Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
File: e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa (raw, json)
Hash identifier: dP/TmMcHrQey7EixibFc6f1ChZdpP9pkOIjL1R6dkE4=
Subject key identifier: E3:52:D8:06:DF:97:C3:6D:6A:6D:63:44:DB:0C:2C:7D:67:1D:87:CD
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5F8619C1EC0CF0E3C66B2C360DBA8FD759A7C899
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
Signing time: Tue 21 Oct 2025 14:50:39 +0000
ROA not before: Tue 21 Oct 2025 14:50:39 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:86:19:c1:ec:0c:f0:e3:c6:6b:2c:36:0d:ba:8f:d7:59:a7:c8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:39 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ce75464264ffdee23a3ddd29bdeb18d3f445e9ab897352922859b7979ec65a49, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7d:d5:69:6f:b8:e7:1d:fa:2c:69:27:29:ac:
19:ee:a0:0f:cc:8e:ed:f4:d5:ff:ff:4f:9f:cc:a6:
10:5c:aa:4d:a3:ba:4b:39:e5:c7:d1:33:09:13:3b:
ad:14:c4:c2:24:58:2c:89:b2:c1:9f:33:51:26:c9:
f4:44:6e:af:2d:23:21:5c:7d:6d:2f:70:1f:65:bd:
0e:62:2f:6e:56:7b:5f:df:47:a1:17:15:20:d4:73:
d4:25:6f:e1:df:10:fc:67:96:e1:a5:bf:15:ac:1d:
ed:4a:b0:10:9a:8a:6b:dc:b0:c4:e3:ae:66:3a:a9:
72:f6:50:81:f3:b5:80:43:2b:63:34:c3:92:ee:ae:
8b:d9:20:1d:e4:65:bc:7a:f9:39:79:9e:0c:2d:b9:
3f:10:e0:56:e5:9b:f5:89:3d:c3:cb:2a:0c:20:4e:
7a:a5:2b:62:20:35:ec:6e:4a:1d:8f:47:5a:bc:80:
a7:b5:9d:78:39:7f:14:e0:fa:4e:14:d4:bc:77:53:
1a:b2:e9:b3:6b:70:f3:51:a4:9c:33:fa:85:61:5d:
7a:6b:ab:a1:e8:d4:85:04:7e:43:06:95:b1:f1:cc:
b4:a1:5d:1d:c8:4d:69:3c:0a:40:43:2a:1d:72:de:
e5:15:9a:27:cd:3f:7b:a2:9d:61:b2:81:fa:af:fb:
ec:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:52:D8:06:DF:97:C3:6D:6A:6D:63:44:DB:0C:2C:7D:67:1D:87:CD
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e680ffe7-d77c-4433-81f9-ffbf76a45a6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.181.0/24
Signature Algorithm: sha256WithRSAEncryption
57:70:b0:9f:4a:66:23:d8:24:53:52:aa:5e:c3:0b:24:33:f9:
af:a6:1b:9f:18:da:75:33:f4:8b:c4:1b:c5:7b:84:26:e0:87:
ce:f0:47:23:75:f0:b1:7f:4b:50:a7:1c:03:8f:79:2e:ef:18:
56:75:75:e3:32:ff:4c:5e:8b:71:41:30:b1:24:60:cf:a8:4d:
1b:27:3c:c3:65:a8:52:f2:da:fb:0a:5b:2d:3c:d2:bd:cd:14:
c4:1e:36:01:62:cb:ea:e2:b2:bc:b9:00:39:50:5a:cb:79:b2:
54:08:49:d7:e0:08:b8:3d:1c:d7:2a:2f:d7:b8:7f:da:a4:26:
b6:aa:f3:de:86:4b:f1:64:8d:11:41:47:7d:f5:2d:4e:88:60:
9c:1e:8b:01:a4:9e:5b:7d:ca:9d:49:d5:41:e1:fc:e0:4a:86:
2f:a8:05:ea:61:ac:53:1a:49:72:8d:3d:0f:64:6f:a4:5f:05:
c3:7f:da:0d:8d:74:10:00:f5:32:aa:2a:ff:30:a0:9d:48:81:
38:e3:51:fe:a6:4a:cc:03:41:14:da:ab:5c:b6:2f:ee:d6:0a:
80:5c:98:e4:d3:f5:21:2f:be:67:2b:b5:0d:58:0a:2c:d8:2f:
55:32:28:a9:3c:21:94:cf:50:0a:5f:d6:66:dd:9c:d8:df:39:
70:a0:6f:10
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUX4YZwewM8OPGayw2DbqP11mnyJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMzlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlNzU0NjQyNjRmZmRlZTIzYTNkZGQyOWJkZWIxOGQzZjQ0NWU5YWI4OTcz
NTI5MjI4NTliNzk3OWVjNjVhNDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALp91WlvuOcd+ixpJymsGe6gD8yO7fTV//9Pn8ymEFyqTaO6Sznlx9EzCRM7
rRTEwiRYLImywZ8zUSbJ9ERury0jIVx9bS9wH2W9DmIvblZ7X99HoRcVINRz1CVv
4d8Q/GeW4aW/Fawd7UqwEJqKa9ywxOOuZjqpcvZQgfO1gEMrYzTDku6ui9kgHeRl
vHr5OXmeDC25PxDgVuWb9Yk9w8sqDCBOeqUrYiA17G5KHY9HWryAp7WdeDl/FOD6
ThTUvHdTGrLps2tw81GknDP6hWFdemuroejUhQR+QwaVsfHMtKFdHchNaTwKQEMq
HXLe5RWaJ80/e6KdYbKB+q/77O8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTjUtgG
35fDbWptY0TbDCx9Zx2HzTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTY4MGZmZTctZDc3Yy00NDMzLTgxZjktZmZiZjc2YTQ1YTZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5tTAN
BgkqhkiG9w0BAQsFAAOCAQEAV3Cwn0pmI9gkU1KqXsMLJDP5r6YbnxjadTP0i8Qb
xXuEJuCHzvBHI3XwsX9LUKccA495Lu8YVnV14zL/TF6LcUEwsSRgz6hNGyc8w2Wo
UvLa+wpbLTzSvc0UxB42AWLL6uKyvLkAOVBay3myVAhJ1+AIuD0c1yov17h/2qQm
tqrz3oZL8WSNEUFHffUtTohgnB6LAaSeW33KnUnVQeH84EqGL6gF6mGsUxpJco09
D2RvpF8Fw3/aDY10EAD1Mqoq/zCgnUiBOONR/qZKzANBFNqrXLYv7tYKgFyY5NP1
IS++Zyu1DVgKLNgvVTIoqTwhlM9QCl/WZt2c2N85cKBvEA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:58:34 2025 by rpki-client