Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
File: 57870f13-82ea-4955-953f-742413b6a651.roa (raw, json)
Hash identifier: 6P5/BRw5dDqHgChHgwNEscE3UOxZj63VUsiQfhwQaEo=
Subject key identifier: CF:4A:A8:FD:31:8C:54:61:E6:85:B8:77:63:F7:9C:FF:C2:64:E5:27
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 214C00D43C98F90E6619A03D570B09E0959C4C13
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
Signing time: Wed 22 Oct 2025 00:50:13 +0000
ROA not before: Wed 22 Oct 2025 00:50:13 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:4c:00:d4:3c:98:f9:0e:66:19:a0:3d:57:0b:09:e0:95:9c:4c:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:13 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=ac7d5c19c72be155320a001c1ebf6b5298524830c279bf1563f9a4471d492fc5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:42:86:2a:90:9f:9a:05:ad:3b:ca:6e:b9:50:
8b:98:36:ce:f3:42:d1:20:cc:14:a8:ef:47:4e:6d:
9d:8e:b2:12:3f:fd:5d:26:ff:3c:ad:7d:a6:93:39:
5f:7d:f4:88:6e:d5:e2:f3:f2:30:da:de:ea:1a:be:
54:e4:3a:7f:8f:08:99:8a:16:cb:5f:ed:0b:21:75:
5a:f1:94:01:0e:5e:75:49:7b:a4:30:41:0f:bf:5e:
f9:df:3f:c6:1e:6e:c1:f5:78:26:6d:61:49:63:96:
43:6a:dc:ab:3a:44:f0:a9:f9:de:dc:8b:79:4b:61:
59:b0:03:3f:5b:7b:57:db:c1:15:49:db:ca:06:4b:
cc:83:94:26:40:f9:7f:29:3c:b0:df:3d:a8:2a:bf:
38:e5:b7:79:77:e1:27:6a:a5:34:4f:7e:4f:ba:da:
97:9e:f6:5d:65:dc:81:8e:aa:a6:ee:f8:c5:9c:2a:
0b:00:cd:91:01:42:1e:47:db:11:4d:2b:ce:22:1a:
22:ae:75:59:73:b8:c1:eb:58:fb:86:44:ca:54:a3:
32:23:f1:a0:9e:59:0f:ef:eb:af:4e:a1:6d:10:a5:
85:34:ec:7f:06:87:7d:ed:09:ca:09:9a:ed:58:ab:
3c:0b:1e:f2:a2:5d:ed:0f:79:f3:21:ea:75:b9:74:
64:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:A8:FD:31:8C:54:61:E6:85:B8:77:63:F7:9C:FF:C2:64:E5:27
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/57870f13-82ea-4955-953f-742413b6a651.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/48
Signature Algorithm: sha256WithRSAEncryption
81:0c:27:70:40:87:57:37:4b:0e:65:dd:54:56:27:62:db:eb:
ae:a7:d6:1d:ce:08:b1:b4:af:99:b8:55:69:cd:6f:f7:f2:ed:
15:ac:36:c6:ea:50:95:28:53:a5:7a:4d:19:50:ce:e0:7c:9e:
3e:4e:3e:80:4b:c5:b9:3f:41:20:0f:df:0d:f1:ce:3a:75:88:
54:0c:6e:5f:99:f1:09:a9:64:80:a2:79:3f:64:80:56:5a:f2:
6a:98:86:9c:1e:07:68:4b:df:ef:aa:67:b4:48:b7:2d:dd:63:
98:6b:70:07:45:1a:4b:dc:47:bd:d9:c2:2c:23:b9:9f:c7:a0:
bc:eb:eb:d1:d6:e8:77:e2:b3:fb:e7:41:a6:e3:b9:c0:20:3d:
8c:79:e5:96:de:75:f4:35:45:24:25:8f:c6:cb:a6:12:de:a6:
4f:cf:fc:db:de:29:62:cd:4a:90:18:b1:51:2a:de:58:8c:50:
0e:d8:12:4c:bc:94:99:8f:37:1d:fe:2b:f6:18:8f:c3:05:e2:
53:7b:44:0f:64:40:46:7f:1b:d6:0d:f6:4b:fa:89:59:6a:40:
8c:39:51:82:88:e7:15:6b:66:9e:3d:7a:55:80:70:91:90:f5:
35:dd:a5:09:c8:e5:fb:41:dd:cc:27:f1:45:2b:39:06:65:43:
d6:c3:97:d0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIUwA1DyY+Q5mGaA9VwsJ4JWcTBMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTNaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjN2Q1YzE5YzcyYmUxNTUzMjBhMDAxYzFlYmY2YjUyOTg1MjQ4MzBjMjc5
YmYxNTYzZjlhNDQ3MWQ0OTJmYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFChiqQn5oFrTvKbrlQi5g2zvNC0SDMFKjvR05tnY6yEj/9XSb/PK19ppM5
X330iG7V4vPyMNre6hq+VOQ6f48ImYoWy1/tCyF1WvGUAQ5edUl7pDBBD79e+d8/
xh5uwfV4Jm1hSWOWQ2rcqzpE8Kn53tyLeUthWbADP1t7V9vBFUnbygZLzIOUJkD5
fyk8sN89qCq/OOW3eXfhJ2qlNE9+T7ral572XWXcgY6qpu74xZwqCwDNkQFCHkfb
EU0rziIaIq51WXO4wetY+4ZEylSjMiPxoJ5ZD+/rr06hbRClhTTsfwaHfe0Jygma
7VirPAse8qJd7Q958yHqdbl0ZP8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTPSqj9
MYxUYeaFuHdj95z/wmTlJzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc4NzBmMTMtODJlYS00OTU1LTk1M2YtNzQyNDEzYjZhNjUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
ADANBgkqhkiG9w0BAQsFAAOCAQEAgQwncECHVzdLDmXdVFYnYtvrrqfWHc4IsbSv
mbhVac1v9/LtFaw2xupQlShTpXpNGVDO4HyePk4+gEvFuT9BIA/fDfHOOnWIVAxu
X5nxCalkgKJ5P2SAVlryapiGnB4HaEvf76pntEi3Ld1jmGtwB0UaS9xHvdnCLCO5
n8egvOvr0dbod+Kz++dBpuO5wCA9jHnllt519DVFJCWPxsumEt6mT8/8294pYs1K
kBixUSreWIxQDtgSTLyUmY83Hf4r9hiPwwXiU3tED2RARn8b1g32S/qJWWpAjDlR
gojnFWtmnj16VYBwkZD1Nd2lCcjl+0HdzCfxRSs5BmVD1sOX0A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:31:38 2025 by rpki-client