Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
File: e398b47e-9867-4e71-96db-760f9102a39f.roa (raw, json)
Hash identifier: UO+hXd+3LXn8TD7TC7UOH/43q+neVpvFtfyCQ2d1Rsk=
Subject key identifier: A5:3A:55:20:93:70:41:6A:47:24:FF:7B:FA:46:98:F9:A7:BE:73:D6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5314A9E93C1AFD2F9A52B11AE4E4641C523C6EDA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
Signing time: Tue 21 Oct 2025 14:40:03 +0000
ROA not before: Tue 21 Oct 2025 14:40:03 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 62785
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:14:a9:e9:3c:1a:fd:2f:9a:52:b1:1a:e4:e4:64:1c:52:3c:6e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:03 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e38b820e570617043f62eb6516a6ebd09fd5a0473923bc29ca4b786b96bbfeb8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8f:c6:59:4d:2f:56:7e:b5:bd:3d:f5:ba:1c:
b4:f0:57:b5:d0:e9:7a:8d:71:be:1b:47:92:f4:ed:
bd:57:05:26:5c:51:7c:21:2a:26:ec:e8:74:29:94:
c0:06:30:4c:f9:c8:90:61:ca:60:41:4d:15:b8:cc:
c6:6e:7b:95:c6:32:13:00:47:af:95:fd:59:8d:ad:
0f:2a:d9:23:ce:c3:2e:1a:04:ee:d4:3c:00:25:a8:
6c:61:7e:37:c4:d1:d0:c0:c5:77:4e:52:29:ed:c1:
52:ed:c5:60:1e:6f:87:c9:83:f8:92:b4:e9:d0:46:
ae:63:d9:07:bc:fe:61:cc:bf:51:37:9d:b4:62:c1:
41:6f:00:af:63:c0:40:a1:0d:67:cb:c6:a6:c1:ba:
ad:66:f5:4f:62:68:88:5d:80:7d:b4:41:68:88:71:
7f:a3:6e:f3:25:24:aa:5c:be:74:14:2f:e1:0b:a6:
93:02:9f:18:02:38:e3:a3:08:10:1c:5e:43:5c:88:
03:85:29:34:a1:45:3c:51:9a:02:50:9f:37:c7:53:
2b:6a:18:e4:77:c8:a4:b6:6d:00:50:df:29:e4:5a:
95:bf:fc:0c:99:a0:e9:f2:0c:eb:66:2e:61:b1:fa:
6a:4d:17:2a:d9:8d:fc:68:5f:c6:ed:46:9d:a3:55:
17:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:3A:55:20:93:70:41:6A:47:24:FF:7B:FA:46:98:F9:A7:BE:73:D6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e398b47e-9867-4e71-96db-760f9102a39f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
45:9c:2e:8f:e6:4b:5a:f1:82:53:ea:db:45:8c:66:ae:e7:a4:
ad:89:07:27:50:04:73:be:80:50:c7:13:36:61:0e:ee:e3:b8:
c0:8e:3a:55:11:cb:b4:3e:88:4d:5b:89:c3:e0:ce:28:e5:fd:
da:2b:62:87:34:f0:5b:1d:ff:11:77:04:e2:ef:30:75:d3:0f:
e6:6f:93:2f:d9:72:78:9d:bd:c5:ea:61:ae:d6:ce:80:43:59:
4b:c9:58:03:49:12:18:74:f5:3f:44:42:c9:c0:8a:53:b9:7a:
b5:4c:1c:7a:56:56:c8:11:73:4c:39:a5:5a:d4:aa:ff:7e:4a:
da:79:fc:d3:98:15:b3:9a:11:c2:f0:36:b9:47:f2:8d:00:9e:
6e:f0:ec:ed:7e:c0:f4:51:c1:b9:ee:fc:a7:33:39:52:5a:f3:
87:04:89:18:e9:84:dd:42:3f:89:92:23:0a:eb:c3:b9:09:a1:
bc:fb:4e:1a:9a:6c:5a:b0:66:9d:26:d8:fd:72:c4:8d:1a:78:
14:5e:d5:e5:37:0d:a2:4c:c9:18:47:8e:b6:ba:47:57:eb:ea:
72:3f:e0:de:0f:68:69:45:7e:a9:c5:d6:ca:a7:0e:d0:e1:ac:
85:9a:7b:a4:be:6a:9a:8f:23:50:43:1e:9b:19:9b:e6:4d:fb:
6b:9c:4f:90
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUUxSp6Twa/S+aUrEa5ORkHFI8btowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDNaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzOGI4MjBlNTcwNjE3MDQzZjYyZWI2NTE2YTZlYmQwOWZkNWEwNDczOTIz
YmMyOWNhNGI3ODZiOTZiYmZlYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJaPxllNL1Z+tb099boctPBXtdDpeo1xvhtHkvTtvVcFJlxRfCEqJuzodCmU
wAYwTPnIkGHKYEFNFbjMxm57lcYyEwBHr5X9WY2tDyrZI87DLhoE7tQ8ACWobGF+
N8TR0MDFd05SKe3BUu3FYB5vh8mD+JK06dBGrmPZB7z+Ycy/UTedtGLBQW8Ar2PA
QKENZ8vGpsG6rWb1T2JoiF2AfbRBaIhxf6Nu8yUkqly+dBQv4QumkwKfGAI446MI
EBxeQ1yIA4UpNKFFPFGaAlCfN8dTK2oY5HfIpLZtAFDfKeRalb/8DJmg6fIM62Yu
YbH6ak0XKtmN/Ghfxu1GnaNVF+8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSlOlUg
k3BBakck/3v6Rpj5p75z1jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTM5OGI0N2UtOTg2Ny00ZTcxLTk2ZGItNzYwZjkxMDJhMzlmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEARZwuj+ZLWvGCU+rbRYxmruekrYkHJ1AEc76AUMcT
NmEO7uO4wI46VRHLtD6ITVuJw+DOKOX92itihzTwWx3/EXcE4u8wddMP5m+TL9ly
eJ29xephrtbOgENZS8lYA0kSGHT1P0RCycCKU7l6tUwcelZWyBFzTDmlWtSq/35K
2nn805gVs5oRwvA2uUfyjQCebvDs7X7A9FHBue78pzM5UlrzhwSJGOmE3UI/iZIj
CuvDuQmhvPtOGppsWrBmnSbY/XLEjRp4FF7V5TcNokzJGEeOtrpHV+vqcj/g3g9o
aUV+qcXWyqcO0OGshZp7pL5qmo8jUEMemxmb5k37a5xPkA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:21:06 2025 by rpki-client