Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
File: 15288dfc-bb6b-43a2-9ec3-7275954dae14.roa (raw, json)
Hash identifier: nUi3zbRMH9eP06E4xsTU+xD5Eqq8pC1ywCP54C+EhEU=
Subject key identifier: DE:B4:78:68:76:5C:00:00:8E:1E:7F:6A:3A:8C:AC:B0:D1:20:BC:76
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 35342AA2AEFD808C17C05D805991A808DF257FE9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
Signing time: Tue 04 Nov 2025 00:20:06 +0000
ROA not before: Tue 04 Nov 2025 00:20:06 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:34:2a:a2:ae:fd:80:8c:17:c0:5d:80:59:91:a8:08:df:25:7f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:20:06 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=a3256f2408e80a12d8a4f3262376d3dd71bea869c7eebfa791353376a3678251, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f3:4e:dc:fa:45:7b:94:23:ac:ea:68:4e:75:
ac:70:a2:31:9e:28:87:5a:1b:c2:85:82:b5:65:3e:
34:be:2f:9c:86:54:94:5a:d3:1b:33:20:df:26:e9:
b9:57:cd:2d:69:e3:08:8c:78:7c:f2:27:b3:c8:63:
80:e9:c6:c7:c8:e1:50:31:28:a3:d2:fb:ca:d3:16:
c1:9f:6b:1a:2c:d3:3d:40:05:6f:2e:7a:71:c4:9d:
89:37:7e:40:ec:38:fd:c3:e7:45:42:61:01:9d:15:
b8:3b:f4:4b:b8:96:4b:66:55:16:e4:c4:c8:29:8f:
7a:98:18:ee:bf:c5:56:12:fa:b9:d1:05:cc:0b:0d:
ad:fd:f7:e8:00:fd:22:2c:c5:d8:8a:65:01:3f:68:
a4:af:30:c8:c2:5d:ec:7d:e1:cf:11:0e:69:af:3f:
11:86:48:c3:2f:19:f7:48:3a:08:25:72:2e:eb:53:
4b:b7:32:75:9b:ca:70:5f:05:1f:5d:d2:51:4e:b3:
95:33:d6:eb:66:c9:23:ff:98:ec:f5:4a:8a:a9:52:
e3:c8:bf:0d:76:d8:b1:9e:7d:6a:85:48:ed:ee:4e:
4e:2d:4e:1b:04:fc:ce:56:82:7b:b3:b1:53:a2:15:
94:74:14:b7:c0:05:14:fb:7a:b7:82:c4:75:98:e0:
d1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:B4:78:68:76:5C:00:00:8E:1E:7F:6A:3A:8C:AC:B0:D1:20:BC:76
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15288dfc-bb6b-43a2-9ec3-7275954dae14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.160.0/19
Signature Algorithm: sha256WithRSAEncryption
c4:79:b4:4b:8e:12:14:1c:a5:59:be:75:df:04:77:b9:b4:b7:
49:12:82:16:d8:a7:7e:b2:e5:dd:d9:02:03:06:af:00:51:ab:
e5:ea:ac:9d:cb:69:4f:1d:cd:df:4d:5a:c9:06:8d:7c:c1:a3:
fa:5a:c3:4e:58:ab:38:a2:d4:72:2b:77:a8:d9:4d:2d:8e:b9:
df:11:99:f2:65:c3:3e:0d:35:4c:b3:db:c9:98:49:63:04:ef:
80:53:fb:3a:a4:48:ae:3d:d5:f4:0c:5a:e9:64:4a:f9:16:3f:
78:f4:56:17:f6:b6:76:26:23:3f:a9:cd:51:6b:97:1b:8e:e6:
fb:f0:ad:ee:fd:75:21:71:1e:9c:d8:88:50:b5:7c:36:e2:eb:
fd:93:d3:f3:05:af:51:cc:34:4f:8f:f5:8c:0c:4d:87:ee:42:
72:22:0e:c0:3b:18:54:4e:96:a7:e6:56:58:07:c7:0f:fa:c8:
6f:e4:1a:c7:36:eb:7e:f0:ac:80:9a:a3:41:26:4c:16:54:7b:
ca:7d:70:c6:2f:28:bf:28:05:16:2f:2a:ab:a0:60:27:cb:b8:
5f:10:7c:e4:e5:b8:7c:6f:a2:f6:91:ff:37:80:99:c3:67:e9:
5b:2d:30:d6:63:0f:de:45:df:a6:28:3e:db:e3:58:86:5b:06:
62:2d:e7:0e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNTQqoq79gIwXwF2AWZGoCN8lf+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMDQwMDIwMDZaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzMjU2ZjI0MDhlODBhMTJkOGE0ZjMyNjIzNzZkM2RkNzFiZWE4NjljN2Vl
YmZhNzkxMzUzMzc2YTM2NzgyNTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANfzTtz6RXuUI6zqaE51rHCiMZ4oh1obwoWCtWU+NL4vnIZUlFrTGzMg3ybp
uVfNLWnjCIx4fPIns8hjgOnGx8jhUDEoo9L7ytMWwZ9rGizTPUAFby56ccSdiTd+
QOw4/cPnRUJhAZ0VuDv0S7iWS2ZVFuTEyCmPepgY7r/FVhL6udEFzAsNrf336AD9
IizF2IplAT9opK8wyMJd7H3hzxEOaa8/EYZIwy8Z90g6CCVyLutTS7cydZvKcF8F
H13SUU6zlTPW62bJI/+Y7PVKiqlS48i/DXbYsZ59aoVI7e5OTi1OGwT8zlaCe7Ox
U6IVlHQUt8AFFPt6t4LEdZjg0f0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTetHho
dlwAAI4ef2o6jKyw0SC8djAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTUyODhkZmMtYmI2Yi00M2EyLTllYzMtNzI3NTk1NGRhZTE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3oDAN
BgkqhkiG9w0BAQsFAAOCAQEAxHm0S44SFBylWb513wR3ubS3SRKCFtinfrLl3dkC
AwavAFGr5eqsnctpTx3N301ayQaNfMGj+lrDTlirOKLUcit3qNlNLY653xGZ8mXD
Pg01TLPbyZhJYwTvgFP7OqRIrj3V9Axa6WRK+RY/ePRWF/a2diYjP6nNUWuXG47m
+/Ct7v11IXEenNiIULV8NuLr/ZPT8wWvUcw0T4/1jAxNh+5CciIOwDsYVE6Wp+ZW
WAfHD/rIb+QaxzbrfvCsgJqjQSZMFlR7yn1wxi8ovygFFi8qq6BgJ8u4XxB85OW4
fG+i9pH/N4CZw2fpWy0w1mMP3kXfpig+2+NYhlsGYi3nDg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:15 2025 by rpki-client