Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: cEQG7TV2+uREjJGQBsHDScT1EjjiJqcqO8dUcOkzIC4=
Subject key identifier: 5E:10:4B:BF:E9:C9:13:5D:8B:A3:EE:8D:01:91:26:6F:77:3B:B0:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 284BC51E90E1379EB6C2D696CB7CFA6E87D7CD20
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Fri 31 Oct 2025 02:00:07 +0000
ROA not before: Fri 31 Oct 2025 02:00:07 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:4b:c5:1e:90:e1:37:9e:b6:c2:d6:96:cb:7c:fa:6e:87:d7:cd:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:07 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=1c0de26077456cefc1468f09b4ffb3b6832fc6cf3aa8427941732d7b4e287b33, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:11:37:88:7d:fd:e4:30:8f:f7:fc:f0:bc:
d2:72:36:5f:d2:b7:e4:30:17:15:9e:00:b5:5f:c0:
34:59:a6:e8:16:4d:9a:a8:34:06:78:4d:23:ea:7d:
a2:4e:22:a3:0c:ba:e9:af:c3:45:cd:1b:0d:9a:bd:
c6:e3:61:bb:6c:6f:f6:90:17:8d:cc:27:62:f6:1c:
e5:b2:15:da:e2:a1:ea:31:5a:09:7f:c0:78:71:e5:
0d:1a:9c:6c:13:95:77:62:81:7b:a4:fb:a1:5a:71:
1f:c5:a4:cc:1b:57:c9:c2:43:ce:b6:cf:b4:c5:35:
a0:cf:74:32:27:ed:76:a8:e8:72:be:6f:fe:ce:51:
af:bc:2f:b5:56:2e:f9:ca:23:54:7e:c3:d6:95:ca:
3c:8c:24:33:6c:e1:71:f6:e0:e7:be:6d:6a:40:4c:
c7:8e:1b:b7:ec:73:f6:25:ac:df:a5:76:c1:20:04:
89:a8:1b:d1:b0:a8:96:d7:58:f2:29:31:b8:c8:f9:
2b:b4:f9:d1:dc:52:59:88:a1:8f:29:a6:0a:4c:f8:
ae:fe:ff:59:a7:e5:51:5b:ca:9c:07:4f:cc:bd:b3:
e7:23:eb:dc:e0:61:c6:13:db:7a:da:47:a1:a3:32:
4b:25:c9:4b:00:84:2d:50:01:5e:89:a3:0e:91:6c:
a1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:10:4B:BF:E9:C9:13:5D:8B:A3:EE:8D:01:91:26:6F:77:3B:B0:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a9:57:e6:86:4b:1a:ec:c3:a4:ba:3a:95:ae:24:99:ca:a6:9f:
f3:ca:75:ff:a8:8d:bf:2c:37:11:5a:b2:3f:c5:49:ae:d5:6e:
96:e9:b8:24:75:a6:c2:dc:fb:51:c1:67:9b:34:e7:4e:3e:c4:
e4:c7:d9:8a:e2:a6:13:2b:f4:32:3c:2a:67:14:bb:20:12:94:
1e:8f:0b:6b:e7:b7:bb:0e:2b:cd:ab:f6:a4:05:2f:a3:76:01:
04:d9:5c:16:23:7a:37:8c:5c:63:df:bd:df:a6:41:ae:66:f0:
dc:f4:ea:5f:63:3c:bb:40:12:74:d6:41:f4:9e:eb:50:1c:dc:
2f:32:43:a3:6f:65:d9:88:ad:cf:5d:3d:c3:c1:45:52:31:fe:
59:63:a3:84:f1:b3:a7:cd:af:6e:4e:25:d5:4b:cf:8f:62:a7:
bb:ee:71:80:dd:5b:79:19:b8:5a:18:f4:92:22:77:a4:12:4f:
39:c3:8e:84:1d:9b:20:20:af:36:b4:6f:d0:83:32:ec:a3:65:
1a:40:54:0a:5a:4f:b5:59:f3:8b:ba:29:93:05:0a:89:2b:02:
d3:02:b5:e3:04:9a:08:05:41:cf:fa:25:ed:79:84:4a:e8:08:
1d:2d:35:72:6e:d6:f3:fa:5f:ac:87:b3:c3:46:c3:a4:35:37:
f8:d2:86:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKEvFHpDhN562wtaWy3z6bofXzSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMDdaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQDFjMGRlMjYwNzc0NTZjZWZjMTQ2OGYwOWI0ZmZiM2I2ODMyZmM2Y2YzYWE4
NDI3OTQxNzMyZDdiNGUyODdiMzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1tETeIff3kMI/3/PC80nI2X9K35DAXFZ4AtV/ANFmm6BZNmqg0BnhNI+p9
ok4iowy66a/DRc0bDZq9xuNhu2xv9pAXjcwnYvYc5bIV2uKh6jFaCX/AeHHlDRqc
bBOVd2KBe6T7oVpxH8WkzBtXycJDzrbPtMU1oM90Miftdqjocr5v/s5Rr7wvtVYu
+cojVH7D1pXKPIwkM2zhcfbg575takBMx44bt+xz9iWs36V2wSAEiagb0bColtdY
8ikxuMj5K7T50dxSWYihjymmCkz4rv7/WaflUVvKnAdPzL2z5yPr3OBhxhPbetpH
oaMySyXJSwCELVABXomjDpFsoa8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBReEEu/
6ckTXYuj7o0BkSZvdzuwoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQCpV+aGSxrsw6S6OpWuJJnKpp/zynX/qI2/LDcRWrI/
xUmu1W6W6bgkdabC3PtRwWebNOdOPsTkx9mK4qYTK/QyPCpnFLsgEpQejwtr57e7
DivNq/akBS+jdgEE2VwWI3o3jFxj373fpkGuZvDc9OpfYzy7QBJ01kH0nutQHNwv
MkOjb2XZiK3PXT3DwUVSMf5ZY6OE8bOnza9uTiXVS8+PYqe77nGA3Vt5GbhaGPSS
InekEk85w46EHZsgIK82tG/QgzLso2UaQFQKWk+1WfOLuimTBQqJKwLTArXjBJoI
BUHP+iXteYRK6AgdLTVybtbz+l+sh7PDRsOkNTf40oY/
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:36:01 2025 by rpki-client