Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: ktW3qNqUPX1/NRfeZZIdV2S+z9zsHaFaqBokm9XQU+A=
Subject key identifier: FB:75:4F:6B:53:CA:B6:03:26:5D:CF:C0:B5:CA:E4:8D:27:9C:E5:90
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 60447D7C7D91B303BDE27E4529DDAA104B57E7FE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Tue 21 Oct 2025 14:40:02 +0000
ROA not before: Tue 21 Oct 2025 14:40:02 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:44:7d:7c:7d:91:b3:03:bd:e2:7e:45:29:dd:aa:10:4b:57:e7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:02 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=3d91e60515e1a9a6313f450ceed1a8a6fc00db919344a41a17b12825c705c5e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:bb:b2:7c:55:97:1f:c9:37:ec:43:c9:fa:43:
14:50:0c:b5:57:bb:c9:c3:df:28:8e:b1:db:64:37:
3a:1a:64:e8:42:1e:23:1b:95:25:ef:04:7f:63:ce:
bc:1f:6d:31:ba:c3:d8:60:e1:ea:1c:60:e9:0b:c8:
cc:f1:5e:a7:61:70:72:90:83:ad:16:08:a1:73:72:
9a:f5:24:ff:20:ef:8c:c3:83:75:62:05:2a:18:88:
12:bd:f8:a1:78:9b:59:36:77:af:dc:7b:c0:d6:a4:
cc:0f:a5:1f:c7:88:42:d7:1c:cd:db:8e:96:fa:c4:
4f:c6:b7:ba:09:19:81:f6:7e:9d:c8:7d:92:47:af:
f6:74:91:12:e6:98:dc:2d:3a:3d:a7:21:a9:ee:4f:
e9:c4:2a:b7:0a:7e:6d:ca:76:2d:51:90:cb:f9:9e:
34:22:74:6f:df:ec:a8:5d:4f:41:06:b8:cd:60:be:
0a:1b:5b:ff:31:38:fa:94:c4:e9:e0:e6:2a:d5:fe:
0f:b6:2a:d1:66:c4:e0:65:3d:30:a0:76:4c:58:f3:
be:c1:ee:7a:d4:71:6e:9a:9f:86:a8:f9:d2:ce:b4:
f8:f9:85:0f:2c:9f:41:3d:2f:36:2b:ea:b8:11:1a:
42:75:9b:60:97:40:79:6f:3a:6c:36:fd:bf:92:df:
9e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:75:4F:6B:53:CA:B6:03:26:5D:CF:C0:B5:CA:E4:8D:27:9C:E5:90
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:95:72:ee:04:c1:7f:6a:0d:38:c4:88:e0:d0:bd:1b:12:58:
dc:5c:58:39:f2:a7:d7:49:87:b0:cd:f8:5c:af:db:aa:40:6d:
ea:9e:e8:dc:99:e4:93:69:be:72:88:44:02:e6:09:a8:07:5d:
dc:74:44:15:c7:b0:54:64:5a:e4:c7:6e:9b:f1:32:63:ec:76:
f7:8a:6c:03:de:d0:5a:ed:1f:6e:5e:1e:bd:c9:b4:df:12:fe:
11:02:12:22:60:eb:e7:4d:61:eb:62:ec:95:48:48:c6:11:66:
75:89:4e:4a:56:c5:51:26:2e:c5:26:8b:a4:e3:70:59:22:9e:
21:50:c6:96:fd:fa:35:c8:75:7b:c7:28:c0:96:46:d0:e3:f3:
66:1b:29:de:78:f2:3b:05:b7:7d:f1:a5:1a:b0:4d:01:81:3f:
28:32:51:44:3f:fc:0f:0b:6b:0e:67:98:31:b0:c7:32:2c:70:
c2:2a:ac:96:f0:ff:f5:5a:e6:f7:63:40:c8:c9:e2:7a:40:62:
a1:a0:c2:99:fa:db:d2:22:05:7f:07:a4:9a:98:7b:65:95:a2:
6e:bd:d7:ed:65:61:7b:d6:93:55:cf:79:21:a0:9c:4a:f5:d2:
1c:75:70:c4:ea:f1:8c:bf:28:3e:46:64:22:42:bd:02:fa:12:
0d:ce:5a:99
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYER9fH2RswO94n5FKd2qEEtX5/4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkOTFlNjA1MTVlMWE5YTYzMTNmNDUwY2VlZDFhOGE2ZmMwMGRiOTE5MzQ0
YTQxYTE3YjEyODI1YzcwNWM1ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANS7snxVlx/JN+xDyfpDFFAMtVe7ycPfKI6x22Q3Ohpk6EIeIxuVJe8Ef2PO
vB9tMbrD2GDh6hxg6QvIzPFep2FwcpCDrRYIoXNymvUk/yDvjMODdWIFKhiIEr34
oXibWTZ3r9x7wNakzA+lH8eIQtcczduOlvrET8a3ugkZgfZ+nch9kkev9nSREuaY
3C06Pachqe5P6cQqtwp+bcp2LVGQy/meNCJ0b9/sqF1PQQa4zWC+Chtb/zE4+pTE
6eDmKtX+D7Yq0WbE4GU9MKB2TFjzvsHuetRxbpqfhqj50s60+PmFDyyfQT0vNivq
uBEaQnWbYJdAeW86bDb9v5LfnhECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT7dU9r
U8q2AyZdz8C1yuSNJ5zlkDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAzpVy7gTBf2oNOMSI4NC9GxJY3FxYOfKn10mHsM34
XK/bqkBt6p7o3Jnkk2m+cohEAuYJqAdd3HREFcewVGRa5Mdum/EyY+x294psA97Q
Wu0fbl4evcm03xL+EQISImDr501h62LslUhIxhFmdYlOSlbFUSYuxSaLpONwWSKe
IVDGlv36Nch1e8cowJZG0OPzZhsp3njyOwW3ffGlGrBNAYE/KDJRRD/8DwtrDmeY
MbDHMixwwiqslvD/9Vrm92NAyMniekBioaDCmfrb0iIFfwekmph7ZZWibr3X7WVh
e9aTVc95IaCcSvXSHHVwxOrxjL8oPkZkIkK9AvoSDc5amQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:06:06 2025 by rpki-client