Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
File: 2dbc9912-b766-4000-9f7c-cb9e37916980.roa (raw, json)
Hash identifier: 6BBYL33J9RiT+ve4BI809M8biO3SdxfSAt2v5kKCNtI=
Subject key identifier: D5:B4:14:BC:6A:34:2B:6E:03:BB:64:0B:3B:C9:98:84:AB:85:74:C4
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5C411161A902E376C5B1F149206CB3E8F91A6CE2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
Signing time: Tue 04 Nov 2025 00:20:05 +0000
ROA not before: Tue 04 Nov 2025 00:20:05 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:41:11:61:a9:02:e3:76:c5:b1:f1:49:20:6c:b3:e8:f9:1a:6c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:20:05 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=6fd9b3bcc08b9615e06af96040fcedbe38fa003d4d39a3bc9bd7ef39f327e557, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:c6:fc:e2:5f:37:f7:af:c0:8d:01:00:9d:
57:aa:3b:31:22:db:0a:ad:86:14:3c:0c:c7:d3:bf:
33:4a:38:94:0d:e6:09:37:01:8c:20:d1:af:3e:06:
d1:04:90:68:6d:99:de:15:f3:ca:4e:84:99:4f:5c:
14:8d:c8:b0:a7:e5:9e:b3:ef:07:a5:9f:4a:1c:10:
9d:09:e8:94:31:d1:43:78:5c:a4:48:67:28:86:28:
0d:15:a7:51:d0:07:de:43:03:4b:ac:e7:41:22:fe:
48:d8:db:f0:2c:5e:c0:07:3f:a0:ec:35:01:7c:77:
0b:a1:9d:87:c9:95:d3:08:c5:ef:91:27:0d:79:b8:
48:c4:68:98:ee:ab:d8:c6:c6:b0:8b:45:eb:5e:37:
a3:46:54:75:8b:8c:ec:d6:4c:f3:d9:d9:71:f9:80:
c4:c5:2d:85:7f:b9:fb:68:fb:07:ec:15:9a:a5:cb:
57:a6:a5:92:1a:30:53:63:66:30:66:4b:6a:21:a2:
ab:ae:5f:0d:73:08:8f:ea:3e:ab:09:0d:5f:41:09:
70:f8:f4:bf:a8:7c:0c:61:02:85:3c:a9:b7:ac:02:
d6:e9:c9:c6:ee:af:32:f9:e2:15:3f:93:59:9d:f3:
73:47:63:52:e7:3e:56:a0:d7:32:36:61:88:ab:0c:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:B4:14:BC:6A:34:2B:6E:03:BB:64:0B:3B:C9:98:84:AB:85:74:C4
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2dbc9912-b766-4000-9f7c-cb9e37916980.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/18
Signature Algorithm: sha256WithRSAEncryption
b9:00:e0:48:d7:2c:ce:16:57:17:47:91:f6:b5:bd:ea:8d:0a:
58:9f:80:8e:3e:42:cb:06:ae:98:59:4a:4d:2f:8c:87:a1:25:
77:5c:13:9d:8f:83:03:bd:c6:02:f5:ec:8a:e8:0f:10:b1:b3:
f7:97:46:11:1b:55:b2:85:a8:8a:69:c9:d3:48:00:cb:85:96:
7f:1f:44:4b:2e:e7:84:ec:ff:30:d3:fc:58:08:30:23:e7:b3:
25:5a:2e:33:1a:5c:5a:55:ff:52:06:75:97:ad:93:cb:8e:6f:
98:b9:ed:c7:1b:39:81:5b:87:7c:69:eb:86:5a:f7:b9:f5:63:
e7:0f:8d:6e:13:90:06:b0:7b:c4:6f:85:c9:85:78:5d:fb:ba:
1a:9d:41:f7:d0:44:9c:6c:d9:66:99:73:5d:74:3e:f9:ae:23:
48:0d:42:7a:2d:88:15:bc:90:ed:3f:e5:db:0f:a8:60:ac:0f:
75:3e:f4:aa:49:6a:9c:b0:51:d7:e2:69:91:80:bc:b7:af:07:
d2:2b:e1:c5:65:a9:71:32:71:b0:78:37:72:a9:6f:c5:68:79:
56:32:4f:96:cb:b3:4b:03:0e:07:30:3e:02:f9:13:93:f4:4a:
a0:e4:6a:14:a0:3d:55:90:68:3c:64:3c:ae:61:19:8e:ef:09:
d1:dd:66:17
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUXEERYakC43bFsfFJIGyz6PkabOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMDQwMDIwMDVaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmZDliM2JjYzA4Yjk2MTVlMDZhZjk2MDQwZmNlZGJlMzhmYTAwM2Q0ZDM5
YTNiYzliZDdlZjM5ZjMyN2U1NTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdCxvziXzf3r8CNAQCdV6o7MSLbCq2GFDwMx9O/M0o4lA3mCTcBjCDRrz4G
0QSQaG2Z3hXzyk6EmU9cFI3IsKflnrPvB6WfShwQnQnolDHRQ3hcpEhnKIYoDRWn
UdAH3kMDS6znQSL+SNjb8CxewAc/oOw1AXx3C6Gdh8mV0wjF75EnDXm4SMRomO6r
2MbGsItF6143o0ZUdYuM7NZM89nZcfmAxMUthX+5+2j7B+wVmqXLV6alkhowU2Nm
MGZLaiGiq65fDXMIj+o+qwkNX0EJcPj0v6h8DGEChTypt6wC1unJxu6vMvniFT+T
WZ3zc0djUuc+VqDXMjZhiKsMDykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTVtBS8
ajQrbgO7ZAs7yZiEq4V0xDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmRiYzk5MTItYjc2Ni00MDAwLTlmN2MtY2I5ZTM3OTE2OTgwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAuQDgSNcszhZXF0eR9rW96o0KWJ+Ajj5CywaumFlK
TS+Mh6Eld1wTnY+DA73GAvXsiugPELGz95dGERtVsoWoimnJ00gAy4WWfx9ESy7n
hOz/MNP8WAgwI+ezJVouMxpcWlX/UgZ1l62Ty45vmLntxxs5gVuHfGnrhlr3ufVj
5w+NbhOQBrB7xG+FyYV4Xfu6Gp1B99BEnGzZZplzXXQ++a4jSA1Cei2IFbyQ7T/l
2w+oYKwPdT70qklqnLBR1+JpkYC8t68H0ivhxWWpcTJxsHg3cqlvxWh5VjJPlsuz
SwMOBzA+AvkTk/RKoORqFKA9VZBoPGQ8rmEZju8J0d1mFw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:17 2025 by rpki-client