Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
File: d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa (raw, json)
Hash identifier: Jwfcpwbj9f64zkt+V2T6mu5c+mSv/4re/ZgLgvpAIsQ=
Subject key identifier: 61:CB:8D:44:74:7C:07:D6:CB:CF:CC:5D:A1:3C:AC:CE:78:2A:3F:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66377902457443218F40DD831C6250A4A42E1582
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
Signing time: Tue 21 Oct 2025 15:00:28 +0000
ROA not before: Tue 21 Oct 2025 15:00:28 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:37:79:02:45:74:43:21:8f:40:dd:83:1c:62:50:a4:a4:2e:15:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 15:00:28 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=b9c218fb97f75892acf5b7becc7e8ffdb8d6b2f9e083e4991551aabc8a740580, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a1:94:71:d7:c4:13:f4:29:6d:06:a0:49:11:
ce:35:08:24:38:41:0f:80:ff:25:55:10:0e:db:42:
2d:f4:be:72:9a:29:96:38:3b:b5:7a:67:2d:28:89:
97:0c:e4:2c:fc:3d:72:7d:af:e7:05:c6:c1:c4:92:
b1:fe:1f:ad:70:38:64:0d:d6:64:aa:11:51:15:59:
e7:16:40:b8:eb:7e:34:56:66:cb:a0:23:41:c9:1c:
f5:64:f7:15:67:ca:72:ef:9e:8d:7e:17:fd:a1:8e:
20:11:b5:6e:71:9d:20:d3:e2:95:eb:35:ab:1e:8c:
8b:95:2c:67:6a:39:5b:5e:c1:8b:bd:aa:4e:3b:02:
cc:e2:68:8c:1e:21:81:1a:27:5f:26:01:7c:8e:c4:
94:cb:33:cf:c3:32:36:97:62:08:a6:cc:76:bc:b6:
ac:9e:68:5c:99:fe:25:4d:23:8d:05:4c:8c:73:b7:
58:d3:40:25:d7:d7:8a:73:81:47:c2:ac:e3:46:11:
e1:89:ef:6c:56:3d:4d:ef:2b:6f:3f:28:f6:05:50:
d9:0f:dc:40:5f:ef:e1:81:d7:1c:d2:ce:82:90:fa:
77:7b:8c:9d:99:06:49:9c:cc:dd:5a:e1:29:67:d8:
c0:e3:98:8f:83:ca:54:80:26:13:b3:4c:8a:32:a6:
f1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:CB:8D:44:74:7C:07:D6:CB:CF:CC:5D:A1:3C:AC:CE:78:2A:3F:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d371c773-1aa2-4d5b-9804-ea5d64fadc0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.224.0/19
Signature Algorithm: sha256WithRSAEncryption
c7:a6:b4:14:dc:e4:5a:4e:29:11:18:81:31:bd:4f:e9:70:c1:
19:07:f0:c4:ad:fd:88:d7:2f:82:f6:e4:03:4f:4c:8e:9c:98:
6f:f8:14:09:2e:98:d4:ac:39:bf:15:3f:a9:14:b4:d6:b2:db:
f8:87:0f:11:43:08:a4:eb:98:de:f5:53:44:2a:9b:4b:ee:22:
c6:21:5f:ae:d7:ce:e3:70:b7:8b:3f:12:61:b8:3e:c1:f9:4d:
c5:28:a5:b2:ec:d1:80:af:23:3b:40:45:f1:bd:1b:db:1e:67:
42:11:70:e3:39:f1:dc:d0:6e:e8:a2:4b:4d:a8:27:af:39:68:
61:3d:69:4b:6d:66:1d:1c:d1:b6:4a:6e:3e:1b:11:5a:7d:43:
f6:76:9a:77:eb:0b:21:d9:06:1b:bd:de:9a:33:ca:3b:5e:61:
00:a7:f9:ba:7c:fb:d5:ce:08:9b:c7:44:33:d3:be:87:27:c6:
9a:1f:1d:a8:ab:cc:59:17:de:f1:26:91:bd:5f:5f:79:1d:62:
91:3a:2d:d9:93:04:e1:a3:60:a5:d1:d8:9a:b5:02:bc:39:fa:
5f:6e:b6:63:96:77:87:3f:6c:ed:e7:cc:1d:2b:2a:f3:75:e6:
f3:0a:13:70:15:af:de:4f:c4:52:d0:92:1e:7c:d2:f2:44:f7:
98:6f:54:c5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZjd5AkV0QyGPQN2DHGJQpKQuFYIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNTAwMjhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGI5YzIxOGZiOTdmNzU4OTJhY2Y1YjdiZWNjN2U4ZmZkYjhkNmIyZjllMDgz
ZTQ5OTE1NTFhYWJjOGE3NDA1ODAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALChlHHXxBP0KW0GoEkRzjUIJDhBD4D/JVUQDttCLfS+cpopljg7tXpnLSiJ
lwzkLPw9cn2v5wXGwcSSsf4frXA4ZA3WZKoRURVZ5xZAuOt+NFZmy6AjQckc9WT3
FWfKcu+ejX4X/aGOIBG1bnGdINPiles1qx6Mi5UsZ2o5W17Bi72qTjsCzOJojB4h
gRonXyYBfI7ElMszz8MyNpdiCKbMdry2rJ5oXJn+JU0jjQVMjHO3WNNAJdfXinOB
R8Ks40YR4YnvbFY9Te8rbz8o9gVQ2Q/cQF/v4YHXHNLOgpD6d3uMnZkGSZzM3Vrh
KWfYwOOYj4PKVIAmE7NMijKm8QsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRhy41E
dHwH1svPzF2hPKzOeCo/IDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDM3MWM3NzMtMWFhMi00ZDViLTk4MDQtZWE1ZDY0ZmFkYzBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBY9B4DAN
BgkqhkiG9w0BAQsFAAOCAQEAx6a0FNzkWk4pERiBMb1P6XDBGQfwxK39iNcvgvbk
A09MjpyYb/gUCS6Y1Kw5vxU/qRS01rLb+IcPEUMIpOuY3vVTRCqbS+4ixiFfrtfO
43C3iz8SYbg+wflNxSilsuzRgK8jO0BF8b0b2x5nQhFw4znx3NBu6KJLTagnrzlo
YT1pS21mHRzRtkpuPhsRWn1D9naad+sLIdkGG73emjPKO15hAKf5unz71c4Im8dE
M9O+hyfGmh8dqKvMWRfe8SaRvV9feR1ikTot2ZME4aNgpdHYmrUCvDn6X262Y5Z3
hz9s7efMHSsq83Xm8woTcBWv3k/EUtCSHnzS8kT3mG9UxQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:20:24 2025 by rpki-client