Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: F5B4YIbcx5yI0ZFhAZZfQG4udTf2YecKWsY+2f5o04U=
Subject key identifier: 3A:D9:C0:62:BC:FB:8F:63:AF:80:FD:AF:AA:0D:4D:67:C6:E6:80:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5DC3A2588A335C967383887525FA8449AFE3079C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Fri 31 Oct 2025 02:00:05 +0000
ROA not before: Fri 31 Oct 2025 02:00:05 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:c3:a2:58:8a:33:5c:96:73:83:88:75:25:fa:84:49:af:e3:07:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:05 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=023408d51a82b85a04c94643dae8ba142306ebd7ac2fe0e89d26d7c8551bb258, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:96:8c:4d:1e:c3:93:a1:6a:51:25:b2:b7:c3:
47:1c:f9:d9:99:19:98:33:56:a4:33:51:9d:e7:e5:
44:c2:0f:b1:71:a6:9b:c7:a9:f2:8a:50:8a:12:4b:
78:f9:c2:5a:fb:65:16:2b:ac:a2:db:18:43:90:65:
24:e3:e7:16:f8:81:f2:9c:51:df:c7:92:cf:30:21:
5a:97:e6:e4:53:21:a6:a7:f5:f7:6a:e0:2a:36:e5:
ca:24:71:73:bd:6b:1b:13:db:e5:80:c2:fa:7f:b0:
b0:ef:1d:c8:84:d2:f6:aa:db:a2:ed:26:55:92:d7:
14:ec:4d:14:a1:92:01:3d:b2:8e:75:ca:29:b3:d4:
db:39:97:f1:2a:92:38:77:39:a2:ba:6d:71:05:84:
c9:ce:2d:87:72:25:6e:af:d4:d5:db:0c:15:b4:49:
12:c6:3e:3c:64:db:b2:41:d5:15:5f:35:9b:a6:05:
33:15:e0:80:07:de:84:8f:eb:af:04:ee:f6:85:3e:
72:a5:b0:fb:52:37:38:bc:0a:e8:3d:15:87:47:ef:
ec:46:22:8e:14:10:de:57:2d:51:3f:34:4d:c8:2f:
e8:9a:98:fd:89:e6:09:27:7b:50:f2:57:e4:08:1a:
de:d5:2c:c9:64:14:4e:80:5e:84:46:64:a2:88:2a:
48:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D9:C0:62:BC:FB:8F:63:AF:80:FD:AF:AA:0D:4D:67:C6:E6:80:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
b9:52:2a:17:1a:dd:a6:bc:7d:85:45:6d:bc:31:50:fa:80:41:
33:d1:45:52:ef:35:bd:08:36:33:6a:86:8d:02:30:cc:3f:3e:
f6:10:8d:b7:42:ad:7d:3d:8c:a3:c0:da:3f:3a:78:a9:37:ee:
05:9b:67:4e:9b:6b:52:3a:9b:59:81:42:f4:e2:26:30:b6:c0:
8f:02:ba:2f:c5:a3:d8:25:5c:b5:b0:04:c6:c2:00:ec:7f:a8:
49:a9:bb:9b:60:4b:f4:c1:b7:8c:bb:00:7d:c1:90:ea:be:50:
e5:b8:87:7f:b5:a2:d2:dd:25:32:4c:e9:f9:10:04:0c:3e:c5:
07:af:b2:dc:2b:6b:1d:e8:95:02:fd:c1:c8:27:b5:a1:a1:c2:
c1:6e:b7:d1:aa:dc:70:f4:9a:0d:d3:c4:e1:38:cb:84:dd:21:
8f:a0:f6:29:cd:65:4a:fc:d8:f6:b2:c4:35:53:8d:3e:4b:82:
17:6a:07:58:03:47:8b:23:00:ca:3b:a0:6b:ce:38:48:9b:18:
6f:07:61:1a:ef:be:89:ae:c5:77:bc:b5:76:1a:7b:a9:62:20:
9d:27:b2:21:45:55:3d:93:80:3c:c1:af:a4:e7:65:0f:93:0e:
97:b3:53:61:6e:ba:b2:d4:6f:ce:05:25:f0:a2:7f:91:96:59:
fb:8a:a1:36
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUXcOiWIozXJZzg4h1JfqESa/jB5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMDVaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDAyMzQwOGQ1MWE4MmI4NWEwNGM5NDY0M2RhZThiYTE0MjMwNmViZDdhYzJm
ZTBlODlkMjZkN2M4NTUxYmIyNTgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGWjE0ew5OhalElsrfDRxz52ZkZmDNWpDNRneflRMIPsXGmm8ep8opQihJL
ePnCWvtlFiusotsYQ5BlJOPnFviB8pxR38eSzzAhWpfm5FMhpqf192rgKjblyiRx
c71rGxPb5YDC+n+wsO8dyITS9qrbou0mVZLXFOxNFKGSAT2yjnXKKbPU2zmX8SqS
OHc5orptcQWEyc4th3Ilbq/U1dsMFbRJEsY+PGTbskHVFV81m6YFMxXggAfehI/r
rwTu9oU+cqWw+1I3OLwK6D0Vh0fv7EYijhQQ3lctUT80Tcgv6JqY/YnmCSd7UPJX
5Aga3tUsyWQUToBehEZkoogqSG0CAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQ62cBi
vPuPY6+A/a+qDU1nxuaAbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBALlSKhca3aa8fYVFbbwxUPqAQTPRRVLvNb0INjNq
ho0CMMw/PvYQjbdCrX09jKPA2j86eKk37gWbZ06ba1I6m1mBQvTiJjC2wI8Cui/F
o9glXLWwBMbCAOx/qEmpu5tgS/TBt4y7AH3BkOq+UOW4h3+1otLdJTJM6fkQBAw+
xQevstwrax3olQL9wcgntaGhwsFut9Gq3HD0mg3TxOE4y4TdIY+g9inNZUr82Pay
xDVTjT5LghdqB1gDR4sjAMo7oGvOOEibGG8HYRrvvomuxXe8tXYae6liIJ0nsiFF
VT2TgDzBr6TnZQ+TDpezU2FuurLUb84FJfCif5GWWfuKoTY=
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:43:16 2025 by rpki-client