Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: sVL+q393PT/co2H79os5l1ra7wbHZQhiduDhMlqbPJ8=
Subject key identifier: 15:62:57:0A:E3:EF:FC:26:57:A8:C9:B1:A2:A6:71:30:EA:AB:D1:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A31111FF75C93AE769FF47FAA17B541C8900058
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Fri 31 Oct 2025 02:00:23 +0000
ROA not before: Fri 31 Oct 2025 02:00:23 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:31:11:1f:f7:5c:93:ae:76:9f:f4:7f:aa:17:b5:41:c8:90:00:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:23 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=db7b3d0d8592776bc380f36a6a2bf3ff483c83650c7f601b63935db1082a91d5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f7:08:e8:cc:02:b8:ab:84:ce:f4:c3:72:b9:
18:e0:75:c6:70:2a:8f:55:8f:0c:df:e8:42:69:67:
79:e8:59:bc:47:2b:9c:24:e2:84:b6:c6:97:4a:bf:
97:a0:45:62:ef:dd:17:49:4d:58:b5:cc:aa:a0:fd:
0b:6c:91:b2:85:5b:cd:83:b3:95:13:60:3f:3b:a8:
54:82:18:98:7e:34:3a:a9:e3:a8:a9:40:d9:1a:55:
e8:b0:cb:79:b9:81:92:83:81:85:0c:69:0b:a9:0f:
e1:ef:31:8e:b3:96:01:ca:e4:b0:5d:ea:27:bc:92:
4e:b2:86:be:cd:32:93:5b:a9:1c:b9:e1:be:4d:9c:
d2:60:08:90:46:1a:50:61:3d:d7:76:be:d8:6b:fa:
44:f3:f7:0a:74:9f:c5:cc:bc:c2:e1:e7:3b:77:7a:
41:e2:cd:1a:fa:95:37:da:cb:f2:0e:db:7b:f1:31:
05:16:12:29:df:1b:ec:23:81:4a:67:48:92:f9:53:
b2:0f:a9:23:83:bb:9e:ef:51:89:83:ae:ae:32:41:
57:67:ea:95:65:71:fc:c4:66:e9:25:68:f2:71:29:
66:d1:5e:a6:15:12:ae:7d:9c:f0:04:4e:7f:0d:36:
f5:76:6c:00:0e:1c:95:bd:0a:51:a1:a7:86:af:17:
83:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:62:57:0A:E3:EF:FC:26:57:A8:C9:B1:A2:A6:71:30:EA:AB:D1:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:e3:2e:10:25:47:cb:bc:73:d6:a0:df:82:5a:6c:89:56:38:
e5:80:7e:fa:69:fa:ff:85:4b:e9:c3:d3:e9:67:88:e9:0d:00:
94:16:7c:22:c7:6f:5f:94:67:20:5c:14:2a:ba:0d:81:ac:b5:
4c:9e:71:e3:96:7f:f7:da:12:66:e8:ff:b3:07:ea:a1:af:48:
25:35:4e:9a:70:48:36:c8:1e:b6:d4:7d:70:05:77:6f:61:4b:
45:58:d7:9e:a5:06:45:81:94:78:1f:40:54:f7:d5:7b:2d:cf:
28:52:75:35:d6:43:f0:ed:d0:5f:56:e3:b7:a0:c2:2c:bd:f0:
b2:b7:3f:fe:57:b9:87:63:09:a3:e7:a5:39:46:47:48:0d:70:
3d:cb:ec:64:56:6d:20:6e:00:f5:c8:cb:b2:ec:7d:28:0a:94:
d8:3c:f5:c2:1e:5a:0f:57:a6:24:fb:78:35:cb:98:9f:dc:8b:
b9:22:bc:87:9d:c9:d0:5c:c0:4e:61:ee:ac:e2:aa:6b:69:1c:
02:bf:9c:e9:52:99:40:21:17:7e:7b:c1:05:6a:4f:de:aa:17:
9c:04:20:20:ca:28:c4:ed:91:92:8a:41:c2:1b:8f:10:76:0d:
bd:bb:8a:77:5c:19:18:72:96:06:ec:8d:e6:71:e0:98:a6:9d:
b9:6e:50:d2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCjERH/dck652n/R/qhe1QciQAFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMjNaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiN2IzZDBkODU5Mjc3NmJjMzgwZjM2YTZhMmJmM2ZmNDgzYzgzNjUwYzdm
NjAxYjYzOTM1ZGIxMDgyYTkxZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ/3COjMArirhM70w3K5GOB1xnAqj1WPDN/oQmlneehZvEcrnCTihLbGl0q/
l6BFYu/dF0lNWLXMqqD9C2yRsoVbzYOzlRNgPzuoVIIYmH40OqnjqKlA2RpV6LDL
ebmBkoOBhQxpC6kP4e8xjrOWAcrksF3qJ7ySTrKGvs0yk1upHLnhvk2c0mAIkEYa
UGE913a+2Gv6RPP3CnSfxcy8wuHnO3d6QeLNGvqVN9rL8g7be/ExBRYSKd8b7COB
SmdIkvlTsg+pI4O7nu9RiYOurjJBV2fqlWVx/MRm6SVo8nEpZtFephUSrn2c8ARO
fw029XZsAA4clb0KUaGnhq8Xg2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVYlcK
4+/8JleoybGipnEw6qvRRzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQAP4y4QJUfLvHPWoN+CWmyJVjjlgH76afr/hUvpw9Pp
Z4jpDQCUFnwix29flGcgXBQqug2BrLVMnnHjln/32hJm6P+zB+qhr0glNU6acEg2
yB621H1wBXdvYUtFWNeepQZFgZR4H0BU99V7Lc8oUnU11kPw7dBfVuO3oMIsvfCy
tz/+V7mHYwmj56U5RkdIDXA9y+xkVm0gbgD1yMuy7H0oCpTYPPXCHloPV6Yk+3g1
y5if3Iu5IryHncnQXMBOYe6s4qpraRwCv5zpUplAIRd+e8EFak/eqhecBCAgyijE
7ZGSikHCG48Qdg29u4p3XBkYcpYG7I3mceCYpp25blDS
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:32:51 2025 by rpki-client