Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
File: e1d9282c-1734-4426-ab04-111f2637372c.roa (raw, json)
Hash identifier: 40HOQf+QIy3VgOUjbcUVmv8H6APhgiqIgS+O582Sz6o=
Subject key identifier: F7:B2:97:30:99:84:38:ED:36:29:BD:F6:6B:2F:F8:78:BD:7A:52:18
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22F8030186EDCFEF06735ADA8B8885497A32AC80
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
Signing time: Wed 22 Oct 2025 00:50:12 +0000
ROA not before: Wed 22 Oct 2025 00:50:12 +0000
ROA not after: Wed 26 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 212.173.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:f8:03:01:86:ed:cf:ef:06:73:5a:da:8b:88:85:49:7a:32:ac:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 22 00:50:12 2025 GMT
Not After : Nov 26 23:59:59 2025 GMT
Subject: serialNumber=a1e2f2a3504863b1af3786d0a76d1b909d356b2857e58dd674c71f63b8fb0e8f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:30:fa:2f:95:d2:b1:ca:ec:84:b4:f1:36:d3:
80:ce:bc:95:71:39:96:16:6e:e2:c0:30:ff:cd:2e:
e0:36:08:01:a8:94:1d:1e:8d:79:64:ba:88:e6:ed:
58:cf:90:4c:57:df:fb:c8:ef:52:cb:28:d9:a8:66:
b1:ab:bb:00:84:ec:5f:de:04:95:7a:93:7c:b1:20:
4c:ee:4a:a1:e7:7f:9b:d9:7e:4e:e6:db:52:fa:46:
17:55:6a:38:36:b9:6d:77:c5:2c:42:f0:01:ac:15:
0f:55:98:49:15:9e:b1:26:f1:1e:a1:36:28:7d:d1:
dd:a0:29:ad:be:e2:2a:b3:ab:3b:85:cd:cd:a6:33:
45:c8:49:22:c3:fb:80:74:bb:24:eb:fc:28:94:7c:
17:5d:c0:a3:1e:ea:86:55:b5:72:22:00:80:04:b5:
4e:b3:bd:7e:e2:de:3e:b0:38:7f:a4:f7:f3:2a:ef:
4a:24:70:a8:2b:34:95:9f:54:5f:d9:55:a5:2b:16:
a5:6a:23:99:46:af:fb:ff:c3:5d:43:3e:66:b8:7d:
61:89:36:c8:d1:56:92:81:2c:2d:cd:9c:18:06:7c:
ff:d1:9d:0d:88:c2:8d:da:d4:48:79:79:47:8e:70:
28:82:d2:d2:74:70:f7:e6:06:53:b2:bd:4a:cb:2d:
95:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B2:97:30:99:84:38:ED:36:29:BD:F6:6B:2F:F8:78:BD:7A:52:18
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e1d9282c-1734-4426-ab04-111f2637372c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.173.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9a:89:6c:90:f6:f3:ef:40:24:4a:fb:81:a3:76:fe:36:de:27:
40:2f:8f:6f:11:ee:0a:1e:71:dc:1f:58:9f:a9:3d:a8:7b:1d:
4a:a1:22:45:7b:f8:93:d0:0e:c5:c4:e0:b6:1c:50:2e:da:56:
7d:ef:34:f2:ce:72:0a:c0:89:06:de:fa:4e:ce:39:41:14:1c:
65:79:83:1f:35:04:b1:20:44:02:6b:56:90:01:57:6d:55:fe:
e5:ef:77:af:f8:03:04:a7:a2:7a:10:43:11:84:bd:27:9d:75:
97:ac:6d:8d:51:a7:fe:45:16:2a:3e:f2:15:cd:3b:37:7e:b0:
ff:53:2a:69:a5:e4:a1:5e:0d:c8:e9:16:d2:b1:ad:0e:ce:44:
f7:4c:9a:3c:74:e6:1e:50:ed:5b:67:80:fb:8f:be:12:cd:45:
7d:28:2f:3b:b0:1f:68:48:71:cb:dd:4b:9a:56:bd:7a:a3:e3:
ff:c2:fa:7e:95:c0:24:1e:7e:80:2d:80:b8:6c:e6:40:c9:6a:
98:91:57:96:20:2f:ec:2b:d8:f1:6d:bb:2d:38:67:34:79:94:
17:c9:82:cb:a3:b0:74:76:9e:01:44:0f:f3:11:59:8a:1d:e0:
fa:13:b8:84:e6:8c:fa:4e:7d:22:ea:f9:7d:b6:52:7e:c8:ba:
70:21:7e:37
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIvgDAYbtz+8Gc1rai4iFSXoyrIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjIwMDUwMTJaFw0yNTExMjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGExZTJmMmEzNTA0ODYzYjFhZjM3ODZkMGE3NmQxYjkwOWQzNTZiMjg1N2U1
OGRkNjc0YzcxZjYzYjhmYjBlOGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMUw+i+V0rHK7IS08TbTgM68lXE5lhZu4sAw/80u4DYIAaiUHR6NeWS6iObt
WM+QTFff+8jvUsso2ahmsau7AITsX94ElXqTfLEgTO5Koed/m9l+TubbUvpGF1Vq
ODa5bXfFLELwAawVD1WYSRWesSbxHqE2KH3R3aAprb7iKrOrO4XNzaYzRchJIsP7
gHS7JOv8KJR8F13Aox7qhlW1ciIAgAS1TrO9fuLePrA4f6T38yrvSiRwqCs0lZ9U
X9lVpSsWpWojmUav+//DXUM+Zrh9YYk2yNFWkoEsLc2cGAZ8/9GdDYjCjdrUSHl5
R45wKILS0nRw9+YGU7K9SsstlckCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT3spcw
mYQ47TYpvfZrL/h4vXpSGDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTFkOTI4MmMtMTczNC00NDI2LWFiMDQtMTExZjI2MzczNzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9StgDAN
BgkqhkiG9w0BAQsFAAOCAQEAmolskPbz70AkSvuBo3b+Nt4nQC+PbxHuCh5x3B9Y
n6k9qHsdSqEiRXv4k9AOxcTgthxQLtpWfe808s5yCsCJBt76Ts45QRQcZXmDHzUE
sSBEAmtWkAFXbVX+5e93r/gDBKeiehBDEYS9J511l6xtjVGn/kUWKj7yFc07N36w
/1MqaaXkoV4NyOkW0rGtDs5E90yaPHTmHlDtW2eA+4++Es1FfSgvO7AfaEhxy91L
mla9eqPj/8L6fpXAJB5+gC2AuGzmQMlqmJFXliAv7CvY8W27LThnNHmUF8mCy6Ow
dHaeAUQP8xFZih3g+hO4hOaM+k59Iur5fbZSfsi6cCF+Nw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:05:57 2025 by rpki-client