Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: ytK0njkxM0d5RRqSLSIiSZGph1i9JhA+O0JUICU/6RY=
Subject key identifier: 23:43:78:F6:45:7A:4C:5B:0B:B1:C5:02:22:D7:CD:9B:F8:62:05:2F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7205BA76340F4ABB4489479B5BC25C207AEC85E5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Fri 31 Oct 2025 02:00:22 +0000
ROA not before: Fri 31 Oct 2025 02:00:22 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:05:ba:76:34:0f:4a:bb:44:89:47:9b:5b:c2:5c:20:7a:ec:85:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:22 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=86b6427d39084a8e8d112d8113af74d7ec1fe31e1b43c04b0161d5101227383f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3b:12:ed:a0:c1:d3:cb:a9:bc:d2:a5:8a:21:
54:9c:a1:c0:f8:a1:6f:59:5c:3b:44:51:d0:8f:e3:
82:e2:5b:ca:fe:52:7a:d6:24:6c:0f:d7:0d:13:64:
77:de:67:6d:be:11:68:2b:5f:57:7e:5a:07:7f:55:
d0:89:e5:61:80:82:d3:54:f9:c7:78:ed:ce:a6:87:
6b:30:91:35:9b:7c:c2:54:f1:92:7c:36:8d:1b:de:
2b:9b:ce:d4:67:7a:29:10:76:e8:ae:95:ee:fd:90:
25:9e:5c:19:af:de:20:4b:a1:f8:64:25:c2:79:59:
dc:77:83:c3:e6:d8:90:6d:13:e9:ee:f3:bd:ea:17:
44:39:b7:28:48:a9:c9:8b:0d:1e:c2:30:9a:2d:f3:
ee:63:f1:f2:9c:44:0a:83:b4:8f:fb:f8:2a:26:e7:
49:5a:28:3c:ed:0f:a1:41:7d:91:98:c1:e2:ff:f3:
b0:eb:9f:b5:7b:2a:9e:51:53:54:ec:86:41:cc:8e:
5c:02:f9:60:2a:71:cb:1b:6d:1a:86:d9:00:6d:36:
9c:92:ba:a9:6a:0a:ac:a9:85:18:3d:77:25:7f:57:
1b:97:e3:02:40:56:10:a5:04:a8:e6:c9:b7:b4:f1:
5c:d9:9a:2f:fc:df:cb:c0:49:5a:7c:58:fb:6a:f8:
64:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:43:78:F6:45:7A:4C:5B:0B:B1:C5:02:22:D7:CD:9B:F8:62:05:2F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:55:23:d4:c4:c8:b1:7f:21:05:1f:f3:1c:38:4f:fc:f1:f8:
fb:c7:c2:1d:b7:3e:ec:65:2f:4d:ec:fb:61:a9:56:73:be:d3:
f0:55:be:68:86:79:92:22:5a:28:24:1a:a5:ea:8a:1f:52:ce:
b2:65:40:d1:a7:9c:2f:04:8c:4c:06:32:1c:8d:45:42:0f:5d:
9b:67:4e:cd:8c:6b:7e:7e:f1:e8:92:c1:33:ac:f0:d3:20:ce:
2f:84:e1:26:60:bf:af:c5:4a:aa:a5:0e:53:1d:2a:ab:c1:e7:
ab:df:cd:67:9f:db:7f:27:08:6c:7b:53:c4:9e:ec:a5:2c:cf:
1e:cd:ea:de:04:25:d2:35:15:ad:8d:68:d5:a1:53:b3:e6:8c:
48:e9:af:32:52:6a:18:7a:a6:ab:b9:ea:5c:31:32:34:d4:a5:
8a:9d:35:9b:eb:12:aa:3b:a8:8b:ba:61:cc:ac:c9:b1:81:11:
75:ea:42:3d:c9:d2:ae:3d:5f:7c:a5:bf:ec:98:5d:42:1f:37:
2a:98:dc:0a:70:86:36:52:af:9d:e3:5c:90:45:5e:0b:57:dd:
fa:d3:5b:60:cd:0f:c5:03:66:d2:a9:47:4e:67:0e:98:2d:e6:
ba:52:d5:9b:59:f7:7f:bc:a0:25:f0:11:1b:6d:21:a4:29:86:
e0:fb:55:9a
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUcgW6djQPSrtEiUebW8JcIHrsheUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMjJaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YjY0MjdkMzkwODRhOGU4ZDExMmQ4MTEzYWY3NGQ3ZWMxZmUzMWUxYjQz
YzA0YjAxNjFkNTEwMTIyNzM4M2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK47Eu2gwdPLqbzSpYohVJyhwPihb1lcO0RR0I/jguJbyv5SetYkbA/XDRNk
d95nbb4RaCtfV35aB39V0InlYYCC01T5x3jtzqaHazCRNZt8wlTxknw2jRveK5vO
1Gd6KRB26K6V7v2QJZ5cGa/eIEuh+GQlwnlZ3HeDw+bYkG0T6e7zveoXRDm3KEip
yYsNHsIwmi3z7mPx8pxECoO0j/v4KibnSVooPO0PoUF9kZjB4v/zsOuftXsqnlFT
VOyGQcyOXAL5YCpxyxttGobZAG02nJK6qWoKrKmFGD13JX9XG5fjAkBWEKUEqObJ
t7TxXNmaL/zfy8BJWnxY+2r4ZLUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQjQ3j2
RXpMWwuxxQIi182b+GIFLzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAs1Uj1MTIsX8hBR/zHDhP/PH4+8fCHbc+7GUvTez7
YalWc77T8FW+aIZ5kiJaKCQapeqKH1LOsmVA0aecLwSMTAYyHI1FQg9dm2dOzYxr
fn7x6JLBM6zw0yDOL4ThJmC/r8VKqqUOUx0qq8Hnq9/NZ5/bfycIbHtTxJ7spSzP
Hs3q3gQl0jUVrY1o1aFTs+aMSOmvMlJqGHqmq7nqXDEyNNSlip01m+sSqjuoi7ph
zKzJsYERdepCPcnSrj1ffKW/7JhdQh83KpjcCnCGNlKvneNckEVeC1fd+tNbYM0P
xQNm0qlHTmcOmC3mulLVm1n3f7ygJfARG20hpCmG4PtVmg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:30:25 2025 by rpki-client