Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
File: 01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa (raw, json)
Hash identifier: Z6W/1+yLsMQqD0E3by/i0p7ITlGd47EIQxzpt0kiyBM=
Subject key identifier: 17:9F:51:75:88:27:DB:1F:55:C3:E9:0C:1C:E5:7B:1C:11:91:8E:D2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1599D0ED63A91DC1C51115988D8D9F9EF9AE5308
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
Signing time: Fri 31 Oct 2025 02:00:23 +0000
ROA not before: Fri 31 Oct 2025 02:00:23 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 8987
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:99:d0:ed:63:a9:1d:c1:c5:11:15:98:8d:8d:9f:9e:f9:ae:53:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:23 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=dff16be264f3ee2c1d2123915119ce1bf97b2d77beb847b80b0d6d2caad14f0a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ad:fb:12:af:d9:c5:b4:ce:55:e2:1c:15:e7:
c5:85:59:0b:f2:6d:cf:5c:2e:ab:eb:0c:2f:cf:e7:
9f:75:ac:a7:63:9e:74:39:88:c0:a4:ba:89:c4:ce:
0e:2f:57:a8:65:96:ae:69:4b:38:d3:65:4e:13:78:
5a:66:cd:75:8e:ed:e7:f8:da:bf:8b:7c:6d:03:fb:
d7:56:33:50:9c:13:e7:82:2c:b1:e1:91:ef:72:26:
4c:2c:c4:39:31:35:0b:af:72:af:23:69:af:4a:ca:
99:fc:5f:64:be:51:d6:dc:fd:21:97:1b:94:3c:26:
b8:6f:de:ba:c4:29:73:c5:d3:21:83:15:5b:63:b2:
c4:3a:31:0d:df:7d:86:a6:50:a8:54:7a:a7:8c:bb:
a2:ed:73:d1:95:4b:15:30:dc:74:d6:00:85:c0:71:
36:fe:46:a0:6d:82:84:89:c2:d6:2e:f9:2a:1d:73:
94:2e:d7:f8:cf:52:74:e0:80:40:bd:8c:79:e4:6d:
4d:51:87:c5:75:33:ec:f0:20:96:9e:6b:51:64:96:
c6:63:63:59:62:6f:df:74:4b:31:1d:a7:fa:74:af:
dd:57:85:ea:13:63:ec:15:8b:60:c7:df:8c:60:f4:
73:cd:80:46:07:5b:3c:65:87:ca:d7:5a:b7:7e:c0:
b9:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9F:51:75:88:27:DB:1F:55:C3:E9:0C:1C:E5:7B:1C:11:91:8E:D2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/01c4adee-b8dc-44e3-959a-e4ab13e63ba7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
61:1a:cf:01:5c:bc:8f:e5:86:9f:5a:56:ba:68:0f:91:1f:1e:
f4:c5:9b:4a:ea:53:1b:af:2e:ce:cb:87:d6:b0:3d:46:51:7a:
4f:a5:22:47:b7:7e:03:8e:61:b9:fa:b2:81:d0:9a:f0:34:c9:
e0:5c:c6:3a:da:ca:f5:bf:5a:9a:22:a1:63:a7:d8:cd:5a:7d:
d7:93:1c:ff:3c:4a:8e:35:e9:dd:73:7b:fe:05:4d:74:29:e6:
cf:bd:b6:83:29:1c:b5:98:dc:24:bb:32:f4:cb:a5:ac:c6:ef:
15:9a:4a:1d:7a:0a:fe:f7:0b:e8:16:11:50:bb:7f:54:0f:0e:
42:72:e0:ae:d3:42:e7:cb:82:18:2d:a8:4d:a0:ae:17:50:f1:
ce:e0:67:85:b0:0a:2e:d4:0d:8f:38:ce:c7:98:07:a2:bf:05:
1a:8b:c7:c6:f4:eb:6a:49:db:fd:62:11:79:f9:e7:d2:44:32:
95:c6:eb:57:bf:34:dd:3d:17:e9:d2:78:70:4a:97:18:09:3d:
99:92:d2:58:74:6b:87:2d:b5:85:c4:5b:e0:6d:65:29:96:58:
2e:41:84:81:9f:74:d5:da:01:02:b8:ec:d4:a7:4a:87:d6:fc:
62:93:22:cb:e9:02:6b:ae:3f:44:ef:af:de:62:e2:95:e8:71:
e2:41:de:18
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFZnQ7WOpHcHFERWYjY2fnvmuUwgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMjNaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRmZjE2YmUyNjRmM2VlMmMxZDIxMjM5MTUxMTljZTFiZjk3YjJkNzdiZWI4
NDdiODBiMGQ2ZDJjYWFkMTRmMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGt+xKv2cW0zlXiHBXnxYVZC/Jtz1wuq+sML8/nn3Wsp2OedDmIwKS6icTO
Di9XqGWWrmlLONNlThN4WmbNdY7t5/jav4t8bQP711YzUJwT54IsseGR73ImTCzE
OTE1C69yryNpr0rKmfxfZL5R1tz9IZcblDwmuG/eusQpc8XTIYMVW2OyxDoxDd99
hqZQqFR6p4y7ou1z0ZVLFTDcdNYAhcBxNv5GoG2ChInC1i75Kh1zlC7X+M9SdOCA
QL2MeeRtTVGHxXUz7PAglp5rUWSWxmNjWWJv33RLMR2n+nSv3VeF6hNj7BWLYMff
jGD0c82ARgdbPGWHytdat37AuTsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQXn1F1
iCfbH1XD6Qwc5XscEZGO0jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDFjNGFkZWUtYjhkYy00NGUzLTk1OWEtZTRhYjEzZTYzYmE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAYRrPAVy8j+WGn1pWumgPkR8e9MWbSupTG68uzsuH
1rA9RlF6T6UiR7d+A45hufqygdCa8DTJ4FzGOtrK9b9amiKhY6fYzVp915Mc/zxK
jjXp3XN7/gVNdCnmz722gykctZjcJLsy9MulrMbvFZpKHXoK/vcL6BYRULt/VA8O
QnLgrtNC58uCGC2oTaCuF1DxzuBnhbAKLtQNjzjOx5gHor8FGovHxvTraknb/WIR
efnn0kQylcbrV7803T0X6dJ4cEqXGAk9mZLSWHRrhy21hcRb4G1lKZZYLkGEgZ90
1doBArjs1KdKh9b8YpMiy+kCa64/RO+v3mLilehx4kHeGA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:50:57 2025 by rpki-client