Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: JrG2nMlJVDN24rspTmM9UmeoagGC6W22EAgdjA4J2UM=
Subject key identifier: 20:F6:C0:8D:24:46:74:8B:E5:FD:BB:7B:EF:EA:16:0C:84:32:24:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5562A608AD001D780F11B6DD040BD4968A2C976D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Tue 21 Oct 2025 14:40:31 +0000
ROA not before: Tue 21 Oct 2025 14:40:31 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:62:a6:08:ad:00:1d:78:0f:11:b6:dd:04:0b:d4:96:8a:2c:97:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:31 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=4048d9cfd47808374849605f35d20f8f3848ebd8be4c47dfac18d8ae273322e8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b8:c0:64:65:e1:89:ef:9a:e0:b2:d3:dc:f7:
86:6d:2c:cc:79:e8:fd:76:ef:ae:8d:09:fc:31:7e:
c1:83:ed:c8:c2:ad:f1:32:87:24:55:c8:42:a2:2b:
e0:53:18:9b:be:00:01:24:08:d1:92:e6:a3:89:af:
c9:87:ef:80:c6:92:96:1f:b6:a0:bb:c6:ab:33:2f:
c4:e9:c4:e8:b8:5b:83:9b:92:38:fe:63:a3:58:10:
0a:3f:63:8e:2a:c6:c5:f9:2c:ac:d8:63:9b:a1:86:
36:18:c7:9d:fe:61:88:e6:57:90:4f:61:9e:00:d0:
5d:c9:36:8e:03:41:15:16:1e:b2:b5:79:ac:c8:99:
2b:54:c6:51:e1:9d:ae:2a:37:79:8f:56:24:1d:29:
00:d8:77:f3:cb:d0:37:3e:be:2f:19:4d:cd:c5:86:
32:be:20:a1:d0:9d:a6:2f:2f:a1:c1:3e:bb:bb:77:
d3:db:3c:6b:31:f4:1e:2c:9e:5c:0a:be:9b:e3:54:
51:65:44:b8:60:97:a9:e5:20:f3:82:25:a7:df:b4:
05:86:94:cb:67:7a:4c:e7:88:54:bc:7e:2d:03:ad:
0a:09:fc:12:1c:75:01:5e:f1:89:0b:a4:b5:37:7c:
1d:bf:b3:a9:d5:a7:f7:c1:c6:55:8f:4d:c8:b3:35:
5d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F6:C0:8D:24:46:74:8B:E5:FD:BB:7B:EF:EA:16:0C:84:32:24:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a8:09:d4:4b:89:6e:a7:17:cc:67:08:d8:50:17:ff:1a:c7:41:
a1:64:11:79:ac:a8:27:bc:67:88:76:b9:22:7e:78:8c:42:c4:
98:11:a0:d7:9c:32:06:05:e1:2c:72:26:c0:83:6f:b4:01:8d:
c1:95:42:fc:2f:dc:0b:7d:64:a8:48:bf:33:0e:10:f3:40:2f:
e7:f2:99:2e:f5:45:ca:f5:db:63:c6:a9:7f:6a:9a:40:e0:65:
5e:7d:c4:78:22:5e:ed:ac:5b:9f:7c:f1:5b:37:b2:f7:40:8a:
3b:c0:59:43:cb:07:b2:31:c6:5a:c4:39:d6:d4:9b:27:a9:c0:
b0:da:26:cc:74:a9:d9:2f:fa:97:26:a6:05:65:32:53:4e:23:
df:85:a1:81:61:2d:df:64:2e:e8:f6:96:8e:fe:35:7c:28:c4:
49:3c:cf:29:d4:b4:a3:c5:db:c9:9b:27:07:bb:04:09:42:5f:
ae:b1:dc:6c:c8:c2:73:84:f3:89:9d:9b:00:31:d7:9e:99:6b:
6e:a3:d0:b7:3a:47:00:5e:fe:a4:58:ca:5a:d6:ba:51:2e:5e:
fd:e7:f7:05:d6:b1:6b:0a:22:8a:27:d9:9f:9f:6a:4d:28:bf:
b4:1d:63:f1:a2:e8:bc:de:95:37:05:50:99:1c:f4:f9:a3:96:
88:00:76:18
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVWKmCK0AHXgPEbbdBAvUloosl20wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMzFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDQwNDhkOWNmZDQ3ODA4Mzc0ODQ5NjA1ZjM1ZDIwZjhmMzg0OGViZDhiZTRj
NDdkZmFjMThkOGFlMjczMzIyZTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI64wGRl4YnvmuCy09z3hm0szHno/Xbvro0J/DF+wYPtyMKt8TKHJFXIQqIr
4FMYm74AASQI0ZLmo4mvyYfvgMaSlh+2oLvGqzMvxOnE6Lhbg5uSOP5jo1gQCj9j
jirGxfksrNhjm6GGNhjHnf5hiOZXkE9hngDQXck2jgNBFRYesrV5rMiZK1TGUeGd
rio3eY9WJB0pANh388vQNz6+LxlNzcWGMr4godCdpi8vocE+u7t309s8azH0Hiye
XAq+m+NUUWVEuGCXqeUg84Ilp9+0BYaUy2d6TOeIVLx+LQOtCgn8Ehx1AV7xiQuk
tTd8Hb+zqdWn98HGVY9NyLM1XScCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQg9sCN
JEZ0i+X9u3vv6hYMhDIk4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQCoCdRLiW6nF8xnCNhQF/8ax0GhZBF5rKgnvGeIdrki
fniMQsSYEaDXnDIGBeEscibAg2+0AY3BlUL8L9wLfWSoSL8zDhDzQC/n8pku9UXK
9dtjxql/appA4GVefcR4Il7trFuffPFbN7L3QIo7wFlDyweyMcZaxDnW1JsnqcCw
2ibMdKnZL/qXJqYFZTJTTiPfhaGBYS3fZC7o9paO/jV8KMRJPM8p1LSjxdvJmycH
uwQJQl+usdxsyMJzhPOJnZsAMdeemWtuo9C3OkcAXv6kWMpa1rpRLl795/cF1rFr
CiKKJ9mfn2pNKL+0HWPxoui83pU3BVCZHPT5o5aIAHYY
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:42 2025 by rpki-client