Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
File: 7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa (raw, json)
Hash identifier: u37sqMgCUPQYKPRmpxnOngOOyq1cvwocfgAgQzbzJB8=
Subject key identifier: E7:A4:9E:FE:5B:63:FC:AF:FB:A6:7F:CC:A1:D3:25:19:84:08:11:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 20DE3D2B0E2DA217846FC524A980CDEF258C0B2D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
Signing time: Fri 31 Oct 2025 02:00:17 +0000
ROA not before: Fri 31 Oct 2025 02:00:17 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.143.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:de:3d:2b:0e:2d:a2:17:84:6f:c5:24:a9:80:cd:ef:25:8c:0b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:17 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=f61ccaf3a4711005da8ab552026e1cadc6c1920403060fa329c350532d437370, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:8c:9e:9b:f4:05:90:d5:52:a6:9e:51:0d:4f:
bd:cc:2b:c1:d8:2f:41:bb:e0:9a:f5:bf:92:d2:2f:
12:b0:1b:a3:90:5d:bb:93:17:53:40:0b:26:c7:61:
0f:8d:d7:e5:22:4a:69:07:b9:6d:6d:94:ec:2c:b6:
ea:d2:73:8c:de:f5:72:2a:66:ba:16:7e:55:01:b6:
44:89:85:31:8b:f2:47:12:0a:66:3b:b8:d0:8c:70:
44:8b:4b:4f:1c:19:0d:e4:1c:3b:a9:b2:fc:e7:0d:
c5:ee:bd:2b:f0:cf:cf:0c:59:8a:41:78:ac:33:94:
77:ce:df:f1:45:ca:cd:f5:bb:ea:4c:10:86:18:00:
3e:40:03:8d:41:b0:c5:3a:49:b3:36:3b:eb:0c:90:
b4:36:16:bc:79:e9:75:e9:04:66:ba:bb:68:f5:5c:
55:0b:ed:e1:2d:bd:f6:b8:cb:a6:20:c6:fc:54:70:
d2:9b:e4:ad:9a:0f:d8:47:5f:d5:dc:bc:38:97:5b:
40:f0:ff:43:0c:41:6f:9d:d5:22:c2:49:ec:d5:b9:
0c:49:d1:14:65:48:9f:84:49:02:2d:bf:16:8c:b5:
87:be:37:c3:c3:34:2d:dd:37:e0:c6:b6:4c:e0:10:
7d:ff:25:7b:cf:e5:6f:9f:18:33:0a:b7:f3:d3:cb:
8f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A4:9E:FE:5B:63:FC:AF:FB:A6:7F:CC:A1:D3:25:19:84:08:11:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7a9d4970-8e9c-4d11-a1c6-772a571334fd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.16.0/22
Signature Algorithm: sha256WithRSAEncryption
73:26:8b:19:80:a7:ff:a2:b6:c0:1a:2d:2f:23:80:9e:05:56:
ac:35:f0:32:64:a4:b1:e8:b2:0c:80:ae:0e:81:3c:1b:f1:d8:
61:5c:a4:78:83:87:07:d2:dd:71:8c:3d:07:98:09:da:80:71:
90:42:bc:94:7e:32:54:5b:38:01:f0:45:43:ce:a1:1e:74:4f:
18:29:07:5a:5b:e3:03:b1:63:c3:2a:21:e6:51:ef:12:6b:56:
7e:90:fd:8c:7a:b2:4a:6c:1b:85:ce:f0:21:c5:71:3d:aa:83:
01:db:f1:d3:60:20:df:47:1d:6f:e9:b2:53:d1:bd:83:1c:f4:
7d:e6:09:71:5e:f8:4a:8b:50:f7:7c:20:c4:71:1f:02:91:89:
07:d2:a3:01:bd:86:4c:91:90:74:80:a8:72:a0:fb:13:81:83:
46:88:d4:0f:25:bc:eb:7e:b4:f3:1f:07:ff:9e:0f:74:c5:2c:
4b:5f:07:a6:fd:56:e3:a4:46:58:08:f2:c3:8f:4b:68:75:0a:
5a:77:d8:b5:12:17:f3:dc:a5:8d:78:dc:96:d6:f1:9d:79:be:
b7:7c:f5:19:aa:6f:85:b7:ef:9e:32:e5:22:f2:20:46:1d:13:
88:50:e7:87:bd:13:f5:28:5d:5b:fe:45:60:2d:4c:f0:d2:fb:
cf:f5:be:92
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIN49Kw4toheEb8UkqYDN7yWMCy0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMTdaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY2MWNjYWYzYTQ3MTEwMDVkYThhYjU1MjAyNmUxY2FkYzZjMTkyMDQwMzA2
MGZhMzI5YzM1MDUzMmQ0MzczNzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN6Mnpv0BZDVUqaeUQ1PvcwrwdgvQbvgmvW/ktIvErAbo5Bdu5MXU0ALJsdh
D43X5SJKaQe5bW2U7Cy26tJzjN71cipmuhZ+VQG2RImFMYvyRxIKZju40IxwRItL
TxwZDeQcO6my/OcNxe69K/DPzwxZikF4rDOUd87f8UXKzfW76kwQhhgAPkADjUGw
xTpJszY76wyQtDYWvHnpdekEZrq7aPVcVQvt4S299rjLpiDG/FRw0pvkrZoP2Edf
1dy8OJdbQPD/QwxBb53VIsJJ7NW5DEnRFGVIn4RJAi2/Foy1h743w8M0Ld034Ma2
TOAQff8le8/lb58YMwq389PLj+0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTnpJ7+
W2P8r/umf8yh0yUZhAgRPTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2E5ZDQ5NzAtOGU5Yy00ZDExLWExYzYtNzcyYTU3MTMzNGZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmPEDAN
BgkqhkiG9w0BAQsFAAOCAQEAcyaLGYCn/6K2wBotLyOAngVWrDXwMmSkseiyDICu
DoE8G/HYYVykeIOHB9LdcYw9B5gJ2oBxkEK8lH4yVFs4AfBFQ86hHnRPGCkHWlvj
A7Fjwyoh5lHvEmtWfpD9jHqySmwbhc7wIcVxPaqDAdvx02Ag30cdb+myU9G9gxz0
feYJcV74SotQ93wgxHEfApGJB9KjAb2GTJGQdICocqD7E4GDRojUDyW863608x8H
/54PdMUsS18Hpv1W46RGWAjyw49LaHUKWnfYtRIX89yljXjcltbxnXm+t3z1Gapv
hbfvnjLlIvIgRh0TiFDnh70T9ShdW/5FYC1M8NL7z/W+kg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:37:34 2025 by rpki-client