Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: wTaaelk+AFFUbOY+jD6k4d5AjUBbYebekF8u16Ra4qg=
Subject key identifier: 00:5E:89:A3:70:FE:6C:AA:6F:1B:0D:4D:4E:E0:8B:63:A9:35:23:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7C9F7F23003023F44A7248B68B95E8061050F020
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Tue 21 Oct 2025 15:00:29 +0000
ROA not before: Tue 21 Oct 2025 15:00:29 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:9f:7f:23:00:30:23:f4:4a:72:48:b6:8b:95:e8:06:10:50:f0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:29 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=0a695e4376ff4f9a58e0ecb16c276a03ef15e4ff6b9397d6239d38e4bf99ff9e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b4:c0:06:9d:a1:37:ae:55:b2:4d:f9:bc:88:
04:14:f5:17:26:f0:18:c1:e3:1a:59:df:6a:40:f7:
de:db:63:6f:f6:b8:6b:ae:23:eb:be:43:84:8b:9c:
d7:ce:94:08:8e:52:55:a2:45:0f:a8:db:56:40:b7:
39:b0:07:1d:dd:0d:4c:71:18:bf:9e:29:b5:74:41:
0c:bd:de:be:7b:47:8d:ef:ed:b4:19:e6:82:1d:c1:
4c:0b:15:c1:2f:e6:1c:d9:4d:f5:0f:2f:57:9c:e4:
2e:fe:ea:07:f2:12:bc:0b:c1:5c:8c:05:1f:ce:23:
06:52:cc:53:f1:c4:2d:e4:0a:ff:af:6e:b0:9e:e3:
c0:9c:93:08:da:3b:a2:00:8c:63:74:e8:b5:07:54:
a8:90:ba:40:33:43:37:4b:24:95:fc:a2:c3:13:4a:
d5:5c:4b:ea:d9:c6:d1:0a:a7:ba:eb:50:b4:67:ef:
6e:e3:7b:ba:25:a5:99:cb:17:56:d7:f6:da:82:c5:
7f:e5:a6:1d:43:8c:22:05:12:37:97:fd:98:8b:1e:
33:5a:62:fd:b0:ee:84:f0:eb:58:fe:ed:57:09:c8:
46:9e:29:c1:bd:33:b3:a7:c1:e6:36:6e:0b:35:91:
dc:9f:20:37:b4:d9:e0:e4:69:1a:e4:d0:5c:d4:36:
5b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5E:89:A3:70:FE:6C:AA:6F:1B:0D:4D:4E:E0:8B:63:A9:35:23:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:ca:d5:db:d0:16:09:84:2a:a3:01:6d:54:c0:ee:0f:75:c2:
86:c3:b2:2c:7c:93:ed:b7:3a:14:60:b8:e9:0f:2f:17:43:22:
d1:7f:b4:85:ce:9e:9b:b9:34:0a:23:c0:a2:08:ee:06:66:d8:
19:04:8b:bb:0c:84:82:7c:a2:b5:13:ee:72:56:0f:46:ce:0d:
90:b4:b9:73:fd:bd:ca:41:4b:99:63:0f:55:71:bb:56:da:d6:
51:76:92:f1:b1:00:1e:86:94:71:33:ff:2c:48:33:bd:4b:cf:
71:16:5d:f4:44:c7:4b:ff:7c:6d:2e:2c:65:e2:dc:bf:48:50:
1b:68:6b:92:19:17:dd:20:61:59:f2:67:ad:cb:42:29:ae:3d:
af:1c:11:d7:3b:04:88:48:a7:68:78:6a:ec:b7:24:5f:1b:d3:
b3:a4:86:7d:8d:28:35:45:93:6f:cb:09:b7:c1:b2:0c:88:3b:
2d:39:e1:ca:ef:9a:0b:4c:cf:bc:d3:a5:80:e0:d3:6c:09:d6:
f0:7e:d7:a3:bf:63:d8:34:7c:a6:dd:2d:52:6d:14:c0:41:d3:
ec:85:ef:37:6a:1d:90:3a:8f:ee:7a:97:e2:5c:24:93:95:93:
48:59:28:d6:8e:d3:a4:74:cb:f2:50:db:57:e5:9d:5f:fa:4c:
c2:20:a8:52
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUfJ9/IwAwI/RKcki2i5XoBhBQ8CAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMjlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDBhNjk1ZTQzNzZmZjRmOWE1OGUwZWNiMTZjMjc2YTAzZWYxNWU0ZmY2Yjkz
OTdkNjIzOWQzOGU0YmY5OWZmOWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANK0wAadoTeuVbJN+byIBBT1FybwGMHjGlnfakD33ttjb/a4a64j675DhIuc
186UCI5SVaJFD6jbVkC3ObAHHd0NTHEYv54ptXRBDL3evntHje/ttBnmgh3BTAsV
wS/mHNlN9Q8vV5zkLv7qB/ISvAvBXIwFH84jBlLMU/HELeQK/69usJ7jwJyTCNo7
ogCMY3TotQdUqJC6QDNDN0sklfyiwxNK1VxL6tnG0QqnuutQtGfvbuN7uiWlmcsX
Vtf22oLFf+WmHUOMIgUSN5f9mIseM1pi/bDuhPDrWP7tVwnIRp4pwb0zs6fB5jZu
CzWR3J8gN7TZ4ORpGuTQXNQ2W/8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQAXomj
cP5sqm8bDU1O4ItjqTUjAjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAisrV29AWCYQqowFtVMDuD3XChsOyLHyT7bc6FGC4
6Q8vF0Mi0X+0hc6em7k0CiPAogjuBmbYGQSLuwyEgnyitRPuclYPRs4NkLS5c/29
ykFLmWMPVXG7VtrWUXaS8bEAHoaUcTP/LEgzvUvPcRZd9ETHS/98bS4sZeLcv0hQ
G2hrkhkX3SBhWfJnrctCKa49rxwR1zsEiEinaHhq7LckXxvTs6SGfY0oNUWTb8sJ
t8GyDIg7LTnhyu+aC0zPvNOlgODTbAnW8H7Xo79j2DR8pt0tUm0UwEHT7IXvN2od
kDqP7nqX4lwkk5WTSFko1o7TpHTL8lDbV+WdX/pMwiCoUg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:30:37 2025 by rpki-client