Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
File: 05d2e6e0-648a-472a-b287-1b954eae646d.roa (raw, json)
Hash identifier: u4h/pWDsTHAvWPsIKsQuujI6ucPPY0YONGXamal1a44=
Subject key identifier: DC:C9:2A:F3:44:A2:4C:E1:B7:6F:59:30:AD:3F:A4:87:A7:92:68:84
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66E7F33D613BC5D855A0088F3988377C5A80EA0E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
Signing time: Mon 06 Oct 2025 18:10:03 +0000
ROA not before: Mon 06 Oct 2025 18:10:03 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.234.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:e7:f3:3d:61:3b:c5:d8:55:a0:08:8f:39:88:37:7c:5a:80:ea:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:03 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=e6e10a0fde1e907fb51565375c01101bb873d0ec7e4b6d81bf8386d314448785, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:84:ea:85:af:64:d5:ee:c4:f0:f5:54:aa:31:
94:4c:a9:d2:2f:28:44:93:28:bb:20:20:4e:84:16:
d4:1e:8e:30:da:ea:c6:3e:bd:0d:d1:4e:a9:48:52:
4f:ae:af:c1:f5:9a:24:ef:11:4d:3e:e4:72:f1:ce:
ef:f6:34:df:eb:cf:59:4e:21:91:38:33:64:2b:b6:
11:0c:c8:6c:60:55:63:d2:9e:23:25:a4:d4:f9:68:
b1:55:36:06:cc:ad:fd:fe:26:59:70:6a:2b:bd:9e:
6a:d1:cf:07:90:2f:b3:57:8c:e6:78:6a:fe:0b:f5:
58:8b:5b:8a:33:71:35:9a:0d:56:3a:13:a2:a3:ed:
47:4c:70:f7:e9:30:9e:1f:8c:83:5e:80:81:cc:e7:
67:59:e4:c9:16:67:60:de:7c:4c:ec:b5:0f:2d:df:
d2:2c:a9:4d:d4:11:88:da:d0:02:c0:55:3a:c7:60:
eb:8c:40:3a:a7:e8:56:65:70:b6:a7:39:e6:96:1e:
6e:3e:79:80:d3:4e:fe:ed:bd:b8:aa:65:91:c5:71:
b0:21:ca:f5:f6:10:73:41:f7:ad:10:3e:7d:8b:bb:
79:40:19:de:04:53:77:c1:8c:22:e6:9b:57:c7:3f:
58:71:9e:af:46:cc:b8:0f:fa:6b:9f:e2:34:6b:45:
4a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C9:2A:F3:44:A2:4C:E1:B7:6F:59:30:AD:3F:A4:87:A7:92:68:84
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/05d2e6e0-648a-472a-b287-1b954eae646d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.234.0/23
Signature Algorithm: sha256WithRSAEncryption
38:7b:22:de:c3:80:54:dd:4d:da:57:a8:36:15:9d:67:c2:28:
a3:81:cb:a7:26:6f:55:a9:31:ba:50:cd:0e:23:d6:88:d3:50:
b3:59:3e:44:0e:62:ba:fc:9e:b4:2c:37:91:0e:a8:8a:69:0b:
0f:3a:85:c6:84:c2:68:6c:40:dc:3d:40:9f:cb:de:df:ab:c5:
f7:23:60:4a:66:c8:b4:7d:ea:08:38:32:95:8d:34:ca:c0:d0:
78:3c:01:7a:f5:20:87:0e:4a:a6:df:c5:ae:bb:04:49:74:3f:
09:4a:91:cc:8e:cd:dc:ee:46:3f:56:03:a3:30:5e:53:59:7c:
c7:37:17:36:a5:0e:fe:dc:36:35:f5:e2:6b:45:75:1d:5a:37:
12:99:49:64:ed:e0:9f:52:fd:4e:a2:7a:f2:99:74:2a:91:19:
40:92:7b:1c:cd:f0:7c:c7:65:18:7e:e7:f0:12:13:f3:50:a4:
9f:0b:2e:8c:01:c2:a2:d2:15:ad:ec:0e:3a:75:d1:25:c9:ab:
1f:6a:24:1d:c3:ab:2e:27:ab:bd:37:78:cb:aa:4c:ca:a0:03:
9e:48:60:cd:03:ef:bd:ec:65:5c:f2:7f:9a:9d:87:d5:d7:71:
0f:f9:2f:ec:9f:29:57:a3:d6:57:68:c0:a9:bb:c6:f0:7e:74:
f6:39:31:67
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZufzPWE7xdhVoAiPOYg3fFqA6g4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMDNaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZTEwYTBmZGUxZTkwN2ZiNTE1NjUzNzVjMDExMDFiYjg3M2QwZWM3ZTRi
NmQ4MWJmODM4NmQzMTQ0NDg3ODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyE6oWvZNXuxPD1VKoxlEyp0i8oRJMouyAgToQW1B6OMNrqxj69DdFOqUhS
T66vwfWaJO8RTT7kcvHO7/Y03+vPWU4hkTgzZCu2EQzIbGBVY9KeIyWk1PlosVU2
Bsyt/f4mWXBqK72eatHPB5Avs1eM5nhq/gv1WItbijNxNZoNVjoToqPtR0xw9+kw
nh+Mg16AgcznZ1nkyRZnYN58TOy1Dy3f0iypTdQRiNrQAsBVOsdg64xAOqfoVmVw
tqc55pYebj55gNNO/u29uKplkcVxsCHK9fYQc0H3rRA+fYu7eUAZ3gRTd8GMIuab
V8c/WHGer0bMuA/6a5/iNGtFSqUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTcySrz
RKJM4bdvWTCtP6SHp5JohDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MDVkMmU2ZTAtNjQ4YS00NzJhLWIyODctMWI5NTRlYWU2NDZkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVN26jAN
BgkqhkiG9w0BAQsFAAOCAQEAOHsi3sOAVN1N2leoNhWdZ8Ioo4HLpyZvVakxulDN
DiPWiNNQs1k+RA5iuvyetCw3kQ6oimkLDzqFxoTCaGxA3D1An8ve36vF9yNgSmbI
tH3qCDgylY00ysDQeDwBevUghw5Kpt/FrrsESXQ/CUqRzI7N3O5GP1YDozBeU1l8
xzcXNqUO/tw2NfXia0V1HVo3EplJZO3gn1L9TqJ68pl0KpEZQJJ7HM3wfMdlGH7n
8BIT81CknwsujAHCotIVrewOOnXRJcmrH2okHcOrLiervTd4y6pMyqADnkhgzQPv
vexlXPJ/mp2H1ddxD/kv7J8pV6PWV2jAqbvG8H509jkxZw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:45:51 2025 by rpki-client