Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: emB/aCC4ohxnpBQiOVluh6FdlgWBNJuiuvHuc7fIovI=
Subject key identifier: 9F:42:FB:62:16:42:B0:DD:ED:CB:63:26:02:96:68:9C:83:6B:7D:99
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 415EADA81FC096497CE95D40DE0677397703B508
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Tue 21 Oct 2025 15:00:31 +0000
ROA not before: Tue 21 Oct 2025 15:00:31 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:5e:ad:a8:1f:c0:96:49:7c:e9:5d:40:de:06:77:39:77:03:b5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:31 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=d89c0f697a16fc91aa324b320508dd06ed618478fe697d7ffcee46f0f5fba66a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:d2:2c:57:48:21:1a:13:4a:9f:ac:3d:00:
39:fc:06:2a:3d:6b:26:14:01:66:7d:d3:6e:f4:19:
95:0a:db:d7:a9:2d:ba:05:21:86:0a:29:fd:37:60:
3a:19:8c:74:53:28:d6:9f:7f:42:20:3c:64:42:3b:
fe:20:9f:71:d3:62:82:44:b8:a3:ea:32:cb:1f:53:
f1:b8:17:d2:a0:a8:fa:e4:09:b3:ae:f7:66:2c:4a:
90:db:13:ad:6b:cd:23:76:c9:4b:39:45:67:3c:4a:
39:51:64:4a:ae:a3:c8:1a:40:ca:47:4b:61:af:cd:
1a:5e:c2:a8:bb:a4:e3:6a:74:26:98:80:b5:9a:0d:
95:38:54:87:51:ce:4a:0f:a3:32:62:71:3e:bf:df:
63:8f:a7:98:b6:fe:80:13:72:f4:9d:0f:62:46:af:
2e:6d:09:30:31:c8:2e:4e:0b:5c:af:56:70:c7:6b:
0e:4e:5c:81:19:8e:7e:89:35:1c:43:5c:99:24:6a:
50:3b:ba:e6:c8:5f:ba:07:c2:c3:da:be:7f:74:91:
4a:fd:fb:aa:ad:3e:7a:e2:cd:c7:48:12:f7:5b:43:
8e:8c:48:85:3a:e3:98:4f:6d:4c:2f:57:c5:65:84:
e5:74:ab:cc:64:88:42:bd:d8:f4:36:ef:13:f5:26:
d9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:42:FB:62:16:42:B0:DD:ED:CB:63:26:02:96:68:9C:83:6B:7D:99
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9e:1a:4f:b8:5f:6a:c0:5d:ae:81:40:a2:42:55:c2:0b:f5:48:
2d:17:92:d8:0e:2b:f3:ea:7c:0c:f4:10:d1:3f:5e:3e:e8:3a:
d3:4b:03:ef:8b:95:f9:14:a9:1b:4b:22:90:a2:1b:d8:d7:6a:
d4:fb:77:99:4d:5d:69:44:34:86:ba:5f:40:0b:38:1d:59:e3:
89:82:70:6a:07:b7:38:cd:3f:10:5b:f8:15:15:71:3c:b8:c3:
02:76:4d:1c:08:c2:d3:fd:81:fd:bd:d5:86:5f:80:e6:0d:0a:
1f:b4:07:b5:e2:ea:0e:3b:38:4c:a0:ac:4a:ff:2d:b3:27:2a:
2a:54:f1:ea:64:0b:cb:7a:7d:de:00:f3:fd:52:26:c4:82:64:
fc:de:97:a7:45:40:eb:5c:40:bd:60:af:2e:b9:d1:63:73:75:
db:19:77:9b:e2:11:c7:e3:02:2f:1b:01:a4:05:aa:24:e3:55:
cc:12:20:c4:fe:58:95:0a:5c:ed:15:5d:ec:74:7d:b0:63:4b:
81:04:62:42:ee:fa:87:a2:f3:6e:27:89:24:ee:0f:99:06:19:
b1:8e:b8:bf:1c:c7:20:da:8d:93:a0:7f:58:30:a3:1b:30:f1:
39:76:0c:be:ba:d5:f6:db:56:24:96:d2:dd:18:d9:79:e3:a2:
1f:e1:9b:ce
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQV6tqB/Alkl86V1A3gZ3OXcDtQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMzFaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ4OWMwZjY5N2ExNmZjOTFhYTMyNGIzMjA1MDhkZDA2ZWQ2MTg0NzhmZTY5
N2Q3ZmZjZWU0NmYwZjVmYmE2NmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALeZ0ixXSCEaE0qfrD0AOfwGKj1rJhQBZn3TbvQZlQrb16ktugUhhgop/Tdg
OhmMdFMo1p9/QiA8ZEI7/iCfcdNigkS4o+oyyx9T8bgX0qCo+uQJs673ZixKkNsT
rWvNI3bJSzlFZzxKOVFkSq6jyBpAykdLYa/NGl7CqLuk42p0JpiAtZoNlThUh1HO
Sg+jMmJxPr/fY4+nmLb+gBNy9J0PYkavLm0JMDHILk4LXK9WcMdrDk5cgRmOfok1
HENcmSRqUDu65shfugfCw9q+f3SRSv37qq0+euLNx0gS91tDjoxIhTrjmE9tTC9X
xWWE5XSrzGSIQr3Y9DbvE/Um2TMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSfQvti
FkKw3e3LYyYClmicg2t9mTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAnhpPuF9qwF2ugUCiQlXCC/VILReS2A4r8+p8DPQQ
0T9ePug600sD74uV+RSpG0sikKIb2Ndq1Pt3mU1daUQ0hrpfQAs4HVnjiYJwage3
OM0/EFv4FRVxPLjDAnZNHAjC0/2B/b3Vhl+A5g0KH7QHteLqDjs4TKCsSv8tsycq
KlTx6mQLy3p93gDz/VImxIJk/N6Xp0VA61xAvWCvLrnRY3N12xl3m+IRx+MCLxsB
pAWqJONVzBIgxP5YlQpc7RVd7HR9sGNLgQRiQu76h6LzbieJJO4PmQYZsY64vxzH
INqNk6B/WDCjGzDxOXYMvrrV9ttWJJbS3RjZeeOiH+Gbzg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:27:13 2025 by rpki-client