Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: Eq9nXKIIyM0wk4STKcKDGmP8s4iJKII8pa0G6CnZetg=
Subject key identifier: 62:10:17:40:D1:57:59:99:22:CF:8E:50:B7:FB:5D:10:5E:06:16:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 47D69349E59959DF923F151083E6AC55A3F2947B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Fri 26 Sep 2025 20:39:25 +0000
ROA not before: Fri 26 Sep 2025 20:39:25 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:d6:93:49:e5:99:59:df:92:3f:15:10:83:e6:ac:55:a3:f2:94:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:25 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=2b4f7b12f03a242b03aaf805c6428124fa337844803797d306232d2b15f06466, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:29:a6:83:ba:4c:1b:5a:b0:73:f0:4f:4d:76:
c9:82:c3:3a:3d:2a:ce:2d:a3:3b:a0:1b:fd:42:15:
dd:66:a5:95:dc:fb:c1:dd:61:0b:d9:1f:cb:8e:9d:
51:37:a8:22:74:38:80:24:91:8b:a2:49:74:ad:7e:
b4:ac:15:6e:36:56:17:3d:fb:fd:7d:bb:1c:d3:3a:
05:73:1b:e8:f7:3e:e8:20:13:ba:ef:80:9e:ee:03:
cc:e5:7c:62:d9:04:b6:56:94:37:4a:b9:82:85:62:
e3:bc:2f:24:8e:86:c0:d7:d0:78:2b:2e:4c:92:77:
3a:5e:25:6a:8e:e6:aa:db:cd:b1:b1:f3:fa:69:c2:
4f:e6:ed:fc:17:4d:26:75:ee:8a:83:e2:ca:8d:7a:
69:39:c2:e5:75:1a:8a:4d:b6:66:1e:51:cd:f3:b2:
1a:82:2f:f0:42:5b:c6:4d:5d:06:ef:47:8d:73:2a:
2d:32:df:ad:97:ed:4c:da:ca:42:bb:34:92:97:13:
e7:3a:d8:f7:e4:d8:f7:d8:e1:98:c4:2d:87:37:08:
68:11:cc:8f:96:fd:52:df:76:26:cd:8d:20:2e:f8:
af:bc:5a:f8:95:57:4c:23:59:e5:0a:05:93:cd:5c:
a4:0e:56:06:d4:6d:8e:5a:46:db:fc:4e:cd:4d:a1:
ce:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:10:17:40:D1:57:59:99:22:CF:8E:50:B7:FB:5D:10:5E:06:16:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:90:3b:d4:24:75:fc:8b:6f:c6:07:c6:07:9a:49:08:4b:74:
19:45:37:cd:ed:90:25:b4:d7:15:87:15:f0:32:60:29:9d:37:
68:b5:25:01:fc:26:5f:58:dc:cd:3f:38:51:6a:b1:8f:8a:a6:
bc:60:68:23:bc:90:aa:b4:1c:da:5a:bc:dc:64:3c:89:b7:76:
9b:da:d5:cd:ea:b5:d5:b9:fc:92:4a:87:0b:bf:c8:0a:88:2d:
30:e0:e7:a2:98:0e:e7:14:6b:b8:af:92:55:e0:93:33:1c:93:
00:cf:fc:9c:2d:14:71:58:b7:f2:d8:1b:ba:73:5c:fa:ad:4b:
11:c5:58:ce:e6:c6:b5:ac:23:b6:d2:09:eb:c5:45:47:1e:39:
53:dc:6f:cd:21:d1:d2:59:64:25:c6:f1:4b:60:8d:ff:ce:21:
47:6c:a5:55:6d:82:2d:79:54:04:2f:b5:77:5a:ae:0f:b8:bd:
b6:41:ba:05:6f:c3:33:6d:b1:69:6d:31:75:c2:61:14:95:72:
5b:8b:32:aa:4c:a9:bc:67:3c:bf:b6:49:98:e5:68:f1:f9:d7:
e2:4a:9b:57:94:eb:08:cc:75:94:6c:0b:2b:a7:63:0c:27:b7:
32:4c:3c:3a:79:11:25:90:be:92:2a:b2:86:a3:40:e4:94:f3:
80:71:fa:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUR9aTSeWZWd+SPxUQg+asVaPylHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5MjVaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJiNGY3YjEyZjAzYTI0MmIwM2FhZjgwNWM2NDI4MTI0ZmEzMzc4NDQ4MDM3
OTdkMzA2MjMyZDJiMTVmMDY0NjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALoppoO6TBtasHPwT012yYLDOj0qzi2jO6Ab/UIV3Walldz7wd1hC9kfy46d
UTeoInQ4gCSRi6JJdK1+tKwVbjZWFz37/X27HNM6BXMb6Pc+6CATuu+Anu4DzOV8
YtkEtlaUN0q5goVi47wvJI6GwNfQeCsuTJJ3Ol4lao7mqtvNsbHz+mnCT+bt/BdN
JnXuioPiyo16aTnC5XUaik22Zh5RzfOyGoIv8EJbxk1dBu9HjXMqLTLfrZftTNrK
Qrs0kpcT5zrY9+TY99jhmMQthzcIaBHMj5b9Ut92Js2NIC74r7xa+JVXTCNZ5QoF
k81cpA5WBtRtjlpG2/xOzU2hzpsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRiEBdA
0VdZmSLPjlC3+10QXgYWfDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQALkDvUJHX8i2/GB8YHmkkIS3QZRTfN7ZAltNcVhxXw
MmApnTdotSUB/CZfWNzNPzhRarGPiqa8YGgjvJCqtBzaWrzcZDyJt3ab2tXN6rXV
ufySSocLv8gKiC0w4OeimA7nFGu4r5JV4JMzHJMAz/ycLRRxWLfy2Bu6c1z6rUsR
xVjO5sa1rCO20gnrxUVHHjlT3G/NIdHSWWQlxvFLYI3/ziFHbKVVbYIteVQEL7V3
Wq4PuL22QboFb8MzbbFpbTF1wmEUlXJbizKqTKm8Zzy/tkmY5Wjx+dfiSptXlOsI
zHWUbAsrp2MMJ7cyTDw6eRElkL6SKrKGo0DklPOAcfrl
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:36 2025 by rpki-client