Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: RN5qOHpoA5vRv8lXNU2x1PW3imiM6ahHp9GUdjFYBkQ=
Subject key identifier: 99:72:E2:BA:C6:F4:C5:17:B2:25:2B:55:F0:3C:1B:30:90:80:D6:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3568516D2162D878B8B37BCFB3897E05ED097885
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Wed 22 Oct 2025 00:50:13 +0000
ROA not before: Wed 22 Oct 2025 00:50:13 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:68:51:6d:21:62:d8:78:b8:b3:7b:cf:b3:89:7e:05:ed:09:78:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:13 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=624b620c8124179b546b09aa81378c9d0a60a0c2ffa09f51b5da752964d0f5b8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:bc:4c:c4:d7:67:9c:3b:e2:9a:08:f8:09:55:
cf:92:68:0f:9a:57:a3:1d:dd:64:63:70:5f:4b:1f:
b6:69:18:1b:8a:70:76:d3:32:3d:92:e4:ae:a9:ea:
ad:40:fa:70:4b:d8:1d:46:6c:ac:51:f9:50:c4:1f:
72:38:32:e1:02:b5:fa:d5:3c:b3:f0:a9:af:7e:4e:
82:21:c9:14:24:3d:72:16:67:4c:ac:20:2d:a5:09:
d8:65:4c:82:ad:30:ac:21:68:ba:1d:82:1a:b1:e5:
f0:7e:39:0a:df:0e:3e:ef:70:21:4d:5e:16:0c:b0:
46:64:e3:ba:cb:da:b4:f3:fd:bb:2c:8d:45:1f:61:
14:46:66:9d:68:a7:fa:a7:df:84:d5:93:d6:91:c7:
ba:99:a1:be:62:02:de:0f:24:c5:9c:d6:93:5d:75:
cf:3d:08:6c:4f:46:06:ef:20:a9:52:33:e4:18:7e:
82:1c:57:06:25:f9:ee:8d:2e:76:e0:7b:e8:2c:4a:
2b:2c:1b:82:dd:78:fb:5d:65:12:43:a4:d0:2b:e9:
8d:3b:fe:bd:2b:f3:96:f6:95:bf:3a:cf:34:ae:cb:
87:0a:f6:3a:8f:cf:1c:1c:2b:a3:e9:2a:8c:33:de:
9f:d1:6c:e8:ae:a1:70:d3:89:d1:5c:40:94:b6:03:
2a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:72:E2:BA:C6:F4:C5:17:B2:25:2B:55:F0:3C:1B:30:90:80:D6:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
7a:89:3f:b4:4e:3c:b7:6e:e7:6f:1e:97:09:80:68:c7:f6:13:
71:04:e6:c5:0c:f0:69:5b:af:48:86:99:ff:c6:c8:f1:9d:be:
f9:98:b3:49:c0:a9:bd:f7:4f:7e:22:c9:2f:e9:31:7a:38:4a:
a5:cc:f9:37:30:90:9e:58:4a:a8:bc:1b:73:19:35:9d:84:e9:
21:79:47:5b:fc:5e:4b:15:37:f9:1e:04:76:09:4d:76:6a:f1:
e2:11:05:16:61:9b:d8:6a:58:33:03:fa:81:f3:5b:c0:c3:a8:
ec:11:31:7b:23:c7:c2:17:18:f9:e9:a2:a4:09:8f:fe:4a:6e:
df:1f:00:f3:8c:cd:77:82:67:9b:1e:67:50:5a:d2:cf:3e:ab:
e2:a8:84:b4:fd:42:73:be:51:a0:58:e9:17:68:0e:5c:24:65:
60:6c:81:2e:49:4c:8b:04:79:1d:1c:06:dc:d0:4f:45:4f:7c:
f7:76:ab:b2:ea:d0:7b:78:c0:24:6a:89:f3:c3:8b:8f:07:57:
16:5d:e8:0b:0d:c2:02:4b:65:df:1f:85:cc:cb:0e:a6:57:4f:
93:14:c1:d2:90:d7:0e:39:2b:07:a6:87:63:b2:ef:39:3e:2a:
c1:cb:95:b5:90:73:99:27:4a:55:d5:d7:f6:cc:bd:84:12:82:
e2:76:b1:34
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNWhRbSFi2Hi4s3vPs4l+Be0JeIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTNaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyNGI2MjBjODEyNDE3OWI1NDZiMDlhYTgxMzc4YzlkMGE2MGEwYzJmZmEw
OWY1MWI1ZGE3NTI5NjRkMGY1YjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANO8TMTXZ5w74poI+AlVz5JoD5pXox3dZGNwX0sftmkYG4pwdtMyPZLkrqnq
rUD6cEvYHUZsrFH5UMQfcjgy4QK1+tU8s/Cpr35OgiHJFCQ9chZnTKwgLaUJ2GVM
gq0wrCFouh2CGrHl8H45Ct8OPu9wIU1eFgywRmTjusvatPP9uyyNRR9hFEZmnWin
+qffhNWT1pHHupmhvmIC3g8kxZzWk111zz0IbE9GBu8gqVIz5Bh+ghxXBiX57o0u
duB76CxKKywbgt14+11lEkOk0CvpjTv+vSvzlvaVvzrPNK7Lhwr2Oo/PHBwro+kq
jDPen9Fs6K6hcNOJ0VxAlLYDKncCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSZcuK6
xvTFF7IlK1XwPBswkIDWVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAeok/tE48t27nbx6XCYBox/YTcQTmxQzwaVuvSIaZ
/8bI8Z2++ZizScCpvfdPfiLJL+kxejhKpcz5NzCQnlhKqLwbcxk1nYTpIXlHW/xe
SxU3+R4EdglNdmrx4hEFFmGb2GpYMwP6gfNbwMOo7BExeyPHwhcY+emipAmP/kpu
3x8A84zNd4Jnmx5nUFrSzz6r4qiEtP1Cc75RoFjpF2gOXCRlYGyBLklMiwR5HRwG
3NBPRU9893arsurQe3jAJGqJ88OLjwdXFl3oCw3CAktl3x+FzMsOpldPkxTB0pDX
DjkrB6aHY7LvOT4qwcuVtZBzmSdKVdXX9sy9hBKC4naxNA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:42 2025 by rpki-client