Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: kQp+zxSVjl/2qxeu9aLzQG94YCIacyFCAfKBkdT2DDQ=
Subject key identifier: F8:7A:50:13:55:4B:A3:6E:6F:2F:08:67:E9:43:BC:6B:B1:EA:2B:75
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B127C447D50E32073488F16660CF371F7E81EFF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Tue 21 Oct 2025 14:50:08 +0000
ROA not before: Tue 21 Oct 2025 14:50:08 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:12:7c:44:7d:50:e3:20:73:48:8f:16:66:0c:f3:71:f7:e8:1e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:08 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=1fbf4c21ac4670f6043829eaeb0f18f96293c53eccd6b82c49a4bae1acafc7a2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:65:e3:c9:3d:5c:72:59:fa:e3:08:92:9c:02:
45:54:64:54:bd:33:d6:8b:40:09:7e:cd:02:24:8f:
6b:c1:d7:4a:43:ae:26:3c:e6:7c:bb:9c:ff:3b:42:
8b:42:12:ff:37:b0:e0:a3:0d:8f:a1:83:0d:fa:f5:
45:d4:bb:08:ca:87:97:29:14:f2:8d:b7:31:80:1d:
d7:b8:61:ac:18:0b:24:d1:7d:7b:b8:89:f2:23:b0:
89:1c:7d:e9:d4:51:2e:ce:4b:57:3d:30:53:26:64:
4d:af:db:13:98:07:91:72:ea:ae:d8:89:4f:b8:64:
21:db:4d:ff:9b:04:1a:16:dd:7f:86:b2:b1:7c:95:
68:01:86:e1:63:63:48:01:29:25:4e:73:70:cc:5f:
86:d9:da:e1:06:41:80:e2:b6:cc:4c:5c:f8:f4:14:
b7:09:a7:b0:32:af:40:eb:3b:ca:d5:59:d6:7e:4c:
1c:22:01:7c:30:06:c7:e4:45:35:e9:4d:25:75:d1:
76:88:91:71:e5:1d:d0:c0:6c:2f:18:b2:33:95:d3:
25:87:bb:c2:53:fe:34:08:4a:4d:9c:3b:56:01:d0:
a9:c7:75:80:fc:79:00:c5:d5:7d:4e:fb:39:0e:c3:
35:6e:5d:6f:8e:ab:0b:63:03:21:d7:7c:16:eb:c5:
30:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7A:50:13:55:4B:A3:6E:6F:2F:08:67:E9:43:BC:6B:B1:EA:2B:75
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:81:80:ed:00:e4:32:29:52:75:8f:1b:25:2f:9f:16:a8:e8:
71:97:4a:3c:ce:3f:36:38:82:ac:d8:5b:31:be:6b:56:e9:13:
7d:08:0c:b0:6c:4d:0b:39:85:52:a7:99:a3:c7:cf:35:5e:74:
ef:1f:a9:44:98:38:eb:b2:5b:7a:31:f6:9a:65:db:fb:0f:16:
4c:07:09:09:5d:76:ad:8f:89:d7:2f:d3:6d:47:03:69:d4:4e:
ac:81:21:5e:97:68:20:f7:78:d1:41:a4:c2:de:e3:70:88:43:
47:5a:13:10:f5:b9:02:51:81:0c:c4:ad:38:eb:86:56:8f:af:
9f:31:94:40:fe:66:f4:98:3f:94:7c:8e:93:0d:ff:de:4b:32:
27:38:a9:6d:ef:ee:dd:ac:3c:94:29:1d:01:02:a1:eb:c1:eb:
80:36:27:df:95:b9:db:46:f4:e6:ef:bc:85:d5:26:67:d0:3d:
73:22:89:dc:5b:d0:a2:32:d7:f2:5b:41:a1:5f:37:a6:1d:e7:
2e:27:11:fe:e1:7e:33:0a:6b:dc:7e:16:ac:10:ef:88:3b:c9:
78:5c:3c:34:ee:3d:96:f8:a4:27:4a:2e:76:da:7f:f4:69:6b:
36:5b:f4:57:c1:9a:6e:1d:73:65:fe:87:8b:d9:eb:23:de:be:
41:a5:1c:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGxJ8RH1Q4yBzSI8WZgzzcffoHv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMDhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmYmY0YzIxYWM0NjcwZjYwNDM4MjllYWViMGYxOGY5NjI5M2M1M2VjY2Q2
YjgyYzQ5YTRiYWUxYWNhZmM3YTIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJl48k9XHJZ+uMIkpwCRVRkVL0z1otACX7NAiSPa8HXSkOuJjzmfLuc/ztC
i0IS/zew4KMNj6GDDfr1RdS7CMqHlykU8o23MYAd17hhrBgLJNF9e7iJ8iOwiRx9
6dRRLs5LVz0wUyZkTa/bE5gHkXLqrtiJT7hkIdtN/5sEGhbdf4aysXyVaAGG4WNj
SAEpJU5zcMxfhtna4QZBgOK2zExc+PQUtwmnsDKvQOs7ytVZ1n5MHCIBfDAGx+RF
NelNJXXRdoiRceUd0MBsLxiyM5XTJYe7wlP+NAhKTZw7VgHQqcd1gPx5AMXVfU77
OQ7DNW5db46rC2MDIdd8FuvFMCsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT4elAT
VUujbm8vCGfpQ7xrseordTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQDXgYDtAOQyKVJ1jxslL58WqOhxl0o8zj82OIKs2Fsx
vmtW6RN9CAywbE0LOYVSp5mjx881XnTvH6lEmDjrslt6MfaaZdv7DxZMBwkJXXat
j4nXL9NtRwNp1E6sgSFel2gg93jRQaTC3uNwiENHWhMQ9bkCUYEMxK0464ZWj6+f
MZRA/mb0mD+UfI6TDf/eSzInOKlt7+7drDyUKR0BAqHrweuANifflbnbRvTm77yF
1SZn0D1zIoncW9CiMtfyW0GhXzemHecuJxH+4X4zCmvcfhasEO+IO8l4XDw07j2W
+KQnSi522n/0aWs2W/RXwZpuHXNl/oeL2esj3r5BpRx2
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:04:17 2025 by rpki-client