Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
File: f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa (raw, json)
Hash identifier: tiAzN4qzKOdNsbDEJrwdcWZ3+FMF/AXBs7wlVrh2HyM=
Subject key identifier: 5A:B1:5D:85:64:E9:30:A4:41:3D:4B:54:C6:48:E0:85:DF:36:B8:D8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 49E4F27208227F4E21412A75B8B456228B9086A0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
Signing time: Tue 21 Oct 2025 14:40:02 +0000
ROA not before: Tue 21 Oct 2025 14:40:02 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.26.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:e4:f2:72:08:22:7f:4e:21:41:2a:75:b8:b4:56:22:8b:90:86:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:02 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8accf8236824a244e0414d8d26942f99aa73f6973168b743bb5a23fadbb9b8bd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e2:00:68:71:05:21:63:28:08:98:c1:c9:3c:
9e:39:c1:31:ed:b7:d7:07:7e:b9:4a:2a:ad:a8:3a:
38:6d:bc:fb:f8:1d:17:9a:ed:7b:2a:9e:c7:8f:62:
cd:46:f0:9b:18:ed:4d:26:56:f5:72:5b:6e:2f:03:
f1:0e:02:1a:66:ce:dd:22:f1:ae:e9:84:32:29:4c:
70:8b:ed:de:60:72:cd:2b:be:b4:b5:a1:9b:0c:0b:
30:b0:9b:f6:bd:48:8e:23:05:6d:38:d4:4a:f7:c5:
d7:75:ac:48:f9:e9:8d:82:30:4c:0c:34:92:31:e0:
2b:35:fc:69:f0:94:6d:e0:23:05:59:33:c3:05:37:
98:2d:c7:e9:69:3c:6c:99:59:11:ca:53:37:c1:ef:
76:bf:33:cd:81:ee:8c:2b:94:a1:23:0a:18:50:b3:
a1:33:86:73:2c:df:99:e7:20:ce:8f:11:05:0a:b6:
3a:3c:38:3c:e0:35:e3:7b:83:b3:48:16:bf:9a:61:
a3:5b:6f:2e:8f:5c:d2:41:5b:aa:5f:ff:79:68:60:
34:a8:49:52:cd:58:91:9f:c1:91:68:1e:8b:53:5a:
93:22:38:44:46:39:b8:cd:1d:ab:ab:0f:a4:c4:4a:
f5:95:2b:c3:c9:24:3b:75:8c:d3:50:76:ce:8b:19:
f3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B1:5D:85:64:E9:30:A4:41:3D:4B:54:C6:48:E0:85:DF:36:B8:D8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f0cb36ae-21ee-4e99-93c6-e63ae570e483.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.64.0/19
Signature Algorithm: sha256WithRSAEncryption
c6:60:33:c1:26:88:06:5c:48:45:c2:65:9b:18:56:f5:3a:b4:
29:25:15:1d:e8:79:8e:90:c3:dd:0a:87:5d:9b:86:34:43:71:
f9:61:cd:d2:64:86:15:cb:66:9f:8e:03:80:77:cf:9b:1c:e2:
7e:46:2f:68:3f:6c:99:c7:f0:d7:f7:54:a0:bc:d8:1d:d3:a3:
e2:50:19:b1:d2:85:b1:22:f3:11:24:65:7e:43:a5:f0:26:af:
20:73:27:30:2c:9c:19:2d:a7:94:fc:c4:02:af:40:85:9f:75:
33:1d:d8:57:4c:34:0c:9f:eb:f4:8b:d8:d3:d3:0a:41:02:0f:
dd:ca:26:16:78:c2:bc:4f:57:f6:4f:bc:e5:7b:be:48:d8:d2:
4c:d8:89:dd:5f:33:c4:24:67:e2:33:e4:f2:e5:94:f7:b7:74:
f6:e2:8f:6b:26:d1:13:1b:e1:4f:5e:a6:2a:23:ec:a0:f0:77:
a2:01:52:78:7c:48:38:c1:bc:31:90:8e:83:b1:a6:8c:25:b0:
0a:3e:6c:24:ae:cd:e1:3a:e8:cd:17:83:e5:ea:a0:82:c8:c8:
a6:19:7e:21:24:a6:e5:2e:91:71:fb:1d:a6:57:86:d8:1b:6f:
bf:92:b1:f4:51:9b:e7:42:1c:b0:36:1a:8d:d7:51:9e:ae:1d:
28:aa:36:7e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUSeTycggif04hQSp1uLRWIouQhqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDJaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhY2NmODIzNjgyNGEyNDRlMDQxNGQ4ZDI2OTQyZjk5YWE3M2Y2OTczMTY4
Yjc0M2JiNWEyM2ZhZGJiOWI4YmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjiAGhxBSFjKAiYwck8njnBMe231wd+uUoqrag6OG28+/gdF5rteyqex49i
zUbwmxjtTSZW9XJbbi8D8Q4CGmbO3SLxrumEMilMcIvt3mByzSu+tLWhmwwLMLCb
9r1IjiMFbTjUSvfF13WsSPnpjYIwTAw0kjHgKzX8afCUbeAjBVkzwwU3mC3H6Wk8
bJlZEcpTN8Hvdr8zzYHujCuUoSMKGFCzoTOGcyzfmecgzo8RBQq2Ojw4POA143uD
s0gWv5pho1tvLo9c0kFbql//eWhgNKhJUs1YkZ/BkWgei1NakyI4REY5uM0dq6sP
pMRK9ZUrw8kkO3WM01B2zosZ818CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRasV2F
ZOkwpEE9S1TGSOCF3za42DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjBjYjM2YWUtMjFlZS00ZTk5LTkzYzYtZTYzYWU1NzBlNDgzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcEaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAxmAzwSaIBlxIRcJlmxhW9Tq0KSUVHeh5jpDD3QqH
XZuGNENx+WHN0mSGFctmn44DgHfPmxzifkYvaD9smcfw1/dUoLzYHdOj4lAZsdKF
sSLzESRlfkOl8CavIHMnMCycGS2nlPzEAq9AhZ91Mx3YV0w0DJ/r9IvY09MKQQIP
3comFnjCvE9X9k+85Xu+SNjSTNiJ3V8zxCRn4jPk8uWU97d09uKPaybRExvhT16m
KiPsoPB3ogFSeHxIOMG8MZCOg7GmjCWwCj5sJK7N4TrozReD5eqggsjIphl+ISSm
5S6RcfsdpleG2Btvv5Kx9FGb50IcsDYajddRnq4dKKo2fg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:06:30 2025 by rpki-client