Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: VUlA2Fza91YdA3xxQIxb7YqAuH6smJM9U8bAKWLAftA=
Subject key identifier: 7E:82:35:CC:DB:FA:51:8F:65:51:4D:F3:58:E1:E4:C6:33:F5:DB:5F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2EC8511C204BFF23797DA0270909813389D0A0C1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Tue 21 Oct 2025 14:50:20 +0000
ROA not before: Tue 21 Oct 2025 14:50:20 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:c8:51:1c:20:4b:ff:23:79:7d:a0:27:09:09:81:33:89:d0:a0:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:20 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=2af85ffba597554969b83b39563b7e172d3a9f43536b339f7b8de0d9bb8afd1e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d4:18:40:26:3c:5d:f8:08:ea:33:d0:1a:75:
f6:94:ab:c1:0f:39:86:18:c5:f7:8c:15:06:f4:0c:
59:d5:0d:1d:dd:9b:2f:f7:30:72:ab:78:cf:0e:5f:
14:70:03:0d:e6:71:90:61:32:2a:89:86:8e:0e:8a:
b0:c2:22:22:ba:ea:6c:36:0e:4f:d6:5b:65:67:80:
ba:20:81:63:26:9a:f6:bb:59:f1:a8:54:78:74:1d:
c7:d8:03:ad:03:4f:f1:1a:af:9f:b8:83:93:87:ba:
8a:b0:ad:8a:39:52:01:de:35:06:3a:9c:10:71:91:
88:0f:36:6d:f4:2f:b0:1e:8b:c3:ca:82:30:30:80:
cd:b3:bd:e1:e2:95:1c:64:f4:0d:ce:7c:9f:f5:f3:
cc:0e:50:a9:4e:c9:74:24:f0:65:bd:76:4f:57:c5:
9c:06:6e:e9:c3:95:5e:a0:71:b3:d2:e4:fb:b2:1c:
3f:f1:c3:b5:38:a9:fd:77:e8:da:b4:78:33:28:f3:
f1:33:95:e4:ca:a8:f2:21:7c:fe:fb:0e:36:b7:7f:
fa:32:eb:2c:c9:00:63:7a:db:8d:06:b0:89:06:8c:
da:93:61:e6:29:6c:4e:9b:01:c8:7b:62:1c:98:9f:
21:62:7b:46:65:69:a3:cc:00:c1:bd:0d:76:4a:ec:
7b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:82:35:CC:DB:FA:51:8F:65:51:4D:F3:58:E1:E4:C6:33:F5:DB:5F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
86:e3:7b:49:98:79:74:9c:62:12:e3:c5:c6:b6:26:87:63:fd:
84:dd:bf:9b:96:d8:69:0a:24:93:3b:37:66:8b:e2:4c:b6:e9:
41:6c:8e:2a:b5:6f:f5:35:40:ec:f7:01:53:ec:2f:1a:52:00:
35:4f:3f:de:8d:4f:3a:de:8d:0c:29:26:15:95:41:85:80:55:
cf:bb:f1:45:96:65:24:97:ca:ec:f6:72:aa:25:67:93:35:08:
d0:da:65:67:a1:eb:18:22:b8:17:d5:f6:40:ef:b4:19:8d:01:
2d:ef:9d:da:31:39:e3:04:0d:c1:be:60:fc:ad:48:6a:19:2f:
b6:64:bf:e2:dd:08:5e:f7:88:98:89:48:46:dd:6b:e8:a7:fb:
c2:34:d9:e2:4a:ff:1c:92:cb:36:5b:e4:2b:e6:af:ad:1e:14:
3a:26:46:53:c8:dd:12:1e:a7:86:91:ef:48:1a:9d:49:f7:a3:
2b:70:ab:f4:35:4c:4a:45:0c:f1:6e:3f:e0:7a:f1:2f:0a:53:
2c:14:dc:8d:b2:3e:2f:12:7a:b0:cf:c7:39:79:98:73:71:90:
39:d7:29:74:1c:17:0e:3e:4c:41:13:73:fa:3e:d9:0e:1e:a1:
c8:cd:85:7f:71:fd:60:ff:bc:81:c6:16:a5:eb:cb:6d:b4:a1:
8d:1e:12:44
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULshRHCBL/yN5faAnCQmBM4nQoMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMjBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDJhZjg1ZmZiYTU5NzU1NDk2OWI4M2IzOTU2M2I3ZTE3MmQzYTlmNDM1MzZi
MzM5ZjdiOGRlMGQ5YmI4YWZkMWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJjUGEAmPF34COoz0Bp19pSrwQ85hhjF94wVBvQMWdUNHd2bL/cwcqt4zw5f
FHADDeZxkGEyKomGjg6KsMIiIrrqbDYOT9ZbZWeAuiCBYyaa9rtZ8ahUeHQdx9gD
rQNP8Rqvn7iDk4e6irCtijlSAd41BjqcEHGRiA82bfQvsB6Lw8qCMDCAzbO94eKV
HGT0Dc58n/XzzA5QqU7JdCTwZb12T1fFnAZu6cOVXqBxs9Lk+7IcP/HDtTip/Xfo
2rR4Myjz8TOV5Mqo8iF8/vsONrd/+jLrLMkAY3rbjQawiQaM2pNh5ilsTpsByHti
HJifIWJ7RmVpo8wAwb0Ndkrse5cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR+gjXM
2/pRj2VRTfNY4eTGM/XbXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQCG43tJmHl0nGIS48XGtiaHY/2E3b+blthpCiSTOzdm
i+JMtulBbI4qtW/1NUDs9wFT7C8aUgA1Tz/ejU863o0MKSYVlUGFgFXPu/FFlmUk
l8rs9nKqJWeTNQjQ2mVnoesYIrgX1fZA77QZjQEt753aMTnjBA3BvmD8rUhqGS+2
ZL/i3Qhe94iYiUhG3Wvop/vCNNniSv8ckss2W+Qr5q+tHhQ6JkZTyN0SHqeGke9I
Gp1J96MrcKv0NUxKRQzxbj/gevEvClMsFNyNsj4vEnqwz8c5eZhzcZA51yl0HBcO
PkxBE3P6PtkOHqHIzYV/cf1g/7yBxhal68tttKGNHhJE
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:30:38 2025 by rpki-client