Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: XKNf7lrsqz0JUS1XY5TI6Sp5+hsIUQxVdyeADrJOyO4=
Subject key identifier: 5D:63:98:8E:AB:DB:3E:12:DB:19:6F:E9:F6:33:30:4E:84:AE:09:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B87EA489B371FD7CC85B57C25897A4D0F6FE303
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Fri 26 Sep 2025 20:21:04 +0000
ROA not before: Fri 26 Sep 2025 20:21:04 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:87:ea:48:9b:37:1f:d7:cc:85:b5:7c:25:89:7a:4d:0f:6f:e3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:04 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=fba838143d116746fc6e2df0e143f26698309ecdc7b3a049a1b75fbd3ef93ac8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a7:63:c8:f7:3f:b6:f6:25:df:f6:f4:9e:f7:
83:5a:38:da:91:8b:32:96:c2:31:fe:0d:4a:8a:82:
3c:e4:ec:30:ac:bc:18:31:a2:dc:39:38:ad:3a:1f:
cc:b3:64:ce:3e:85:0c:bc:6b:3d:0d:fd:62:3f:8e:
40:f5:c2:b9:ff:90:be:29:9c:6c:de:1e:55:3d:85:
33:f3:5b:7b:56:98:a1:72:d0:73:3d:7c:c4:db:1f:
ad:89:96:d6:fa:c4:5d:86:2d:48:48:25:8f:85:a6:
5f:36:d3:6a:21:d5:33:7b:0d:1d:16:e1:74:8a:28:
f4:19:b3:67:75:55:83:96:e8:bb:f0:3d:54:13:05:
43:86:11:6e:47:d0:d8:a5:3c:65:78:3e:a4:58:a4:
45:15:de:7b:79:f8:a5:a5:91:23:87:bd:94:a1:e7:
40:18:57:48:a5:e8:78:95:00:86:49:8b:89:08:16:
9e:e8:00:85:7a:98:f4:5a:d0:48:5b:74:33:e8:0a:
12:f6:95:8a:7c:9d:4a:e8:7b:5c:ee:4e:3d:51:58:
55:46:c5:68:a1:ff:bd:86:3e:6b:b5:84:3e:3c:c7:
69:49:bf:f1:70:de:25:76:b9:aa:12:3b:40:3e:bc:
13:51:ea:10:54:96:26:8b:bd:44:e5:20:52:58:24:
75:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:63:98:8E:AB:DB:3E:12:DB:19:6F:E9:F6:33:30:4E:84:AE:09:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:90:51:62:7d:d1:ad:94:35:c3:c6:53:23:49:91:13:f1:aa:
51:2f:9d:2f:d5:33:a3:7a:cf:da:58:de:ed:cb:c4:89:75:7b:
6b:24:e9:a0:bb:46:8a:5a:f1:41:89:70:72:39:6c:30:1c:44:
16:52:cc:44:f2:92:ae:3f:b0:c7:4d:4b:b4:dc:cb:82:17:41:
b4:81:cf:69:30:4a:7d:0c:10:b0:aa:c7:c2:3c:fb:5c:8b:5f:
93:44:b3:4b:90:b9:b6:40:07:f9:13:1f:1c:12:b0:fa:f9:91:
ac:50:7d:95:4c:6d:7d:15:5a:3b:c2:d9:5c:5e:34:82:b9:b6:
79:26:23:1d:38:dd:77:34:b4:9f:59:b7:6c:dd:6c:c3:14:81:
7d:6e:8f:c4:88:7c:66:c8:80:29:5e:c0:9e:82:fb:fc:0b:64:
8b:8f:65:9f:ed:33:41:f8:b2:9c:07:e6:a9:04:26:95:32:0d:
bf:65:58:33:5d:64:ca:75:bd:c2:d8:e8:94:f9:4f:de:bc:29:
d3:96:b6:2a:d2:ee:8a:05:ca:61:c0:84:7b:47:7e:8e:46:84:
0c:29:63:09:3b:0c:5a:cc:4e:57:d2:24:b3:58:dc:99:01:9a:
0d:14:7b:ec:35:c9:6a:8c:64:48:94:69:df:bc:db:c5:9a:8b:
80:ba:6a:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe4fqSJs3H9fMhbV8JYl6TQ9v4wMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMDRaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZiYTgzODE0M2QxMTY3NDZmYzZlMmRmMGUxNDNmMjY2OTgzMDllY2RjN2Iz
YTA0OWExYjc1ZmJkM2VmOTNhYzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAManY8j3P7b2Jd/29J73g1o42pGLMpbCMf4NSoqCPOTsMKy8GDGi3Dk4rTof
zLNkzj6FDLxrPQ39Yj+OQPXCuf+QvimcbN4eVT2FM/Nbe1aYoXLQcz18xNsfrYmW
1vrEXYYtSEglj4WmXzbTaiHVM3sNHRbhdIoo9BmzZ3VVg5bou/A9VBMFQ4YRbkfQ
2KU8ZXg+pFikRRXee3n4paWRI4e9lKHnQBhXSKXoeJUAhkmLiQgWnugAhXqY9FrQ
SFt0M+gKEvaVinydSuh7XO5OPVFYVUbFaKH/vYY+a7WEPjzHaUm/8XDeJXa5qhI7
QD68E1HqEFSWJou9ROUgUlgkdXUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdY5iO
q9s+EtsZb+n2MzBOhK4JHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQBtkFFifdGtlDXDxlMjSZET8apRL50v1TOjes/aWN7t
y8SJdXtrJOmgu0aKWvFBiXByOWwwHEQWUsxE8pKuP7DHTUu03MuCF0G0gc9pMEp9
DBCwqsfCPPtci1+TRLNLkLm2QAf5Ex8cErD6+ZGsUH2VTG19FVo7wtlcXjSCubZ5
JiMdON13NLSfWbds3WzDFIF9bo/EiHxmyIApXsCegvv8C2SLj2Wf7TNB+LKcB+ap
BCaVMg2/ZVgzXWTKdb3C2OiU+U/evCnTlrYq0u6KBcphwIR7R36ORoQMKWMJOwxa
zE5X0iSzWNyZAZoNFHvsNclqjGRIlGnfvNvFmouAumo7
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:38:09 2025 by rpki-client