Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: bWQBKobMjtXErVsxuu26E+xaqY/Bcx9wuatJu8zDero=
Subject key identifier: 03:9E:57:BC:F7:ED:15:33:AB:22:D1:FD:BF:D6:53:3F:6B:F0:92:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 260CF0004073200892B183267450334D5936ACD9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Fri 24 Oct 2025 00:40:22 +0000
ROA not before: Fri 24 Oct 2025 00:40:22 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:0c:f0:00:40:73:20:08:92:b1:83:26:74:50:33:4d:59:36:ac:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:22 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=50f5a21cb42d729f7b9a3c798a732dee9d675379b8abfd0b141b485837b2241d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:cc:3b:88:3d:7d:5b:ef:39:99:1f:90:29:8b:
5d:dd:2d:30:0b:e8:c1:e1:fa:1d:27:06:7c:9c:e0:
36:aa:0d:f6:0f:52:aa:ee:42:94:67:b7:ea:d8:50:
e5:b7:66:c4:b6:08:4d:91:ca:68:b9:59:a1:b1:3c:
13:bf:e4:32:fd:d4:42:e7:a8:8b:ca:7b:06:31:4e:
56:7c:68:7b:d9:78:21:6b:d0:07:8e:ea:1d:ec:c5:
48:71:10:18:4e:56:24:4c:d3:ed:8c:00:bd:de:d8:
0b:8f:92:2f:e3:9d:bc:cc:a8:7a:36:78:9c:7c:26:
d1:50:6f:dd:77:9b:89:6c:47:aa:23:2e:a9:60:92:
c6:ec:b9:4a:f8:3b:7d:17:2b:08:ba:c1:42:b4:35:
86:d8:bb:c7:f9:12:b0:af:70:2a:f0:81:d4:05:f6:
62:92:c0:6d:ba:88:84:58:74:a9:c0:8b:8d:4c:dd:
02:f5:bc:ac:05:a9:2d:64:b6:3b:ce:79:78:13:f9:
72:1a:1d:92:03:73:47:b4:5f:a9:93:3a:66:e8:e0:
46:22:8a:47:c8:53:05:3d:7e:32:44:04:1a:82:fb:
21:a5:a4:1f:cb:48:3d:46:bb:f7:da:92:f2:60:29:
d0:a1:92:7c:78:95:b7:7a:b3:92:c4:20:e9:24:aa:
03:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9E:57:BC:F7:ED:15:33:AB:22:D1:FD:BF:D6:53:3F:6B:F0:92:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:8c:c3:78:f7:b4:02:67:05:8c:69:d2:fb:0d:e1:92:a1:fd:
77:75:18:b9:e4:29:99:06:cd:3e:51:89:da:ff:12:9b:be:c1:
ca:40:cf:92:1f:e5:06:d0:b3:7f:4e:bc:d7:11:06:6a:49:88:
94:1c:cb:2a:21:5d:77:7e:20:63:3c:53:75:f1:93:b7:dd:b4:
3b:7d:27:f6:a4:43:01:c6:bc:a4:c3:4e:49:4d:ff:a3:ca:fa:
dd:88:83:f2:39:e3:ee:53:e5:d2:7d:f9:81:34:c8:85:ec:c9:
4c:a5:e4:28:a4:c9:74:9c:53:ef:5b:c4:4a:79:7b:d2:27:fe:
a3:48:cd:e7:94:2f:5b:02:22:43:9c:f6:70:e9:e9:5d:68:28:
04:e5:db:cc:f5:09:4d:9d:fe:e0:c6:05:48:57:b8:c1:84:4d:
e0:40:69:6b:77:98:61:67:0d:1c:c6:84:5f:23:87:be:8f:72:
90:93:ba:fd:98:0f:f8:4c:3a:b0:d2:89:af:b3:ea:ad:e5:d1:
6c:fb:80:dc:84:9a:96:2d:ba:da:5e:12:fb:74:74:9a:bd:ab:
87:c3:eb:4b:fc:b1:4a:9d:21:b8:93:59:93:6d:dd:e9:5c:d6:
60:63:6e:ac:67:d1:d6:5d:a0:c4:fb:43:e9:91:4f:01:5f:66:
88:49:c7:89
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUJgzwAEBzIAiSsYMmdFAzTVk2rNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjJaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwZjVhMjFjYjQyZDcyOWY3YjlhM2M3OThhNzMyZGVlOWQ2NzUzNzliOGFi
ZmQwYjE0MWI0ODU4MzdiMjI0MWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPbMO4g9fVvvOZkfkCmLXd0tMAvoweH6HScGfJzgNqoN9g9Squ5ClGe36thQ
5bdmxLYITZHKaLlZobE8E7/kMv3UQueoi8p7BjFOVnxoe9l4IWvQB47qHezFSHEQ
GE5WJEzT7YwAvd7YC4+SL+OdvMyoejZ4nHwm0VBv3XebiWxHqiMuqWCSxuy5Svg7
fRcrCLrBQrQ1hti7x/kSsK9wKvCB1AX2YpLAbbqIhFh0qcCLjUzdAvW8rAWpLWS2
O855eBP5chodkgNzR7RfqZM6ZujgRiKKR8hTBT1+MkQEGoL7IaWkH8tIPUa799qS
8mAp0KGSfHiVt3qzksQg6SSqA4cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQDnle8
9+0VM6si0f2/1lM/a/CS5zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEAeozDePe0AmcFjGnS+w3hkqH9d3UYueQpmQbNPlGJ
2v8Sm77BykDPkh/lBtCzf0681xEGakmIlBzLKiFdd34gYzxTdfGTt920O30n9qRD
Aca8pMNOSU3/o8r63YiD8jnj7lPl0n35gTTIhezJTKXkKKTJdJxT71vESnl70if+
o0jN55QvWwIiQ5z2cOnpXWgoBOXbzPUJTZ3+4MYFSFe4wYRN4EBpa3eYYWcNHMaE
XyOHvo9ykJO6/ZgP+Ew6sNKJr7PqreXRbPuA3ISali262l4S+3R0mr2rh8PrS/yx
Sp0huJNZk23d6VzWYGNurGfR1l2gxPtD6ZFPAV9miEnHiQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:43 2025 by rpki-client