Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: pQgntMSDhUDW4cLD15Pkp09tV7OLq8QdLNsvYwtfIwE=
Subject key identifier: DA:09:C2:66:77:25:61:11:6C:EB:3B:35:EE:42:CF:D7:75:D8:70:08
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01122CA7D24EA1C77A799D91C870A4B9E6001E02
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Tue 21 Oct 2025 14:50:39 +0000
ROA not before: Tue 21 Oct 2025 14:50:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:12:2c:a7:d2:4e:a1:c7:7a:79:9d:91:c8:70:a4:b9:e6:00:1e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f3b302d534a2e4c4a05b342fd5a5cfcc0ce3380fc89b155d62995ab15c7cbf13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a6:a0:c4:ec:1a:db:86:a6:7d:2d:56:45:f1:
03:3b:90:be:31:df:55:8d:40:68:f9:30:7e:80:8f:
58:e2:db:6c:3c:91:25:d4:0a:1e:2e:07:bd:19:f6:
4f:70:5c:48:21:04:f4:fd:e9:9b:a1:28:45:4a:40:
cf:d4:27:4f:4a:e8:b5:39:5a:6d:98:64:e0:a6:ae:
33:b0:af:b2:4f:dc:37:2b:81:48:57:6d:79:13:45:
2e:13:da:9e:b5:c7:ba:d9:64:c0:ec:7b:65:37:8d:
6b:51:ff:ef:ad:19:70:5d:78:6a:5e:a2:27:c0:7c:
e5:2d:4d:83:47:b2:b0:b0:32:6f:c6:d8:86:be:21:
b0:8c:ae:bd:db:e4:db:19:f2:a6:46:e6:ac:6d:90:
de:8a:94:db:67:b8:35:91:23:21:e5:27:d6:d0:db:
fb:12:41:74:13:20:79:22:ac:60:20:9c:4c:76:f3:
0e:0f:a4:e3:bf:7f:72:97:2c:67:cb:2f:b8:53:0e:
87:46:6c:d1:56:47:1b:11:ef:84:26:8d:d1:74:20:
0c:c3:92:36:1c:a6:9a:87:b1:a5:9f:5e:1b:19:78:
ff:d9:7a:f1:c9:b0:ea:19:db:94:54:10:8b:0e:1f:
41:78:30:67:ff:e9:c0:12:59:82:a6:40:b9:79:7f:
56:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:09:C2:66:77:25:61:11:6C:EB:3B:35:EE:42:CF:D7:75:D8:70:08
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:6b:42:55:40:87:c1:6d:d0:8e:72:5f:7e:06:d8:eb:7c:e3:
7d:f8:a2:33:c7:ed:28:20:fb:83:a1:5a:e5:83:06:30:5b:ea:
ee:0f:b0:1e:0c:d7:e2:a9:14:af:0c:83:17:6b:ba:99:26:26:
01:23:42:6f:d8:a8:5c:7d:8c:a1:47:c8:fc:a8:44:78:fb:61:
bb:42:19:9a:53:4e:e1:26:63:b3:71:88:96:b6:b3:cb:9b:fe:
d2:d8:85:c6:80:b7:39:c5:a1:04:1a:1a:eb:a4:b2:a2:f0:4e:
8f:30:e6:d4:f7:60:1b:c3:90:b2:ca:9f:8a:b5:08:30:24:dc:
76:db:12:b2:20:3e:10:9d:c8:22:ff:d8:25:31:46:ff:fd:73:
4d:30:b2:77:04:ab:01:0b:11:15:1f:c2:1e:4f:b7:d7:2b:da:
b4:cf:38:98:5d:b4:37:9d:cc:59:c5:f3:c5:ab:3e:72:f9:6c:
8b:7a:c0:47:fa:1c:95:77:d9:02:b4:5c:d4:bd:e7:9c:87:cd:
b1:14:ef:a1:ef:08:9a:21:1d:21:48:d6:a4:ce:b8:b8:e7:78:
e1:43:31:20:b5:bd:7c:e7:c3:eb:8d:54:2f:9d:5f:5e:d8:35:
ea:8e:a9:b0:f9:6c:6f:93:67:1e:d9:76:66:91:e9:c7:03:ee:
d4:5e:33:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUARIsp9JOocd6eZ2RyHCkueYAHgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGYzYjMwMmQ1MzRhMmU0YzRhMDViMzQyZmQ1YTVjZmNjMGNlMzM4MGZjODli
MTU1ZDYyOTk1YWIxNWM3Y2JmMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMCmoMTsGtuGpn0tVkXxAzuQvjHfVY1AaPkwfoCPWOLbbDyRJdQKHi4HvRn2
T3BcSCEE9P3pm6EoRUpAz9QnT0rotTlabZhk4KauM7Cvsk/cNyuBSFdteRNFLhPa
nrXHutlkwOx7ZTeNa1H/760ZcF14al6iJ8B85S1Ng0eysLAyb8bYhr4hsIyuvdvk
2xnypkbmrG2Q3oqU22e4NZEjIeUn1tDb+xJBdBMgeSKsYCCcTHbzDg+k479/cpcs
Z8svuFMOh0Zs0VZHGxHvhCaN0XQgDMOSNhymmoexpZ9eGxl4/9l68cmw6hnblFQQ
iw4fQXgwZ//pwBJZgqZAuXl/VoUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTaCcJm
dyVhEWzrOzXuQs/XddhwCDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQC/a0JVQIfBbdCOcl9+BtjrfON9+KIzx+0oIPuDoVrl
gwYwW+ruD7AeDNfiqRSvDIMXa7qZJiYBI0Jv2KhcfYyhR8j8qER4+2G7QhmaU07h
JmOzcYiWtrPLm/7S2IXGgLc5xaEEGhrrpLKi8E6PMObU92Abw5Cyyp+KtQgwJNx2
2xKyID4Qncgi/9glMUb//XNNMLJ3BKsBCxEVH8IeT7fXK9q0zziYXbQ3ncxZxfPF
qz5y+WyLesBH+hyVd9kCtFzUveech82xFO+h7wiaIR0hSNakzri453jhQzEgtb18
58PrjVQvnV9e2DXqjqmw+Wxvk2ce2XZmkenHA+7UXjNm
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:00:45 2025 by rpki-client