Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
File: e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa (raw, json)
Hash identifier: 42xMBit3FkxJvLOsR+ulo2Ut9FBk5nH+nf2PFZ+/iO0=
Subject key identifier: 70:47:EF:7A:C1:DB:56:EC:3C:4B:85:E1:6B:09:A1:6B:0C:27:78:4A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0EF8301F8BFDECE3B516E6E1DF539F7CA1638DFE
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
Signing time: Tue 21 Oct 2025 14:50:45 +0000
ROA not before: Tue 21 Oct 2025 14:50:45 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.101.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:f8:30:1f:8b:fd:ec:e3:b5:16:e6:e1:df:53:9f:7c:a1:63:8d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:45 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=e3ecebe4747513e133149f874ba035634b5d3694e35f7548ea022cfaa2755da3, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:24:2d:9b:1f:06:19:e1:f3:cb:aa:d4:a6:
c7:74:ee:25:a0:33:3f:62:2c:87:49:e2:c0:e1:ea:
fe:d6:f3:90:34:39:30:9f:af:5f:fb:0b:11:a1:cc:
82:76:5a:e0:87:9e:08:80:fe:18:76:f7:63:32:64:
78:bd:01:12:7a:47:89:20:3b:52:70:73:bc:29:b9:
a1:bd:8c:b8:98:b9:ae:60:28:51:30:86:ab:a3:bd:
dc:b9:5d:a8:e0:f0:64:fd:56:d1:b0:e3:16:f9:4c:
49:b2:bb:d2:19:b1:be:1e:e5:1f:ac:95:78:38:0d:
bc:5e:69:b8:94:98:56:c4:00:3e:e9:e1:5a:17:f8:
ba:b1:5a:f2:82:da:fa:1b:f7:25:3e:9c:d7:54:c9:
62:6e:9c:bf:e3:be:43:05:61:79:d0:59:10:0a:c0:
7f:39:30:56:9e:da:59:4d:be:66:c8:51:1a:71:ca:
fb:0b:f6:64:b2:ea:d0:e4:99:8b:6d:64:06:02:6e:
82:5a:5c:f9:9e:15:70:74:c7:32:6f:fc:59:24:6d:
86:73:23:9f:41:ae:2f:db:e6:d3:83:5c:15:95:15:
5e:5c:a2:1a:f9:af:76:a9:4a:89:2f:bb:df:0b:c8:
47:96:10:d4:51:8f:f3:f5:f5:4e:1f:51:05:77:73:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:47:EF:7A:C1:DB:56:EC:3C:4B:85:E1:6B:09:A1:6B:0C:27:78:4A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e7ebe29c-b29a-41b9-8205-cf9e03925e93.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.101.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:43:e6:fa:91:b2:b4:15:32:d1:73:18:3c:e8:82:61:f9:cf:
7d:5a:ba:12:64:71:5a:07:06:8f:d2:1f:25:cf:35:32:e5:d0:
ca:9b:c6:fc:af:21:e6:85:0b:a1:dc:9e:b0:12:c0:3d:c2:9a:
04:8d:90:9e:d7:b2:66:88:f1:5c:bf:a5:ba:dc:36:2c:d7:ae:
ef:5a:26:4f:71:41:c7:98:25:09:2d:9d:ab:ef:e7:56:8f:96:
df:6c:1d:53:98:9b:3d:2e:11:31:aa:cd:2f:ee:54:29:98:82:
ab:85:dc:fc:9b:7d:77:45:88:5f:d6:ef:e2:86:a7:97:aa:94:
de:0e:e8:6f:dd:45:f7:62:0d:51:ad:9a:90:37:47:42:1d:35:
44:6a:bb:09:1d:22:d2:9b:8c:14:0d:da:04:bd:c8:f8:e8:5c:
17:91:ac:6c:db:82:ab:81:fe:5e:47:8b:39:30:aa:37:bd:e4:
3b:78:17:30:39:64:24:5f:1a:95:2c:2a:4c:ea:e9:fd:e7:c3:
58:3e:fe:a6:5b:e7:b8:7c:81:e6:b9:ce:e6:6e:c8:84:97:fa:
f7:f3:44:f4:e6:1e:d3:c5:f7:c8:dd:7e:67:16:3a:97:e6:2e:
83:e2:48:0c:09:a7:05:80:d9:29:d9:72:bb:37:8d:19:ff:ad:
48:63:e9:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDvgwH4v97OO1Fubh31OffKFjjf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwNDVaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzZWNlYmU0NzQ3NTEzZTEzMzE0OWY4NzRiYTAzNTYzNGI1ZDM2OTRlMzVm
NzU0OGVhMDIyY2ZhYTI3NTVkYTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjgJC2bHwYZ4fPLqtSmx3TuJaAzP2Ish0niwOHq/tbzkDQ5MJ+vX/sLEaHM
gnZa4IeeCID+GHb3YzJkeL0BEnpHiSA7UnBzvCm5ob2MuJi5rmAoUTCGq6O93Lld
qODwZP1W0bDjFvlMSbK70hmxvh7lH6yVeDgNvF5puJSYVsQAPunhWhf4urFa8oLa
+hv3JT6c11TJYm6cv+O+QwVhedBZEArAfzkwVp7aWU2+ZshRGnHK+wv2ZLLq0OSZ
i21kBgJuglpc+Z4VcHTHMm/8WSRthnMjn0GuL9vm04NcFZUVXlyiGvmvdqlKiS+7
3wvIR5YQ1FGP8/X1Th9RBXdztJ0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRwR+96
wdtW7DxLheFrCaFrDCd4SjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTdlYmUyOWMtYjI5YS00MWI5LTgyMDUtY2Y5ZTAzOTI1ZTkzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADllMA0G
CSqGSIb3DQEBCwUAA4IBAQBhQ+b6kbK0FTLRcxg86IJh+c99WroSZHFaBwaP0h8l
zzUy5dDKm8b8ryHmhQuh3J6wEsA9wpoEjZCe17JmiPFcv6W63DYs167vWiZPcUHH
mCUJLZ2r7+dWj5bfbB1TmJs9LhExqs0v7lQpmIKrhdz8m313RYhf1u/ihqeXqpTe
Duhv3UX3Yg1RrZqQN0dCHTVEarsJHSLSm4wUDdoEvcj46FwXkaxs24Krgf5eR4s5
MKo3veQ7eBcwOWQkXxqVLCpM6un958NYPv6mW+e4fIHmuc7mbsiEl/r380T05h7T
xffI3X5nFjqX5i6D4kgMCacFgNkp2XK7N40Z/61IY+m2
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:38:37 2025 by rpki-client