Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: YNgcyLv7R/6yE22lO7q9xs2ryPEKPoZsNzpCSh4oZuw=
Subject key identifier: 90:32:23:29:A6:BF:AC:59:F5:52:97:EA:DB:92:8E:9C:25:B8:E6:82
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 661BBF84D72C392653704618A4428DC907552D50
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Fri 31 Oct 2025 02:00:22 +0000
ROA not before: Fri 31 Oct 2025 02:00:22 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:1b:bf:84:d7:2c:39:26:53:70:46:18:a4:42:8d:c9:07:55:2d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:22 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=d2243a99855e26a9a71a172057eea3d449ed97fae3421eff6a21d63024f04bd2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8d:86:1a:64:9e:5f:cd:02:97:9d:f5:50:97:
33:2d:85:be:aa:cd:06:0a:ea:8f:5c:d0:02:a4:40:
09:13:24:2d:ce:bd:94:ef:80:0c:5b:8e:c1:f4:56:
18:e4:14:ff:e8:fc:70:24:9b:29:69:92:0b:9f:33:
bf:19:e0:b3:90:f6:6c:0f:c8:4c:cd:9b:fe:b4:13:
b4:20:8b:7b:8f:18:88:fe:1d:7e:f5:c9:d2:74:1c:
b2:97:95:93:f9:92:47:6a:dd:5b:32:25:4c:9f:7a:
ed:e4:25:d1:03:ce:2a:b3:04:aa:e3:5c:b7:5f:01:
a7:96:81:1d:c1:11:2e:26:04:92:0a:f8:eb:07:80:
f9:95:c9:82:c7:ad:4e:1e:f2:3a:7b:01:a0:7d:f6:
a8:0c:48:e3:e3:33:f0:90:91:24:8a:18:b6:d9:01:
d2:9f:fc:d5:88:5e:a3:e0:52:df:54:98:12:13:fd:
f4:d6:de:89:a8:80:bd:e5:d2:ba:b7:36:85:77:9b:
68:41:93:1d:6b:af:41:3e:22:62:10:ae:dc:70:bc:
53:ca:45:98:bd:f8:8e:8d:53:b4:34:7f:19:72:7e:
c2:d0:21:00:ab:f6:b1:6c:4e:a9:b8:06:91:30:70:
1f:be:a5:c3:76:ec:71:57:e0:b0:af:ea:fb:1c:93:
87:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:32:23:29:A6:BF:AC:59:F5:52:97:EA:DB:92:8E:9C:25:B8:E6:82
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
40:69:d0:68:18:70:1c:2d:fe:d8:07:ff:27:82:60:dd:f9:11:
c1:04:d0:de:83:a8:29:4e:85:05:7e:6b:08:6e:2f:dc:6e:20:
5e:70:28:38:4b:32:04:c2:62:09:b2:c9:22:72:81:bf:73:d6:
e1:46:ff:f4:51:7b:52:d0:4e:1b:d4:74:cd:ce:fa:71:88:12:
44:59:95:61:db:43:69:e6:33:69:66:8f:5c:92:01:e5:2d:69:
94:28:e6:78:b6:93:21:93:08:68:93:a9:28:10:dd:42:df:58:
de:80:1d:b1:7e:81:84:11:c2:53:06:2e:01:88:4c:38:d9:3c:
08:9e:39:b7:68:71:9f:f8:0b:e7:41:eb:b0:2d:53:48:a7:59:
41:42:53:4a:cd:93:84:d9:4b:04:64:b6:1a:33:17:0b:67:ec:
9a:00:e7:9b:f0:95:98:83:b1:ed:53:40:cd:7d:d1:9d:4d:fc:
f7:3d:65:25:d5:38:36:47:0e:05:f7:e4:da:3d:01:f8:78:3b:
c9:97:75:66:56:93:d3:6e:38:9a:b9:5b:bc:7b:43:87:c3:52:
88:87:3c:8e:df:d4:75:7a:e0:a4:01:1b:50:b8:a0:2a:dd:0c:
f8:fc:06:29:39:5f:09:9c:6d:d9:3b:4a:f3:89:d3:d2:8a:0c:
e2:fd:26:12
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZhu/hNcsOSZTcEYYpEKNyQdVLVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMjJaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyMjQzYTk5ODU1ZTI2YTlhNzFhMTcyMDU3ZWVhM2Q0NDllZDk3ZmFlMzQy
MWVmZjZhMjFkNjMwMjRmMDRiZDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMqNhhpknl/NAped9VCXMy2FvqrNBgrqj1zQAqRACRMkLc69lO+ADFuOwfRW
GOQU/+j8cCSbKWmSC58zvxngs5D2bA/ITM2b/rQTtCCLe48YiP4dfvXJ0nQcspeV
k/mSR2rdWzIlTJ967eQl0QPOKrMEquNct18Bp5aBHcERLiYEkgr46weA+ZXJgset
Th7yOnsBoH32qAxI4+Mz8JCRJIoYttkB0p/81Yheo+BS31SYEhP99NbeiaiAveXS
urc2hXebaEGTHWuvQT4iYhCu3HC8U8pFmL34jo1TtDR/GXJ+wtAhAKv2sWxOqbgG
kTBwH76lw3bscVfgsK/q+xyTh/ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSQMiMp
pr+sWfVSl+rbko6cJbjmgjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAQGnQaBhwHC3+2Af/J4Jg3fkRwQTQ3oOoKU6FBX5r
CG4v3G4gXnAoOEsyBMJiCbLJInKBv3PW4Ub/9FF7UtBOG9R0zc76cYgSRFmVYdtD
aeYzaWaPXJIB5S1plCjmeLaTIZMIaJOpKBDdQt9Y3oAdsX6BhBHCUwYuAYhMONk8
CJ45t2hxn/gL50HrsC1TSKdZQUJTSs2ThNlLBGS2GjMXC2fsmgDnm/CVmIOx7VNA
zX3RnU389z1lJdU4NkcOBffk2j0B+Hg7yZd1ZlaT0244mrlbvHtDh8NSiIc8jt/U
dXrgpAEbULigKt0M+PwGKTlfCZxt2TtK84nT0ooM4v0mEg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:38:38 2025 by rpki-client