Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
File: 7f244d46-87ad-4224-b593-bd81b505345a.roa (raw, json)
Hash identifier: aMhurZX9MCyqKZ1A6027elIwWrQlK5aBCX3AbpOx8F4=
Subject key identifier: C0:6B:12:56:58:FA:67:C0:E4:07:2A:03:6D:B3:26:45:FE:C3:6D:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 485C225E7790F6D6ADC74558446C4C40818B116C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
Signing time: Fri 24 Oct 2025 00:40:29 +0000
ROA not before: Fri 24 Oct 2025 00:40:29 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:5c:22:5e:77:90:f6:d6:ad:c7:45:58:44:6c:4c:40:81:8b:11:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:29 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=9d0edb6b338ca47e0fdee64eef6ce6f66ee9793324c283c9ebfa1443877f75d7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:49:aa:b9:6d:95:e6:66:93:f6:d3:bd:dc:
57:0b:29:ef:d5:46:93:4c:b7:c2:b0:81:78:1e:e8:
b1:9a:fe:0d:6f:1c:23:a5:2e:7c:18:7f:32:9e:3d:
6b:cc:65:1e:76:c6:05:89:8b:dd:4d:f8:7d:59:1e:
ed:7e:27:46:ab:ac:ad:fd:03:cb:66:d9:77:9e:3b:
90:1d:ca:75:b5:4d:c7:fa:a1:e4:bb:b7:34:8c:f0:
4e:e1:dc:98:16:e2:22:a5:79:9c:62:ff:8b:d5:07:
b8:d2:ca:cf:50:09:25:98:e4:59:82:b7:3b:03:a4:
9c:39:53:37:29:e9:28:af:73:2f:6a:04:cc:dc:5f:
e8:e4:d5:03:c2:c8:07:82:bb:a9:49:1b:60:f6:cc:
37:a8:e0:92:bb:4c:ea:2f:1d:6e:ea:df:d6:0c:41:
f2:ec:00:97:7d:1b:11:30:66:99:cf:1f:60:c7:22:
e5:51:fb:65:0a:12:51:e7:d8:6a:13:43:1b:3f:9b:
92:18:7c:cc:2a:af:b1:ba:58:33:dd:ba:19:19:87:
f5:99:e3:3d:02:1d:ba:f1:f2:75:fb:0e:4b:f2:f4:
c4:86:80:cd:3d:41:d5:ac:16:96:2e:bb:2d:33:84:
b8:00:33:22:c1:9b:bf:9e:28:ef:82:2b:29:d6:12:
6a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:6B:12:56:58:FA:67:C0:E4:07:2A:03:6D:B3:26:45:FE:C3:6D:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f244d46-87ad-4224-b593-bd81b505345a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2c:99:54:da:3f:a4:96:ad:68:56:a9:f0:fd:2c:e5:6d:71:3e:
78:05:8b:f5:78:27:97:cb:0f:63:c8:8f:f1:1b:ef:cf:db:18:
c4:41:85:5f:cb:9d:15:b2:d3:0e:6d:02:c0:a7:e8:60:94:a8:
12:71:8f:01:04:9d:d2:7f:46:c9:f1:b5:a6:98:8f:14:2c:d3:
ff:9c:63:86:59:db:29:7e:43:6c:36:67:83:60:d8:bb:d3:00:
4c:78:35:ad:7f:34:e3:1b:ee:96:6b:58:fc:2d:38:32:c1:f4:
0e:e1:de:1b:b3:95:97:1c:b6:9e:9c:e6:e8:f2:85:48:80:80:
08:12:c9:7e:e2:5e:58:fe:e9:8c:60:0e:61:30:ac:86:ef:19:
44:fa:90:29:e6:31:f9:1b:79:c6:28:08:c2:0c:cd:8a:be:37:
5a:eb:c4:03:90:ad:82:ba:c7:94:ef:6e:53:63:bf:ec:fc:ad:
15:d1:e4:b5:5a:e7:d4:aa:d5:46:21:38:eb:84:51:ab:ce:71:
c8:1b:9d:cb:77:49:58:b1:5c:26:4e:62:fd:11:68:96:3c:c0:
1e:ca:f2:84:ff:7d:ad:5f:65:9e:f9:8d:32:0f:57:d6:52:45:
31:63:d7:ad:a5:f0:3a:ef:69:1c:20:a8:d8:cc:3a:45:2e:d0:
5c:b6:fb:32
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSFwiXneQ9tatx0VYRGxMQIGLEWwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjlaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDlkMGVkYjZiMzM4Y2E0N2UwZmRlZTY0ZWVmNmNlNmY2NmVlOTc5MzMyNGMy
ODNjOWViZmExNDQzODc3Zjc1ZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL/qSaq5bZXmZpP2073cVwsp79VGk0y3wrCBeB7osZr+DW8cI6UufBh/Mp49
a8xlHnbGBYmL3U34fVke7X4nRqusrf0Dy2bZd547kB3KdbVNx/qh5Lu3NIzwTuHc
mBbiIqV5nGL/i9UHuNLKz1AJJZjkWYK3OwOknDlTNynpKK9zL2oEzNxf6OTVA8LI
B4K7qUkbYPbMN6jgkrtM6i8dburf1gxB8uwAl30bETBmmc8fYMci5VH7ZQoSUefY
ahNDGz+bkhh8zCqvsbpYM926GRmH9ZnjPQIduvHydfsOS/L0xIaAzT1B1awWli67
LTOEuAAzIsGbv54o74IrKdYSapMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTAaxJW
WPpnwOQHKgNtsyZF/sNtMjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2YyNDRkNDYtODdhZC00MjI0LWI1OTMtYmQ4MWI1MDUzNDVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBlN3QDAN
BgkqhkiG9w0BAQsFAAOCAQEALJlU2j+klq1oVqnw/SzlbXE+eAWL9Xgnl8sPY8iP
8Rvvz9sYxEGFX8udFbLTDm0CwKfoYJSoEnGPAQSd0n9GyfG1ppiPFCzT/5xjhlnb
KX5DbDZng2DYu9MATHg1rX804xvulmtY/C04MsH0DuHeG7OVlxy2npzm6PKFSICA
CBLJfuJeWP7pjGAOYTCshu8ZRPqQKeYx+Rt5xigIwgzNir43WuvEA5CtgrrHlO9u
U2O/7PytFdHktVrn1KrVRiE464RRq85xyBudy3dJWLFcJk5i/RFoljzAHsryhP99
rV9lnvmNMg9X1lJFMWPXraXwOu9pHCCo2Mw6RS7QXLb7Mg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:32:18 2025 by rpki-client