Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: rZzticfmhYntb4+Id94oaPlfTXytOHSwsZ7aRCHzF5E=
Subject key identifier: C8:82:08:4B:AA:72:67:CD:88:C0:D1:94:71:F9:DA:05:0C:A8:4C:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7A267AC15A27B8DC4DAED6B0E7A3BCC9E8D97F51
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Fri 26 Sep 2025 20:39:58 +0000
ROA not before: Fri 26 Sep 2025 20:39:58 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:26:7a:c1:5a:27:b8:dc:4d:ae:d6:b0:e7:a3:bc:c9:e8:d9:7f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:58 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=a8adc7cd70e0339d9532dedfba54e3ff587e024c822431ccd04d96bd3d25cb8d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:59:c4:16:40:a8:d0:39:fa:1b:e1:0c:ff:
9e:fc:aa:6e:42:0a:30:22:c3:96:85:ef:0b:bf:a1:
ae:ca:e3:51:d7:8e:09:89:c6:af:5f:9b:14:96:f2:
31:4d:8f:cd:30:39:0c:74:2b:81:db:a2:3a:b5:94:
f4:a7:84:31:e5:8a:9f:a8:f5:60:13:3f:c1:e1:86:
52:f4:e8:07:98:d9:c9:8e:bc:83:f7:bc:cf:1f:72:
fe:66:51:71:03:16:02:b9:5a:f7:b0:ba:12:02:b3:
70:3f:9d:37:7d:44:d2:04:ec:c9:27:9d:7e:17:45:
33:93:7c:cb:62:af:7c:e8:6e:26:a4:8c:d5:56:cc:
75:0a:06:1d:36:aa:8d:e7:aa:33:6b:6f:6b:10:22:
f8:37:a1:14:22:18:1d:f5:80:be:99:28:d9:13:95:
e6:ae:97:0c:f9:aa:69:2b:6e:9e:e0:48:56:53:42:
fd:96:e1:a0:01:6c:27:5c:88:01:45:03:73:98:e3:
df:2b:b4:31:ac:fc:73:05:1e:dc:0a:0a:47:43:44:
0c:c5:6b:11:4a:d8:b5:e0:54:ea:72:fc:5c:70:43:
90:cf:db:a2:0f:48:9f:bb:db:a5:9a:1c:36:41:31:
54:21:46:d2:58:57:f5:9a:b9:4c:e4:c4:3f:34:16:
de:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:82:08:4B:AA:72:67:CD:88:C0:D1:94:71:F9:DA:05:0C:A8:4C:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
56:4f:67:00:d2:da:40:a5:75:ec:bd:c7:3d:f4:ed:db:04:80:
0c:8b:72:09:56:99:59:76:19:43:25:ad:fa:7a:2d:1d:05:a8:
22:9b:66:51:14:08:4e:89:4e:67:4e:0a:f7:13:96:6c:46:9d:
01:50:24:2c:57:4e:8e:3a:b7:af:eb:ed:94:53:4f:90:00:65:
61:58:55:44:02:9b:76:40:80:b1:3d:63:5a:20:2d:49:35:c3:
29:13:83:d4:50:5a:7b:fc:f0:54:f4:f6:02:1a:24:e8:ee:76:
0f:59:16:ab:3b:3f:9b:de:72:c3:46:42:d4:74:f7:10:1d:47:
93:cc:81:dc:cf:4e:dc:39:0a:7f:d2:61:f6:1d:39:06:6e:85:
c3:19:34:df:9c:dd:4c:c0:44:e4:ef:f7:6b:79:82:28:41:46:
ef:5d:c2:a0:df:57:6c:c5:65:ba:c1:ca:06:ac:53:11:93:f4:
ba:6a:ba:3a:8b:26:1c:13:7a:9f:d7:cd:4c:75:d8:63:bd:fe:
ab:0d:ed:22:11:7b:d1:d8:1b:50:b0:7b:79:1a:0d:8c:56:50:
cf:1b:bf:93:eb:8d:3d:4b:3b:df:a6:7a:3b:75:e0:76:69:c1:
f9:dd:e7:f7:17:fa:d1:47:0a:f7:6c:f2:fd:d6:fb:c6:03:f8:
0b:94:95:e6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeiZ6wVonuNxNrtaw56O8yejZf1EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5NThaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4YWRjN2NkNzBlMDMzOWQ5NTMyZGVkZmJhNTRlM2ZmNTg3ZTAyNGM4MjI0
MzFjY2QwNGQ5NmJkM2QyNWNiOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9sWcQWQKjQOfob4Qz/nvyqbkIKMCLDloXvC7+hrsrjUdeOCYnGr1+bFJby
MU2PzTA5DHQrgduiOrWU9KeEMeWKn6j1YBM/weGGUvToB5jZyY68g/e8zx9y/mZR
cQMWArla97C6EgKzcD+dN31E0gTsySedfhdFM5N8y2KvfOhuJqSM1VbMdQoGHTaq
jeeqM2tvaxAi+DehFCIYHfWAvpko2ROV5q6XDPmqaStunuBIVlNC/ZbhoAFsJ1yI
AUUDc5jj3yu0Maz8cwUe3AoKR0NEDMVrEUrYteBU6nL8XHBDkM/bog9In7vbpZoc
NkExVCFG0lhX9Zq5TOTEPzQW3ukCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTIgghL
qnJnzYjA0ZRx+doFDKhMajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQBWT2cA0tpApXXsvcc99O3bBIAMi3IJVplZdhlDJa36
ei0dBagim2ZRFAhOiU5nTgr3E5ZsRp0BUCQsV06OOrev6+2UU0+QAGVhWFVEApt2
QICxPWNaIC1JNcMpE4PUUFp7/PBU9PYCGiTo7nYPWRarOz+b3nLDRkLUdPcQHUeT
zIHcz07cOQp/0mH2HTkGboXDGTTfnN1MwETk7/dreYIoQUbvXcKg31dsxWW6wcoG
rFMRk/S6aro6iyYcE3qf181Mddhjvf6rDe0iEXvR2BtQsHt5Gg2MVlDPG7+T6409
Szvfpno7deB2acH53ef3F/rRRwr3bPL91vvGA/gLlJXm
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:06 2025 by rpki-client