Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: yfqBkT5M3jzKSXw2bV4tOCPHI0V+03LS0hUW7lHyJBg=
Subject key identifier: B3:EE:EC:EE:27:2C:1A:4C:0E:88:E8:A1:6E:97:A7:CA:F5:EA:57:6D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5D565CBE19ED11024BF0B03FF871746D339EF992
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Tue 21 Oct 2025 15:00:29 +0000
ROA not before: Tue 21 Oct 2025 15:00:29 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:56:5c:be:19:ed:11:02:4b:f0:b0:3f:f8:71:74:6d:33:9e:f9:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:29 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=5067f2a56bdaea6251340b73f067e7df198ce08a4d2f57151570239682ce4d8a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:38:a5:7e:7d:9e:d2:83:ca:48:4e:80:10:4a:
55:1c:d4:27:92:dd:d8:53:9a:5e:ad:53:44:f8:d2:
99:36:7e:32:c4:e3:1d:90:6f:ce:96:41:25:9f:c4:
f8:8f:63:8b:db:9a:84:b3:01:67:d6:c4:a6:52:0a:
f5:33:1a:de:f6:c6:90:d2:62:dd:35:37:1e:b1:9a:
e5:1e:4e:19:1b:7a:ff:a6:b7:75:96:85:16:39:11:
c3:7a:25:4f:bd:bd:eb:62:ef:2e:f1:39:49:cd:43:
d6:b9:1b:dd:cc:06:a2:5b:95:5a:21:0e:05:15:df:
10:11:18:87:91:5f:57:8c:53:80:b3:ee:87:32:19:
2e:0c:f1:84:63:d2:29:9a:24:d0:88:32:4c:16:42:
18:c5:2e:19:e9:f6:f1:6e:f9:bb:9d:38:5d:e2:36:
f1:f3:31:af:41:7a:f5:3d:d8:8f:69:60:4d:ba:c8:
ad:75:60:8d:98:f7:6f:b2:8f:87:c3:09:93:67:a4:
2f:0f:ae:67:31:a2:e8:31:4e:39:d3:b2:d2:db:01:
bb:8c:8c:a6:56:ff:f0:3f:c5:15:47:3f:20:6e:67:
c2:02:35:a0:52:50:65:b7:82:a3:5e:0f:ec:16:8b:
33:95:de:63:eb:01:dc:11:08:01:57:2f:5a:1e:23:
67:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EE:EC:EE:27:2C:1A:4C:0E:88:E8:A1:6E:97:A7:CA:F5:EA:57:6D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
85:74:29:03:42:ac:44:de:d0:99:bb:0b:3d:f1:4e:cb:3e:b4:
01:56:f2:43:64:03:6e:d3:67:56:6a:5c:61:01:76:17:50:5a:
65:bc:2d:6d:32:e7:c7:56:c3:50:f5:79:f3:4f:8a:62:c8:ad:
83:ed:43:45:6e:4b:17:8d:c1:09:08:fb:67:80:61:5f:20:79:
5c:46:7e:61:26:2f:a8:8d:74:08:e1:6d:b6:e5:cd:8d:85:46:
02:9e:56:cb:01:33:d9:81:67:39:a4:11:22:2e:15:0c:4a:d1:
df:81:1b:be:16:48:07:c9:19:55:57:a1:9c:75:30:27:7f:34:
a8:22:ec:57:d3:2b:b1:e5:15:72:66:52:d5:a5:43:7c:73:d4:
3a:2b:48:5d:31:3b:aa:9d:5e:40:bd:08:0d:fd:8f:f3:c3:15:
bd:db:d0:d6:40:30:a3:2a:3b:36:8a:81:a9:45:7f:bc:48:c9:
36:b0:67:0a:9f:a5:9d:e5:39:81:b2:a1:48:91:84:de:73:9e:
4b:e9:4b:3c:e5:13:74:e6:e9:2e:04:41:2e:06:a7:a9:44:49:
2a:31:cf:4a:c7:02:29:d1:db:9a:2d:6c:8a:2f:29:91:ce:55:
f5:0c:ac:29:02:64:57:96:2c:63:00:b7:55:6a:06:7d:fb:3c:
e6:fb:e4:b6
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXVZcvhntEQJL8LA/+HF0bTOe+ZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMjlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDUwNjdmMmE1NmJkYWVhNjI1MTM0MGI3M2YwNjdlN2RmMTk4Y2UwOGE0ZDJm
NTcxNTE1NzAyMzk2ODJjZTRkOGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJM4pX59ntKDykhOgBBKVRzUJ5Ld2FOaXq1TRPjSmTZ+MsTjHZBvzpZBJZ/E
+I9ji9uahLMBZ9bEplIK9TMa3vbGkNJi3TU3HrGa5R5OGRt6/6a3dZaFFjkRw3ol
T72962LvLvE5Sc1D1rkb3cwGoluVWiEOBRXfEBEYh5FfV4xTgLPuhzIZLgzxhGPS
KZok0IgyTBZCGMUuGen28W75u504XeI28fMxr0F69T3Yj2lgTbrIrXVgjZj3b7KP
h8MJk2ekLw+uZzGi6DFOOdOy0tsBu4yMplb/8D/FFUc/IG5nwgI1oFJQZbeCo14P
7BaLM5XeY+sB3BEIAVcvWh4jZwUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSz7uzu
JywaTA6I6KFul6fK9epXbTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAhXQpA0KsRN7QmbsLPfFOyz60AVbyQ2QDbtNnVmpc
YQF2F1BaZbwtbTLnx1bDUPV580+KYsitg+1DRW5LF43BCQj7Z4BhXyB5XEZ+YSYv
qI10COFttuXNjYVGAp5WywEz2YFnOaQRIi4VDErR34EbvhZIB8kZVVehnHUwJ380
qCLsV9MrseUVcmZS1aVDfHPUOitIXTE7qp1eQL0IDf2P88MVvdvQ1kAwoyo7NoqB
qUV/vEjJNrBnCp+lneU5gbKhSJGE3nOeS+lLPOUTdObpLgRBLganqURJKjHPSscC
KdHbmi1sii8pkc5V9QysKQJkV5YsYwC3VWoGffs85vvktg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:27:24 2025 by rpki-client