Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
File: fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa (raw, json)
Hash identifier: 0O+VTXz2MRLkjU3NSQtmNt7EAafw0TawZQsle8StB28=
Subject key identifier: AD:17:39:19:05:0F:17:C5:C3:A6:FE:2C:DB:43:13:50:3F:E3:3B:0D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 026EB78C34AEE5175A44A779C33DEE210262C5BB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
Signing time: Tue 04 Nov 2025 00:20:05 +0000
ROA not before: Tue 04 Nov 2025 00:20:05 +0000
ROA not after: Tue 09 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:6e:b7:8c:34:ae:e5:17:5a:44:a7:79:c3:3d:ee:21:02:62:c5:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 4 00:20:05 2025 GMT
Not After : Dec 9 23:59:59 2025 GMT
Subject: serialNumber=9610b12a650b7abc89d64bf14d068168fdef922bb23adef8492a661ed8a55ff9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4b:ac:ff:e7:0e:e3:54:e3:84:77:6c:f1:1a:
ef:9b:29:e2:cb:a9:69:de:0c:53:49:85:cc:07:a5:
d3:b6:f5:6b:34:03:fb:8c:15:a0:d4:b7:5b:ff:d5:
02:fb:e6:97:53:04:f9:43:75:43:f6:a4:5e:11:d6:
a7:ee:53:e8:48:a1:d2:43:36:f8:55:51:ce:34:51:
bb:78:cc:06:29:78:d3:ae:4d:13:37:75:65:e7:9d:
99:b5:5f:62:6e:1d:b6:0b:f7:7e:c7:0b:58:03:34:
d6:4e:84:7f:28:d3:e3:50:25:78:6d:19:08:42:69:
8d:c5:81:22:0a:a1:ef:26:d5:76:90:d0:76:42:13:
92:e2:e8:cf:33:9a:a4:cb:b0:89:85:7f:50:8d:93:
07:0e:c5:f3:d4:f7:f3:2a:52:e7:89:ee:7d:c6:a1:
a4:db:49:2c:46:b8:a5:39:9e:37:66:89:6f:cd:df:
44:51:8b:a8:ac:a5:29:50:05:6f:8b:94:c1:2a:03:
80:c3:89:fa:33:e4:81:d3:6a:20:4d:1d:41:6a:c0:
ca:e3:af:cc:33:95:30:1f:d2:76:7f:b0:91:fe:cb:
f1:bd:19:fb:c1:b9:b9:b3:07:9e:3d:d4:36:00:82:
a3:52:c0:8f:cf:04:a7:af:06:25:c3:bb:44:bf:9a:
09:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:17:39:19:05:0F:17:C5:C3:A6:FE:2C:DB:43:13:50:3F:E3:3B:0D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fdb81a1b-3eea-4c1a-97f6-940966a0bde0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/19
Signature Algorithm: sha256WithRSAEncryption
50:f1:85:a5:13:58:6e:63:88:7a:38:87:3b:c5:64:9e:2c:d8:
77:10:d9:f2:20:1c:11:8c:1b:f4:5c:ca:bd:96:14:e8:5e:84:
26:cc:a4:31:74:72:26:80:6b:d5:f7:8a:40:a2:d1:8d:0b:54:
56:64:79:b4:b4:90:e1:d9:4b:6a:10:76:5a:ec:6d:35:ad:26:
45:f0:1f:67:e9:30:8d:e6:0b:24:44:7b:8d:6b:40:96:68:98:
d8:dd:49:57:64:ff:13:f5:ed:44:98:ce:76:4c:c4:49:b8:db:
5c:9f:63:7b:1e:19:08:27:b1:60:9d:68:3a:05:2e:9a:b8:1f:
a0:62:38:e6:75:ee:43:69:e1:fe:c9:be:b6:b2:96:af:41:e6:
35:38:73:2d:df:62:de:cc:b1:2f:0d:6c:3d:65:b4:74:2f:3d:
5d:ec:7e:f3:23:9f:67:2d:3b:06:e3:00:73:3e:ca:81:39:17:
97:e7:93:79:17:41:df:5a:53:74:d6:07:07:84:27:7a:ab:49:
a6:bb:39:15:21:48:09:e4:d7:c8:da:f6:3e:89:40:c5:e9:cb:
5a:54:d3:f9:43:39:95:c0:8c:80:72:1d:56:d0:b9:64:51:47:
be:c6:cc:f8:36:f9:43:d4:6f:6e:28:5a:e2:a3:d7:fa:e1:aa:
a8:ae:bf:d5
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAm63jDSu5RdaRKd5wz3uIQJixbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMDQwMDIwMDVaFw0yNTEyMDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk2MTBiMTJhNjUwYjdhYmM4OWQ2NGJmMTRkMDY4MTY4ZmRlZjkyMmJiMjNh
ZGVmODQ5MmE2NjFlZDhhNTVmZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIhLrP/nDuNU44R3bPEa75sp4supad4MU0mFzAel07b1azQD+4wVoNS3W//V
Avvml1ME+UN1Q/akXhHWp+5T6Eih0kM2+FVRzjRRu3jMBil4065NEzd1ZeedmbVf
Ym4dtgv3fscLWAM01k6EfyjT41AleG0ZCEJpjcWBIgqh7ybVdpDQdkITkuLozzOa
pMuwiYV/UI2TBw7F89T38ypS54nufcahpNtJLEa4pTmeN2aJb83fRFGLqKylKVAF
b4uUwSoDgMOJ+jPkgdNqIE0dQWrAyuOvzDOVMB/Sdn+wkf7L8b0Z+8G5ubMHnj3U
NgCCo1LAj88Ep68GJcO7RL+aCasCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBStFzkZ
BQ8XxcOm/izbQxNQP+M7DTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmRiODFhMWItM2VlYS00YzFhLTk3ZjYtOTQwOTY2YTBiZGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBVN3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAUPGFpRNYbmOIejiHO8VknizYdxDZ8iAcEYwb9FzK
vZYU6F6EJsykMXRyJoBr1feKQKLRjQtUVmR5tLSQ4dlLahB2WuxtNa0mRfAfZ+kw
jeYLJER7jWtAlmiY2N1JV2T/E/XtRJjOdkzESbjbXJ9jex4ZCCexYJ1oOgUumrgf
oGI45nXuQ2nh/sm+trKWr0HmNThzLd9i3syxLw1sPWW0dC89Xex+8yOfZy07BuMA
cz7KgTkXl+eTeRdB31pTdNYHB4QneqtJprs5FSFICeTXyNr2PolAxenLWlTT+UM5
lcCMgHIdVtC5ZFFHvsbM+Db5Q9Rvbiha4qPX+uGqqK6/1Q==
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:52:26 2025 by rpki-client