E9DEEA4FABB560156B3A2DECE79BBD3AED52
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
Signing time: Fri 26 Sep 2025 20:10:18 +0000
ROA not before: Fri 26 Sep 2025 20:10:18 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 62785
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:38:e9:de:ea:4f:ab:b5:60:15:6b:3a:2d:ec:e7:9b:bd:3a:ed:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:18 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c482d10356d1aeb09cc9534c4581faf6b32daf8d5fbc13865584a90ab9e685e3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8d:b0:45:e5:0d:a3:01:2f:f0:23:45:3d:c2:
c2:dc:39:5d:ab:47:0d:07:fc:9c:9a:65:2a:9b:06:
b6:47:e9:6f:ae:99:07:a3:2e:c2:e1:79:d2:a6:56:
43:69:ed:08:0d:cd:4c:c8:05:46:f7:90:d5:91:a6:
8e:ae:7a:7d:03:bb:7f:29:0e:67:27:54:73:92:d5:
cf:d8:31:3f:b4:a1:a8:22:9b:36:00:ee:3b:8e:0e:
17:fe:18:79:3e:50:ff:9a:18:18:1f:69:a0:4f:9e:
29:fa:ba:12:3b:05:41:05:37:92:22:0f:72:67:df:
6a:d9:47:f1:73:32:18:98:16:1a:53:25:a5:83:49:
2a:4d:3c:12:ae:31:ee:c7:f6:0e:20:51:d5:11:86:
bb:f7:00:3a:4a:88:05:2c:ff:d2:2c:18:bd:a5:54:
b6:a7:db:92:ef:9b:53:d8:6e:36:65:c1:df:2d:4c:
d6:98:ee:b7:e3:4b:a9:15:ac:73:29:ff:2d:7b:45:
29:c6:8b:4d:79:e4:56:4d:59:f1:8a:71:a5:25:92:
b0:a2:6f:9a:84:9a:80:08:f8:c6:5a:bd:71:81:c1:
8b:a8:d5:02:42:91:6b:41:45:52:a7:a9:2f:b7:0a:
23:25:ec:83:52:05:b1:4f:06:63:a5:dc:15:85:50:
37:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A5:8E:37:9E:00:8B:FE:46:CD:D2:8B:5B:14:5F:DE:85:C1:30:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
69:9a:f2:c2:25:b1:df:a3:2f:97:7c:12:76:b9:26:2f:e4:da:
fc:8e:86:ff:64:0e:fc:a9:85:45:9f:c0:32:47:5f:30:7d:41:
5e:9d:1c:3d:2b:71:2a:02:15:a1:3d:e1:29:2b:15:15:2c:08:
19:a3:4e:d1:46:bc:b2:c6:c9:93:38:5b:7c:e2:4f:57:31:a6:
de:91:b7:bd:50:89:f9:17:be:29:f1:8f:42:cd:0a:c0:51:0e:
75:1d:42:73:04:51:19:e2:82:8b:b9:8e:49:8d:5d:ae:ab:20:
00:87:1b:09:2c:e6:94:1a:01:f6:29:01:b4:56:48:55:c9:6f:
be:ab:14:df:f7:00:fb:91:c6:e0:95:a5:a1:eb:e8:b3:27:b4:
75:88:b1:8f:52:45:80:c0:08:43:c7:8a:3b:81:42:cd:89:63:
10:91:ff:b9:eb:ce:d8:23:96:36:07:03:a8:96:a0:b2:89:f0:
d9:1b:96:a5:1c:ea:8e:7e:c6:ce:d0:98:54:4d:8b:21:3a:e6:
14:62:99:d3:7a:89:48:08:12:77:cd:c8:80:2b:cc:40:9b:81:
61:4e:5a:c8:ea:93:20:e9:4d:e2:c9:5d:fe:72:56:72:5a:28:
a6:a5:67:69:2a:42:68:f0:19:c4:be:df:46:9c:47:10:f4:9c:
c5:ae:f8:92
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUEjjp3upPq7VgFWs6Leznm7067VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ODJkMTAzNTZkMWFlYjA5Y2M5NTM0YzQ1ODFmYWY2YjMyZGFmOGQ1ZmJj
MTM4NjU1ODRhOTBhYjllNjg1ZTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+NsEXlDaMBL/AjRT3Cwtw5XatHDQf8nJplKpsGtkfpb66ZB6MuwuF50qZW
Q2ntCA3NTMgFRveQ1ZGmjq56fQO7fykOZydUc5LVz9gxP7ShqCKbNgDuO44OF/4Y
eT5Q/5oYGB9poE+eKfq6EjsFQQU3kiIPcmffatlH8XMyGJgWGlMlpYNJKk08Eq4x
7sf2DiBR1RGGu/cAOkqIBSz/0iwYvaVUtqfbku+bU9huNmXB3y1M1pjut+NLqRWs
cyn/LXtFKcaLTXnkVk1Z8YpxpSWSsKJvmoSagAj4xlq9cYHBi6jVAkKRa0FFUqep
L7cKIyXsg1IFsU8GY6XcFYVQN6ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBR1pY43
ngCL/kbN0otbFF/ehcEwxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTM5OGI0N2UtOTg2Ny00ZTcxLTk2ZGItNzYwZjkxMDJhMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAaZrywiWx36Mvl3wSdrkmL+Ta/I6G/2QO/KmFRZ/A
MkdfMH1BXp0cPStxKgIVoT3hKSsVFSwIGaNO0Ua8ssbJkzhbfOJPVzGm3pG3vVCJ
+Re+KfGPQs0KwFEOdR1CcwRRGeKCi7mOSY1drqsgAIcbCSzmlBoB9ikBtFZIVclv
vqsU3/cA+5HG4JWloevosye0dYixj1JFgMAIQ8eKO4FCzYljEJH/uevO2COWNgcD
qJagsonw2RuWpRzqjn7GztCYVE2LITrmFGKZ03qJSAgSd83IgCvMQJuBYU5ayOqT
IOlN4sld/nJWcloopqVnaSpCaPAZxL7fRpxHEPScxa74kg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:04 2025 by rpki-client