Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: P5Cu/KQQU4mwzBppLX7HFKZmdx3x8InfDh5MEyfVjBw=
Subject key identifier: 42:13:92:3B:93:B8:C1:16:5B:9D:82:1E:0D:C0:07:92:01:C5:8A:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7EBF0112D6B03043F4C1F603D6BA0872A81E4E40
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Fri 31 Oct 2025 02:00:21 +0000
ROA not before: Fri 31 Oct 2025 02:00:21 +0000
ROA not after: Fri 05 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:bf:01:12:d6:b0:30:43:f4:c1:f6:03:d6:ba:08:72:a8:1e:4e:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 31 02:00:21 2025 GMT
Not After : Dec 5 23:59:59 2025 GMT
Subject: serialNumber=cfc30476cd72c50d24fd15864bd25e3e3bba471d0193bb6fd4036a7da6618c3e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:40:68:8e:a3:ed:c7:21:06:3e:b4:9a:c0:c5:
ea:bd:09:3d:a9:96:35:71:42:84:46:05:30:b5:85:
96:24:9c:4f:04:0d:1b:2f:b0:5f:d6:1f:94:c9:d4:
75:35:9e:a7:4e:5a:95:b3:41:18:19:cb:ca:f7:41:
69:90:a9:96:5a:68:a8:28:8e:d0:9b:ad:c0:9b:db:
60:54:79:dc:fc:e9:a8:b5:66:fc:e4:35:45:a0:64:
2e:f8:5e:3f:2a:7c:4d:05:a2:b4:4d:33:fd:a3:9c:
b5:2f:84:a1:a5:36:7e:6d:f7:25:d9:28:61:75:37:
49:71:1e:90:b1:4d:45:78:e9:7b:04:f5:66:19:cd:
2a:4c:48:e6:cc:38:a6:bf:de:e3:30:4f:3f:4d:bc:
57:fd:fd:c1:2a:3b:6a:49:80:17:90:3b:30:3a:14:
e2:20:70:44:8a:86:ab:ed:35:63:bb:73:0a:3d:3e:
fc:ef:43:a9:bb:7e:eb:1e:fb:ec:b8:62:69:17:b2:
a5:4b:9d:6b:49:a4:8d:3b:5f:1d:6d:78:56:2e:16:
2d:87:4d:9a:25:34:8b:13:b3:77:39:7a:6b:b4:75:
5f:c7:dc:d1:b6:db:39:b6:5e:d2:82:05:45:26:e4:
65:bb:d3:a0:8a:3f:2d:f4:02:f3:63:99:3b:3b:03:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:13:92:3B:93:B8:C1:16:5B:9D:82:1E:0D:C0:07:92:01:C5:8A:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:43:e8:47:8f:59:5e:f7:db:93:f6:58:55:a3:70:66:41:47:
eb:61:b8:52:b0:0f:f0:69:93:64:40:88:c0:fe:59:48:5b:1c:
bc:30:30:41:91:d7:7d:39:c0:cb:b5:2a:ba:4b:21:f7:6b:da:
8e:48:69:7e:6b:72:c4:0c:c5:81:48:5d:44:71:dc:e1:91:69:
fa:f4:e4:62:e9:ce:05:07:80:d6:78:c3:94:67:b6:82:9e:ae:
f1:2e:02:d4:52:91:0d:24:8c:3c:f3:a7:48:14:49:20:3a:ec:
77:a2:2b:29:7a:07:5b:60:69:6a:72:0d:31:17:bd:bb:a0:48:
82:b7:3a:9c:3f:5d:ef:f9:9f:81:dc:1e:c8:67:70:8d:7e:06:
22:f3:48:b5:25:3e:6e:1c:05:21:91:ab:d4:9a:42:de:57:b0:
ee:b7:a0:b2:49:3d:d1:60:df:c8:c5:04:8c:92:8c:db:fd:40:
63:fc:5f:da:1c:94:34:17:d7:b7:c0:c8:55:9d:54:21:b9:86:
00:d8:c0:95:49:7e:fa:0f:5c:80:27:4a:79:af:51:18:45:ed:
ba:02:7a:b3:26:23:98:19:a5:50:30:9f:96:ed:87:c5:ac:d5:
14:5b:fc:51:8e:ab:67:0e:03:e8:26:ff:d7:03:2a:c8:8f:c6:
07:5b:18:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfr8BEtawMEP0wfYD1roIcqgeTkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMzEwMjAwMjFaFw0yNTEyMDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGNmYzMwNDc2Y2Q3MmM1MGQyNGZkMTU4NjRiZDI1ZTNlM2JiYTQ3MWQwMTkz
YmI2ZmQ0MDM2YTdkYTY2MThjM2UxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlAaI6j7cchBj60msDF6r0JPamWNXFChEYFMLWFliScTwQNGy+wX9YflMnU
dTWep05albNBGBnLyvdBaZCpllpoqCiO0JutwJvbYFR53PzpqLVm/OQ1RaBkLvhe
Pyp8TQWitE0z/aOctS+EoaU2fm33JdkoYXU3SXEekLFNRXjpewT1ZhnNKkxI5sw4
pr/e4zBPP028V/39wSo7akmAF5A7MDoU4iBwRIqGq+01Y7tzCj0+/O9Dqbt+6x77
7LhiaReypUuda0mkjTtfHW14Vi4WLYdNmiU0ixOzdzl6a7R1X8fc0bbbObZe0oIF
RSbkZbvToIo/LfQC82OZOzsDP60CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRCE5I7
k7jBFludgh4NwAeSAcWKtjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQCQQ+hHj1le99uT9lhVo3BmQUfrYbhSsA/waZNkQIjA
/llIWxy8MDBBkdd9OcDLtSq6SyH3a9qOSGl+a3LEDMWBSF1EcdzhkWn69ORi6c4F
B4DWeMOUZ7aCnq7xLgLUUpENJIw886dIFEkgOux3oispegdbYGlqcg0xF727oEiC
tzqcP13v+Z+B3B7IZ3CNfgYi80i1JT5uHAUhkavUmkLeV7Dut6CyST3RYN/IxQSM
kozb/UBj/F/aHJQ0F9e3wMhVnVQhuYYA2MCVSX76D1yAJ0p5r1EYRe26AnqzJiOY
GaVQMJ+W7YfFrNUUW/xRjqtnDgPoJv/XAyrIj8YHWxgL
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:09:02 2025 by rpki-client