Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: VRHUEbmfarX1SkBe/uHSxZ5CWkxwYw2V42bUwq36Q6o=
Subject key identifier: 81:49:F8:35:72:26:CF:F0:D0:F7:78:9D:92:F0:DA:71:D9:9B:BA:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2046D82DACCD5AEAA141CAAC852A9986D38D7A92
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Mon 06 Oct 2025 18:10:32 +0000
ROA not before: Mon 06 Oct 2025 18:10:32 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:46:d8:2d:ac:cd:5a:ea:a1:41:ca:ac:85:2a:99:86:d3:8d:7a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:32 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=a3dc2b496df4461b63ec3b5ecd2575e73b0f9b2a5195d3af888f1eef7e58ef1b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:25:a1:a8:9e:bb:1f:2b:73:4b:61:7d:68:ef:
42:14:e5:e7:23:cd:3d:64:09:a7:2b:58:e1:a6:a1:
01:d5:62:98:a6:c5:85:37:44:9f:3e:d8:0e:5c:c8:
d9:72:7f:56:00:45:aa:9a:61:cb:ef:f4:cd:7e:61:
5c:8c:2a:e4:5a:26:25:58:84:9b:a9:64:73:04:a4:
0b:80:9a:35:52:97:1d:d7:bf:dc:66:78:42:fc:26:
70:f1:48:8c:2b:b3:ac:e3:4a:ad:ea:a9:b9:1d:6a:
ca:a4:fb:72:1f:23:f3:30:c2:d0:c6:9a:6e:da:cf:
c1:a4:a0:08:9a:0e:93:4f:42:7d:f0:f9:f7:1a:ac:
f1:e2:87:93:2c:36:a5:ad:02:bf:c8:be:3f:8a:30:
b7:35:f4:a0:03:58:5a:19:f8:cf:50:5d:58:23:21:
78:60:a8:0a:a3:f7:d4:46:b5:dd:7a:3a:db:be:7b:
18:f1:fd:cb:7b:5a:e2:dd:2f:5a:a0:4d:b6:c9:43:
a3:99:63:c8:f3:9c:b4:d0:97:e5:ec:23:33:44:06:
71:f4:c0:05:e1:b6:86:c2:a8:b4:50:63:7c:ff:39:
9a:7f:a9:2f:cd:81:db:ff:76:5c:55:ad:a6:86:ea:
fc:f4:c9:89:cf:23:2a:27:41:9e:78:ae:40:e7:c3:
26:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:49:F8:35:72:26:CF:F0:D0:F7:78:9D:92:F0:DA:71:D9:9B:BA:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:fe:94:8a:f9:3d:63:9a:b9:59:61:d7:b9:22:29:7d:69:a0:
3f:ee:0d:08:7f:13:13:a9:99:cb:0c:7c:5c:57:a7:03:59:2b:
10:fb:f1:4a:3a:ed:f4:c7:e4:f8:66:83:25:fd:87:11:a7:c3:
88:8a:73:85:dc:f3:6d:71:8d:a0:13:8c:f9:b1:1a:0b:1e:f6:
26:9b:e4:e0:e3:a8:55:83:b8:49:ab:28:fb:13:d3:6c:9c:04:
40:93:72:20:95:97:02:96:24:59:1d:6d:f2:4b:71:84:12:94:
2a:7f:2e:6a:e5:68:82:c8:6e:ed:7d:b1:dd:77:51:e5:dd:83:
a2:8b:65:8e:74:13:28:d7:ca:ec:93:cd:ba:f1:b8:55:73:13:
07:ee:5e:27:08:17:b9:09:bd:bb:c4:4c:b7:d5:d4:05:5a:4f:
ba:fd:8a:58:b3:11:50:a1:00:fd:56:6d:b2:6b:e3:1d:52:9b:
d8:1c:e8:53:8f:e7:f8:b2:f6:c9:66:1e:53:c6:23:27:f2:98:
32:3f:df:fa:41:58:a5:41:79:e5:e6:69:94:97:90:ca:36:85:
13:6b:5d:25:d0:fb:cf:c0:22:57:55:fc:72:f0:fa:c4:d2:9e:
72:00:25:ef:f9:ae:4f:e9:3a:7f:fa:35:d5:6f:a0:f3:c4:3e:
0a:23:c1:0c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIEbYLazNWuqhQcqshSqZhtONepIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzJaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzZGMyYjQ5NmRmNDQ2MWI2M2VjM2I1ZWNkMjU3NWU3M2IwZjliMmE1MTk1
ZDNhZjg4OGYxZWVmN2U1OGVmMWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMEloaieux8rc0thfWjvQhTl5yPNPWQJpytY4aahAdVimKbFhTdEnz7YDlzI
2XJ/VgBFqpphy+/0zX5hXIwq5FomJViEm6lkcwSkC4CaNVKXHde/3GZ4QvwmcPFI
jCuzrONKreqpuR1qyqT7ch8j8zDC0MaabtrPwaSgCJoOk09CffD59xqs8eKHkyw2
pa0Cv8i+P4owtzX0oANYWhn4z1BdWCMheGCoCqP31Ea13Xo62757GPH9y3ta4t0v
WqBNtslDo5ljyPOctNCX5ewjM0QGcfTABeG2hsKotFBjfP85mn+pL82B2/92XFWt
pobq/PTJic8jKidBnniuQOfDJhsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSBSfg1
cibP8ND3eJ2S8Npx2Zu6NTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQAT/pSK+T1jmrlZYde5Iil9aaA/7g0IfxMTqZnLDHxc
V6cDWSsQ+/FKOu30x+T4ZoMl/YcRp8OIinOF3PNtcY2gE4z5sRoLHvYmm+Tg46hV
g7hJqyj7E9NsnARAk3IglZcCliRZHW3yS3GEEpQqfy5q5WiCyG7tfbHdd1Hl3YOi
i2WOdBMo18rsk8268bhVcxMH7l4nCBe5Cb27xEy31dQFWk+6/YpYsxFQoQD9Vm2y
a+MdUpvYHOhTj+f4svbJZh5TxiMn8pgyP9/6QVilQXnl5mmUl5DKNoUTa10l0PvP
wCJXVfxy8PrE0p5yACXv+a5P6Tp/+jXVb6DzxD4KI8EM
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:34:45 2025 by rpki-client