Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
File: e6379fd6-eaa8-4348-8280-afb9b8552668.roa (raw, json)
Hash identifier: 5h5bM0v1W+4b13+ulyBji1DHGHxqaFn0asoAsdB1pgk=
Subject key identifier: C0:64:89:E3:53:C2:CD:85:C7:CA:BC:DE:98:C8:6C:3C:67:C3:E6:88
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A0F49FE5E550D3F100051857C7C33F776CEDA77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
Signing time: Fri 24 Oct 2025 00:40:11 +0000
ROA not before: Fri 24 Oct 2025 00:40:11 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 7224
IP address blocks: 83.118.228.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:0f:49:fe:5e:55:0d:3f:10:00:51:85:7c:7c:33:f7:76:ce:da:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:11 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=28bba86dcec1b5473884da7558b0e561497a3d4456098fef4ccd1b67f1c2e530, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:77:f4:44:f7:1e:43:31:8e:dd:59:e4:3c:17:
2b:fa:bb:ff:1c:a8:7c:3f:dd:92:1b:8d:72:5a:f3:
c9:a1:f2:b1:f9:ee:39:e8:ec:13:89:d0:36:0f:4c:
33:4f:bc:51:5c:98:d1:81:1a:9e:cd:9c:4b:1d:c5:
47:5c:9b:7b:19:ff:ef:c6:46:b7:86:f5:f6:bd:f0:
c1:18:d4:28:bf:9c:3f:b2:25:1f:2c:00:a4:71:d2:
f9:86:5b:b1:4d:29:9e:75:91:c0:49:27:cc:3c:2f:
e2:7f:0c:09:3a:fc:fb:0a:06:a8:53:3a:fa:12:d4:
29:a4:91:2f:ee:4b:f5:3c:e6:7e:df:61:ed:f4:68:
b3:45:4b:c6:f3:d4:bb:e3:bb:48:c2:b0:46:82:46:
08:68:a4:da:5b:05:5e:13:b5:62:be:7d:4f:9c:10:
e2:a1:90:c4:26:79:7f:3e:94:ca:3a:7c:f6:dd:fb:
ed:f0:e3:ed:7b:7c:e1:6e:25:cf:8a:23:cb:68:8b:
b5:b5:6c:0c:fd:15:6a:b9:65:aa:38:b8:32:e9:d4:
5d:8c:f9:84:a3:b6:7f:4b:1c:25:37:99:a2:4d:fa:
67:88:69:85:b7:3a:52:04:bf:49:c8:86:b0:d2:55:
c8:f2:2c:df:de:b5:95:20:f3:e3:bd:94:53:50:48:
75:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:64:89:E3:53:C2:CD:85:C7:CA:BC:DE:98:C8:6C:3C:67:C3:E6:88
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e6379fd6-eaa8-4348-8280-afb9b8552668.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.228.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:6a:25:e3:d9:2e:3a:54:88:c1:53:60:46:32:68:81:1a:06:
db:81:0e:2b:34:06:b1:15:6f:e4:15:ac:b1:e0:a6:4a:1f:dc:
cf:38:6e:4a:1a:ec:45:31:ca:df:79:bf:b4:8e:b7:45:f4:78:
b7:4e:8e:06:7c:3c:41:7a:e8:73:e5:43:97:7e:8d:07:9f:56:
35:3c:90:7c:af:cc:cb:48:82:3d:7d:c9:80:6e:42:9f:b2:74:
9d:3f:23:02:c5:bb:3f:9b:80:f1:98:79:84:d9:28:75:ed:67:
bb:a8:d3:7d:9b:c7:f6:fb:cc:d6:8f:b9:f7:3c:63:c9:04:38:
bc:c1:38:51:31:99:47:51:d2:ce:cb:b8:d3:f2:cc:26:54:8e:
c7:8e:ad:27:59:48:06:ad:33:08:e9:8a:04:9f:e4:c2:e3:f9:
66:74:57:51:fe:3a:27:5d:46:24:10:53:2c:9a:c0:e9:ae:d5:
bb:db:11:44:2c:c8:66:07:28:4e:4f:be:bc:7f:c3:d2:61:a2:
7f:e5:4c:f4:6f:2d:55:86:2c:09:fc:c5:16:63:9a:72:81:a4:
21:50:28:a7:26:d4:f3:73:36:6c:e2:6f:50:13:c6:84:ad:4f:
c2:d5:7c:1d:17:d2:00:d2:31:e0:4e:f0:1d:43:ae:2e:f4:c2:
d9:3c:94:a4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKg9J/l5VDT8QAFGFfHwz93bO2ncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMTFaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI4YmJhODZkY2VjMWI1NDczODg0ZGE3NTU4YjBlNTYxNDk3YTNkNDQ1NjA5
OGZlZjRjY2QxYjY3ZjFjMmU1MzAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANh39ET3HkMxjt1Z5DwXK/q7/xyofD/dkhuNclrzyaHysfnuOejsE4nQNg9M
M0+8UVyY0YEans2cSx3FR1ybexn/78ZGt4b19r3wwRjUKL+cP7IlHywApHHS+YZb
sU0pnnWRwEknzDwv4n8MCTr8+woGqFM6+hLUKaSRL+5L9Tzmft9h7fRos0VLxvPU
u+O7SMKwRoJGCGik2lsFXhO1Yr59T5wQ4qGQxCZ5fz6Uyjp89t377fDj7Xt84W4l
z4ojy2iLtbVsDP0Varllqji4MunUXYz5hKO2f0scJTeZok36Z4hphbc6UgS/SciG
sNJVyPIs3961lSDz472UU1BIdRUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTAZInj
U8LNhcfKvN6YyGw8Z8PmiDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTYzNzlmZDYtZWFhOC00MzQ4LTgyODAtYWZiOWI4NTUyNjY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlN25DAN
BgkqhkiG9w0BAQsFAAOCAQEALmol49kuOlSIwVNgRjJogRoG24EOKzQGsRVv5BWs
seCmSh/czzhuShrsRTHK33m/tI63RfR4t06OBnw8QXroc+VDl36NB59WNTyQfK/M
y0iCPX3JgG5Cn7J0nT8jAsW7P5uA8Zh5hNkode1nu6jTfZvH9vvM1o+59zxjyQQ4
vME4UTGZR1HSzsu40/LMJlSOx46tJ1lIBq0zCOmKBJ/kwuP5ZnRXUf46J11GJBBT
LJrA6a7Vu9sRRCzIZgcoTk++vH/D0mGif+VM9G8tVYYsCfzFFmOacoGkIVAopybU
83M2bOJvUBPGhK1PwtV8HRfSANIx4E7wHUOuLvTC2TyUpA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:30:29 2025 by rpki-client