Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: 13efCDb70j/Fnr8jiYJmlcUGg/zIhHvsXkuthVcMD7Y=
Subject key identifier: 5B:E3:1E:25:91:D6:67:A5:84:5F:01:02:29:70:55:C6:32:9B:FB:21
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4D48F05B637E6371F78A8D5095A881EB2D8E1315
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Tue 21 Oct 2025 15:00:28 +0000
ROA not before: Tue 21 Oct 2025 15:00:28 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:48:f0:5b:63:7e:63:71:f7:8a:8d:50:95:a8:81:eb:2d:8e:13:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:28 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=b5d8a714dcb5ecd7b39159af192f805cdced663f62ed6f43a7add6bb64679202, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e0:33:27:cc:60:32:4e:e8:b7:2f:20:36:e1:
a0:ff:9c:3a:2c:d1:47:b5:a7:af:79:09:96:a0:c1:
07:a9:bd:e5:7a:df:dd:2d:b7:8d:ef:75:d2:8c:0e:
47:3c:cf:37:4f:22:6a:60:e4:40:97:23:fd:48:69:
5c:ec:5f:cf:12:26:ca:55:5a:78:1b:f8:33:a1:1d:
90:78:25:d9:81:90:fa:bb:29:4a:0a:dc:44:0e:03:
e1:d3:29:27:81:a9:dd:10:2c:e5:85:7c:a0:72:52:
96:6e:7f:a5:17:52:31:fc:48:27:94:f3:eb:f0:97:
4c:58:22:95:a0:b7:5b:1d:d7:70:d3:80:31:ba:51:
9a:1c:41:43:c9:c8:b1:a9:9a:39:17:3f:43:df:e5:
60:32:11:e4:85:52:56:d8:a3:0a:39:18:a6:db:ae:
83:07:5c:2d:f2:c9:67:29:ef:3d:e6:39:46:23:2f:
6e:3a:5d:46:e9:b4:95:4a:7d:6f:e1:a5:8d:c7:a0:
3f:a2:f6:ce:74:a5:c4:6c:a8:85:e9:8b:9c:f3:5d:
f9:b7:31:95:1d:05:b5:dd:f4:7c:44:88:33:a2:0e:
8b:92:5f:76:1a:46:dd:1b:ee:15:8d:df:0e:71:db:
6f:39:86:91:c9:77:a1:fb:70:2d:73:8b:82:96:53:
e6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E3:1E:25:91:D6:67:A5:84:5F:01:02:29:70:55:C6:32:9B:FB:21
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ba:56:f6:a2:09:ab:77:af:e4:02:39:a6:c5:21:db:3c:20:42:
cc:97:90:3f:33:15:60:fb:29:ee:42:23:59:b4:a3:26:52:33:
af:22:5f:d3:bd:9f:37:2d:44:86:20:a6:38:cc:6a:7e:11:3e:
a2:9e:20:d4:9d:08:e2:b8:d6:d2:37:58:2c:94:79:ca:24:0e:
a5:eb:0e:de:80:29:21:0d:9b:ca:ff:1c:cd:37:99:2c:89:42:
0a:d7:f3:8a:7b:dd:1b:08:f9:eb:3e:5c:32:8f:81:c8:4f:31:
1b:41:fd:e0:69:0a:5f:ae:4c:0d:b4:dd:d1:22:78:69:ee:6a:
c0:00:93:b8:1e:1c:0f:84:e2:3f:2b:2c:a9:1f:73:eb:74:e9:
86:a0:8a:4b:90:9e:26:21:2a:62:46:ca:0d:d5:bb:f8:5d:ec:
6d:ed:bd:fe:90:bd:c3:df:7e:4e:82:de:3b:e1:59:61:9c:cc:
c0:4a:8d:68:02:6a:4a:9d:10:5b:fb:87:e9:08:da:5a:b3:f3:
a3:79:e1:13:60:03:cf:0d:af:c5:4c:50:e3:c1:64:73:e4:57:
2d:29:cb:f0:09:91:67:68:fd:a1:b0:31:30:18:9c:11:d2:83:
41:68:e9:49:85:ad:a7:34:cd:d3:69:e3:49:04:fc:aa:92:e6:
b5:82:fe:6d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTUjwW2N+Y3H3io1QlaiB6y2OExUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMjhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZDhhNzE0ZGNiNWVjZDdiMzkxNTlhZjE5MmY4MDVjZGNlZDY2M2Y2MmVk
NmY0M2E3YWRkNmJiNjQ2NzkyMDIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjgMyfMYDJO6LcvIDbhoP+cOizRR7Wnr3kJlqDBB6m95Xrf3S23je910owO
RzzPN08iamDkQJcj/UhpXOxfzxImylVaeBv4M6EdkHgl2YGQ+rspSgrcRA4D4dMp
J4Gp3RAs5YV8oHJSlm5/pRdSMfxIJ5Tz6/CXTFgilaC3Wx3XcNOAMbpRmhxBQ8nI
samaORc/Q9/lYDIR5IVSVtijCjkYptuugwdcLfLJZynvPeY5RiMvbjpdRum0lUp9
b+GljcegP6L2znSlxGyohemLnPNd+bcxlR0Ftd30fESIM6IOi5JfdhpG3RvuFY3f
DnHbbzmGkcl3oftwLXOLgpZT5tkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRb4x4l
kdZnpYRfAQIpcFXGMpv7ITAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQC6VvaiCat3r+QCOabFIds8IELMl5A/MxVg+ynuQiNZ
tKMmUjOvIl/TvZ83LUSGIKY4zGp+ET6iniDUnQjiuNbSN1gslHnKJA6l6w7egCkh
DZvK/xzNN5ksiUIK1/OKe90bCPnrPlwyj4HITzEbQf3gaQpfrkwNtN3RInhp7mrA
AJO4HhwPhOI/KyypH3PrdOmGoIpLkJ4mISpiRsoN1bv4Xext7b3+kL3D335Ogt47
4VlhnMzASo1oAmpKnRBb+4fpCNpas/OjeeETYAPPDa/FTFDjwWRz5FctKcvwCZFn
aP2hsDEwGJwR0oNBaOlJha2nNM3TaeNJBPyqkua1gv5t
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:53:10 2025 by rpki-client