Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: peYKlf7O9WniciGGZYm316v3zQ8SgaBHl4+hKT1Vhqs=
Subject key identifier: 89:56:62:E2:90:CC:17:BD:E6:8F:ED:03:F8:9D:B9:BF:0A:D3:96:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6CF1FAB5EE6A207EEB1389856DCAF98877E08863
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Fri 10 Oct 2025 17:10:06 +0000
ROA not before: Fri 10 Oct 2025 17:10:06 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:f1:fa:b5:ee:6a:20:7e:eb:13:89:85:6d:ca:f9:88:77:e0:88:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 10 17:10:06 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=be5d806626afa35746b6fb19a7df0c9b3f2b37f475bcbc73a0f71e9e7f213a96, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:92:a7:e6:1e:d0:79:0d:06:7c:9b:18:4d:
6f:88:cb:b5:2a:3a:75:8e:17:25:71:1f:c2:6a:60:
43:92:22:e3:d5:0e:21:79:b3:1e:2b:a7:e5:3d:2e:
69:e7:a1:c4:d7:91:97:4e:8a:07:1d:75:a8:54:7f:
73:21:a6:ad:e3:e1:9a:bf:c1:b6:2c:14:d3:7e:9a:
01:0e:57:9d:1a:02:65:e9:14:35:99:e8:18:1f:37:
c1:45:6e:c6:e8:cb:ec:ed:0e:36:d1:d9:06:c9:1e:
8a:f4:93:de:7d:55:81:2d:a5:a6:24:f2:a2:cd:98:
89:9c:83:08:74:54:ba:5e:5f:88:3d:8e:00:4a:59:
17:57:95:2e:04:69:dd:ec:1e:76:fe:cf:2b:f1:8d:
ab:f5:a7:35:0c:0b:65:b4:2c:22:06:e9:9e:24:35:
1b:c6:46:a6:8d:fc:67:10:0d:86:6d:73:0a:95:81:
be:2e:af:91:b0:c3:7c:bb:0d:87:75:0d:dd:a0:df:
d3:48:16:1b:fc:56:11:3a:45:5d:2d:31:ed:66:d7:
6f:d9:42:a7:f8:16:87:1b:17:c4:45:ad:fb:02:81:
e7:08:d6:9c:6a:39:8a:77:29:d8:d7:6d:59:60:e2:
3a:b5:aa:1c:2c:08:74:90:0d:e4:23:75:29:74:85:
50:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:56:62:E2:90:CC:17:BD:E6:8F:ED:03:F8:9D:B9:BF:0A:D3:96:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
a8:11:c6:11:00:a2:16:ce:8d:75:3d:d7:ec:80:55:e2:fc:c8:
fb:a9:52:15:4e:37:f9:61:80:a5:b4:29:11:85:42:9b:84:90:
8a:c5:de:ff:eb:0d:0e:be:b8:4a:27:76:ef:c7:3b:3e:b9:23:
cd:f8:bb:1d:d6:18:83:d1:f3:2b:bc:cc:92:1c:13:ca:4d:97:
07:36:c5:11:87:34:6b:5d:96:1e:a9:34:6b:70:32:1e:f0:eb:
4b:64:bb:b4:9d:3c:75:91:f7:91:26:e1:1b:77:a8:d3:c4:07:
6f:11:ae:26:66:f3:61:f1:a3:4b:ba:dc:9c:9d:26:a5:0f:f6:
e8:2a:82:d0:85:4e:38:74:6e:01:aa:f9:97:74:50:cd:d0:06:
98:2e:2b:6d:78:17:26:2a:da:3f:51:61:ce:6b:a5:97:d0:bd:
1b:9e:3a:0b:57:cd:22:c1:c1:33:7d:79:d9:2e:02:bf:fe:f3:
7e:97:e7:ae:87:2f:5c:f9:9c:fd:8b:54:03:ed:55:d2:57:d9:
af:63:89:67:7b:a6:0f:74:fb:a5:f2:61:48:cc:6d:d8:76:80:
de:19:3f:04:08:bb:85:fe:57:55:cd:05:0b:0e:dc:8f:df:34:
7b:be:f7:17:2f:cd:1e:8f:29:ad:15:c7:64:e2:43:08:da:5e:
85:2c:4b:dd
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUbPH6te5qIH7rE4mFbcr5iHfgiGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTAxNzEwMDZaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlNWQ4MDY2MjZhZmEzNTc0NmI2ZmIxOWE3ZGYwYzliM2YyYjM3ZjQ3NWJj
YmM3M2EwZjcxZTllN2YyMTNhOTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwDkqfmHtB5DQZ8mxhNb4jLtSo6dY4XJXEfwmpgQ5Ii49UOIXmzHiun5T0u
aeehxNeRl06KBx11qFR/cyGmrePhmr/BtiwU036aAQ5XnRoCZekUNZnoGB83wUVu
xujL7O0ONtHZBskeivST3n1VgS2lpiTyos2YiZyDCHRUul5fiD2OAEpZF1eVLgRp
3ewedv7PK/GNq/WnNQwLZbQsIgbpniQ1G8ZGpo38ZxANhm1zCpWBvi6vkbDDfLsN
h3UN3aDf00gWG/xWETpFXS0x7WbXb9lCp/gWhxsXxEWt+wKB5wjWnGo5incp2Ndt
WWDiOrWqHCwIdJAN5CN1KXSFUMcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSJVmLi
kMwXveaP7QP4nbm/CtOWWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAqBHGEQCiFs6NdT3X7IBV4vzI+6lSFU43+WGApbQp
EYVCm4SQisXe/+sNDr64Sid278c7Prkjzfi7HdYYg9HzK7zMkhwTyk2XBzbFEYc0
a12WHqk0a3AyHvDrS2S7tJ08dZH3kSbhG3eo08QHbxGuJmbzYfGjS7rcnJ0mpQ/2
6CqC0IVOOHRuAar5l3RQzdAGmC4rbXgXJiraP1Fhzmull9C9G546C1fNIsHBM315
2S4Cv/7zfpfnrocvXPmc/YtUA+1V0lfZr2OJZ3umD3T7pfJhSMxt2HaA3hk/BAi7
hf5XVc0FCw7cj980e773Fy/NHo8prRXHZOJDCNpehSxL3Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:51:54 2025 by rpki-client