Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
File: ff2e2d46-44f0-4790-a453-0090beda0015.roa (raw, json)
Hash identifier: HhtGgKtQPEwT1gTp5s0/ZfJDz+Z5vKNbZ3dKlEiJ3JQ=
Subject key identifier: 79:84:7A:40:65:E4:58:17:5B:FF:F3:2F:33:DD:51:21:90:6F:93:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6B138D108E1839B4BAD0EDF149D5E9B14333E3CA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
Signing time: Tue 21 Oct 2025 14:50:20 +0000
ROA not before: Tue 21 Oct 2025 14:50:20 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.247.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:13:8d:10:8e:18:39:b4:ba:d0:ed:f1:49:d5:e9:b1:43:33:e3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:20 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=8024414b2341d88122ecfb7c8249980cd548240aa2adc40f62290c1cd406cfe9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b4:5b:9a:73:59:35:41:b0:39:a8:31:5b:d1:
79:bd:73:32:23:10:e1:5a:39:a7:6d:75:bc:55:87:
b4:4a:c6:81:fd:58:28:4f:e0:df:b1:eb:c8:88:c5:
b2:eb:60:4b:18:d1:02:7b:c4:36:7d:a1:a2:6b:7f:
8c:f6:ca:18:fa:e4:8d:37:a9:3f:4c:e2:f5:bb:12:
1e:b4:72:de:ab:1d:ce:29:f6:c1:84:fa:97:a5:0c:
cc:11:ae:cb:de:a1:0f:1a:07:38:a6:83:8e:54:79:
1c:78:81:f2:30:1e:d2:22:eb:63:5f:4a:91:66:83:
6d:c7:4c:30:96:93:c0:23:ca:25:53:fa:29:ea:65:
e0:bc:90:2b:4d:0f:ad:0a:6f:5d:e8:7a:44:de:9a:
10:9b:54:73:d5:18:65:8e:3b:06:0a:1f:5c:f3:24:
31:84:b7:c8:e5:c5:16:73:81:6c:ae:96:26:6a:f7:
9b:86:63:e7:e0:a9:6b:8d:13:13:01:fd:ce:a8:36:
f5:68:91:c6:90:27:4f:44:1b:45:a5:15:c1:32:ae:
2b:21:a6:e8:fa:e0:13:4a:cd:ae:64:44:8e:cc:3e:
5b:38:44:09:11:6e:24:03:ed:63:3a:ba:ae:77:5d:
f5:56:d3:ea:3a:49:e2:ca:36:b3:03:7c:49:ad:88:
b0:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:84:7A:40:65:E4:58:17:5B:FF:F3:2F:33:DD:51:21:90:6F:93:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ff2e2d46-44f0-4790-a453-0090beda0015.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.247.0.0/16
Signature Algorithm: sha256WithRSAEncryption
74:81:fc:80:f1:0f:b6:b0:99:d6:82:c5:0f:fa:44:00:b8:49:
f1:07:d9:5a:af:0e:94:78:c6:76:ba:82:4c:2f:b3:e9:6c:e7:
0c:d5:6b:31:4a:90:5c:64:68:89:44:72:d0:97:c1:0a:f4:59:
ef:df:cd:da:8f:b0:a3:b7:8b:e5:4b:c2:f4:33:7e:5e:39:76:
cb:de:62:7e:05:9e:b8:6a:f8:b5:cc:ad:ad:ae:12:c7:cb:40:
8f:f3:4a:f0:f4:6c:44:f7:e5:da:bc:6e:42:fc:57:f2:9b:b2:
57:5a:05:f3:e9:d2:71:7f:7b:85:67:0f:cd:d9:6a:5d:c0:a0:
fe:89:19:12:07:d6:91:dc:92:4f:ae:17:70:20:97:09:ea:c3:
5a:9c:84:28:44:44:5f:2b:ef:23:b0:d3:65:56:ba:ab:f3:47:
6d:ab:3c:9a:86:b2:bd:7b:26:f0:c0:0f:4e:46:15:40:e6:0b:
d4:b8:41:1c:04:71:2b:79:9a:96:81:a6:e8:e4:34:ea:37:66:
84:4d:1b:66:ee:2c:75:1b:11:1f:f2:16:6a:1e:e0:1d:ad:cb:
16:5d:f6:eb:83:34:c5:76:41:c7:db:d5:a7:c5:87:1a:db:b4:
08:12:1c:b6:1b:d9:2d:2d:73:e9:8f:f6:1a:1a:4c:fa:40:eb:
3a:d7:57:92
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaxONEI4YObS60O3xSdXpsUMz48owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMjBaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwMjQ0MTRiMjM0MWQ4ODEyMmVjZmI3YzgyNDk5ODBjZDU0ODI0MGFhMmFk
YzQwZjYyMjkwYzFjZDQwNmNmZTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMW0W5pzWTVBsDmoMVvReb1zMiMQ4Vo5p211vFWHtErGgf1YKE/g37HryIjF
sutgSxjRAnvENn2homt/jPbKGPrkjTepP0zi9bsSHrRy3qsdzin2wYT6l6UMzBGu
y96hDxoHOKaDjlR5HHiB8jAe0iLrY19KkWaDbcdMMJaTwCPKJVP6Kepl4LyQK00P
rQpvXeh6RN6aEJtUc9UYZY47BgofXPMkMYS3yOXFFnOBbK6WJmr3m4Zj5+Cpa40T
EwH9zqg29WiRxpAnT0QbRaUVwTKuKyGm6PrgE0rNrmREjsw+WzhECRFuJAPtYzq6
rndd9VbT6jpJ4so2swN8Sa2IsA0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR5hHpA
ZeRYF1v/8y8z3VEhkG+ThTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmYyZTJkNDYtNDRmMC00NzkwLWE0NTMtMDA5MGJlZGEwMDE1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMP3MA0G
CSqGSIb3DQEBCwUAA4IBAQB0gfyA8Q+2sJnWgsUP+kQAuEnxB9larw6UeMZ2uoJM
L7PpbOcM1WsxSpBcZGiJRHLQl8EK9Fnv383aj7Cjt4vlS8L0M35eOXbL3mJ+BZ64
avi1zK2trhLHy0CP80rw9GxE9+XavG5C/Ffym7JXWgXz6dJxf3uFZw/N2WpdwKD+
iRkSB9aR3JJPrhdwIJcJ6sNanIQoRERfK+8jsNNlVrqr80dtqzyahrK9eybwwA9O
RhVA5gvUuEEcBHEreZqWgabo5DTqN2aETRtm7ix1GxEf8hZqHuAdrcsWXfbrgzTF
dkHH29WnxYca27QIEhy2G9ktLXPpj/YaGkz6QOs611eS
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:36:47 2025 by rpki-client