Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
File: b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa (raw, json)
Hash identifier: 7BdbOsiwHv03RZjcCE2u27sz6x1dSRr1utBq2aamh1g=
Subject key identifier: A0:55:12:59:C1:22:09:CE:0B:B6:F5:7B:5A:9F:02:2B:C9:F1:7D:97
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4CDAB7E5DAE8265E1329E7A05D583B1FDB3EFDA5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
Signing time: Tue 21 Oct 2025 14:50:18 +0000
ROA not before: Tue 21 Oct 2025 14:50:18 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.218.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:da:b7:e5:da:e8:26:5e:13:29:e7:a0:5d:58:3b:1f:db:3e:fd:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:18 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=f57364df94ec26913c7efacad96dfb962ce519b5a4cf93e3447eb7950277803c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3e:19:55:7d:08:7c:6e:1b:89:ed:e5:c5:8a:
bc:be:4c:f9:b3:6e:30:7d:e4:d2:90:fe:27:18:0c:
9f:8f:74:b3:d1:e8:de:19:c8:9b:5a:0e:55:43:98:
cf:ce:15:cb:c0:25:88:9a:66:76:9c:f1:02:d9:6e:
28:11:25:ed:46:39:bc:ea:19:fa:5a:91:df:2b:a0:
da:12:83:1b:11:dc:85:4c:2e:96:86:7d:2b:fe:f8:
6a:41:99:fd:05:58:5a:45:8d:43:3a:c4:fc:51:84:
b1:17:ba:88:13:fd:a4:18:8d:37:bf:63:46:dd:ed:
34:85:ec:49:3f:04:0c:cc:06:d8:c8:3e:b4:d9:e0:
4a:4b:bc:78:2f:3d:76:f1:9c:0a:fa:99:d5:68:9a:
07:bc:84:ae:6f:e2:48:31:e3:d7:b3:76:60:fb:df:
c0:d6:33:ff:b5:0c:d7:f9:d0:9d:6b:0e:bd:09:03:
94:fd:f6:37:cb:12:3f:c7:e0:8b:8d:00:7e:44:d8:
a5:e0:0d:76:01:24:20:f1:ea:0f:27:fb:3d:13:0c:
34:16:32:79:8b:25:18:b6:52:f2:46:79:be:b5:13:
e7:71:08:de:fe:f7:7c:6d:8e:dd:5f:bf:06:27:6d:
ed:3e:06:e3:3d:ac:25:ff:d9:5f:bb:b1:96:1d:b4:
53:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:55:12:59:C1:22:09:CE:0B:B6:F5:7B:5A:9F:02:2B:C9:F1:7D:97
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b2cfc52a-1f15-43b9-93f9-9828d60fbe69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.218.122.0/24
Signature Algorithm: sha256WithRSAEncryption
68:4d:ff:60:c7:46:40:33:fd:9a:95:c8:27:e5:59:39:c4:ae:
8f:6c:08:01:74:c6:13:a4:60:21:d9:78:3f:df:38:a5:2a:aa:
52:be:4e:b8:88:d3:8a:42:25:a2:63:18:07:5e:96:62:c8:08:
e9:39:73:9a:62:f7:ff:85:02:35:b3:64:d5:0b:2b:d1:f3:d3:
0e:b9:37:d2:e0:4c:26:d4:a5:14:a7:7a:19:22:5d:89:fd:37:
61:23:85:0c:ad:92:78:a2:90:57:75:8d:ff:01:fe:fb:8d:06:
47:a7:d9:22:05:e3:4e:95:d3:83:f9:2e:e8:66:a0:1e:46:a9:
e9:d7:ac:ed:6a:19:04:be:18:1c:5d:5c:fd:70:67:4e:4d:32:
9c:a7:24:04:b8:6c:f9:6e:b6:a6:12:bb:ab:26:a2:cb:13:a2:
ec:e8:1d:52:e1:eb:c8:12:72:cd:0d:f6:f7:00:28:2e:64:c0:
70:5d:b5:5a:04:0f:97:f7:2c:9c:f5:f0:27:5f:42:ea:12:90:
8a:86:fa:62:9c:a2:b8:ab:00:d9:26:df:90:9d:2a:91:8b:44:
f7:df:d2:27:e0:73:e5:2c:07:69:60:2c:96:57:b0:9e:5a:eb:
51:0e:52:0b:d5:a3:6b:6a:49:b5:3f:41:f6:01:95:ce:f1:a8:
8a:ae:dd:48
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUTNq35droJl4TKeegXVg7H9s+/aUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMThaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1NzM2NGRmOTRlYzI2OTEzYzdlZmFjYWQ5NmRmYjk2MmNlNTE5YjVhNGNm
OTNlMzQ0N2ViNzk1MDI3NzgwM2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJw+GVV9CHxuG4nt5cWKvL5M+bNuMH3k0pD+JxgMn490s9Ho3hnIm1oOVUOY
z84Vy8AliJpmdpzxAtluKBEl7UY5vOoZ+lqR3yug2hKDGxHchUwuloZ9K/74akGZ
/QVYWkWNQzrE/FGEsRe6iBP9pBiNN79jRt3tNIXsST8EDMwG2Mg+tNngSku8eC89
dvGcCvqZ1WiaB7yErm/iSDHj17N2YPvfwNYz/7UM1/nQnWsOvQkDlP32N8sSP8fg
i40AfkTYpeANdgEkIPHqDyf7PRMMNBYyeYslGLZS8kZ5vrUT53EI3v73fG2O3V+/
Bidt7T4G4z2sJf/ZX7uxlh20U88CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSgVRJZ
wSIJzgu29XtanwIryfF9lzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjJjZmM1MmEtMWYxNS00M2I5LTkzZjktOTgyOGQ2MGZiZTY5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMHaejAN
BgkqhkiG9w0BAQsFAAOCAQEAaE3/YMdGQDP9mpXIJ+VZOcSuj2wIAXTGE6RgIdl4
P984pSqqUr5OuIjTikIlomMYB16WYsgI6TlzmmL3/4UCNbNk1Qsr0fPTDrk30uBM
JtSlFKd6GSJdif03YSOFDK2SeKKQV3WN/wH++40GR6fZIgXjTpXTg/ku6GagHkap
6des7WoZBL4YHF1c/XBnTk0ynKckBLhs+W62phK7qyaiyxOi7OgdUuHryBJyzQ32
9wAoLmTAcF21WgQPl/csnPXwJ19C6hKQiob6YpyiuKsA2SbfkJ0qkYtE99/SJ+Bz
5SwHaWAsllewnlrrUQ5SC9Wja2pJtT9B9gGVzvGoiq7dSA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:01:32 2025 by rpki-client