Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: O+oX0O4arKwwUW9L00bTwComF7oJSRMGRmFTRTCx28E=
Subject key identifier: BB:C6:A3:68:85:F4:34:80:55:00:4A:96:98:03:FC:5D:66:1B:2A:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 446E5A98B5F187E2011C91C1B55AEB493B2E2026
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Mon 01 Sep 2025 21:20:07 +0000
ROA not before: Mon 01 Sep 2025 21:20:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:6e:5a:98:b5:f1:87:e2:01:1c:91:c1:b5:5a:eb:49:3b:2e:20:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 1 21:20:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2e2a014ac26ce072d2aa691b793058e356418d68dda33c4d82f29cebe80216e4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:de:f4:c5:f4:20:db:b0:9c:e1:98:3d:f4:90:
dd:f5:34:b2:93:d6:b5:9d:63:0a:f4:60:7f:e0:b0:
84:3a:f5:0a:42:6f:0a:cc:ef:05:65:f8:38:b1:00:
78:86:d5:1a:46:0a:54:80:f1:db:1a:7a:12:2b:f7:
b4:fb:f0:dc:3f:cb:45:16:84:0b:f5:f8:38:c0:6d:
38:9e:93:f0:77:11:07:90:a2:9a:dc:de:a2:98:b8:
a5:92:c8:63:dd:01:4b:db:5d:f6:9a:70:65:af:67:
8a:9a:63:8d:1d:26:f1:e5:db:ca:c8:e4:e4:26:18:
f4:4b:a6:e1:b3:02:cc:93:f4:c8:65:c3:bc:69:ea:
bd:58:a1:65:41:e1:72:f2:95:3c:34:2d:52:4d:b1:
bf:d8:93:e1:e6:6d:34:f2:1e:23:3b:28:6a:33:ca:
21:b5:1a:bf:f9:a9:05:c5:49:62:d9:bf:11:b7:7c:
2e:8b:75:e9:55:57:bc:42:75:e6:3a:c5:06:05:e2:
80:b1:16:0b:c6:e4:62:a2:ae:bb:0c:fa:c2:f4:fa:
83:8e:55:37:69:9d:22:e9:08:91:46:c8:6a:c7:a7:
47:d7:64:96:18:c1:dc:ef:49:0f:73:49:80:b7:c4:
ec:a1:59:f7:25:ef:b5:c8:a6:7d:02:c3:8c:0f:2c:
15:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:C6:A3:68:85:F4:34:80:55:00:4A:96:98:03:FC:5D:66:1B:2A:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:b0:74:3f:f6:92:d1:d0:d7:e9:e2:ad:09:2e:10:73:a0:7c:
35:ed:91:8a:29:69:50:70:5e:89:dc:37:c4:cf:8b:9e:da:17:
d1:05:46:f3:4d:29:a0:b9:54:44:4f:1d:45:79:53:c7:aa:3b:
7e:2d:ac:14:07:47:a2:e8:84:02:21:6f:b9:86:c6:64:46:5e:
07:52:ff:60:ce:60:64:f5:b8:e1:6b:0f:eb:17:3d:1f:71:f6:
52:a2:77:ad:32:e4:9a:72:9c:90:97:0b:da:33:b4:81:13:3f:
32:37:8e:78:96:e1:9e:21:58:29:9c:26:60:7c:a2:d7:2d:25:
2d:75:01:52:30:28:e3:49:62:3e:22:de:01:cb:7c:71:1e:58:
a2:47:f9:dd:f9:ea:5e:f4:78:7a:49:44:bb:00:6d:67:e6:7a:
62:24:4a:73:eb:db:59:81:f4:f7:32:dc:d7:c6:cf:31:aa:73:
86:f6:b5:1c:95:0d:d6:e9:8a:51:eb:b6:63:f4:12:56:0b:fb:
22:c4:3f:34:ac:36:11:e8:8f:ea:c8:96:a9:ed:de:92:b4:56:
41:bf:cb:a9:33:08:13:73:b2:60:a8:51:bf:37:3d:71:23:75:
f0:4c:46:44:95:d3:e9:ef:01:e8:20:2e:70:03:98:2b:8f:ec:
a5:18:e5:fe
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURG5amLXxh+IBHJHBtVrrSTsuICYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDEyMTIwMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJlMmEwMTRhYzI2Y2UwNzJkMmFhNjkxYjc5MzA1OGUzNTY0MThkNjhkZGEz
M2M0ZDgyZjI5Y2ViZTgwMjE2ZTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMne9MX0INuwnOGYPfSQ3fU0spPWtZ1jCvRgf+CwhDr1CkJvCszvBWX4OLEA
eIbVGkYKVIDx2xp6Eiv3tPvw3D/LRRaEC/X4OMBtOJ6T8HcRB5Cimtzeopi4pZLI
Y90BS9td9ppwZa9nippjjR0m8eXbysjk5CYY9Eum4bMCzJP0yGXDvGnqvVihZUHh
cvKVPDQtUk2xv9iT4eZtNPIeIzsoajPKIbUav/mpBcVJYtm/Ebd8Lot16VVXvEJ1
5jrFBgXigLEWC8bkYqKuuwz6wvT6g45VN2mdIukIkUbIasenR9dklhjB3O9JD3NJ
gLfE7KFZ9yXvtcimfQLDjA8sFfcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7xqNo
hfQ0gFUASpaYA/xdZhsq+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQACsHQ/9pLR0Nfp4q0JLhBzoHw17ZGKKWlQcF6J3DfE
z4ue2hfRBUbzTSmguVRETx1FeVPHqjt+LawUB0ei6IQCIW+5hsZkRl4HUv9gzmBk
9bjhaw/rFz0fcfZSonetMuSacpyQlwvaM7SBEz8yN454luGeIVgpnCZgfKLXLSUt
dQFSMCjjSWI+It4By3xxHliiR/nd+epe9Hh6SUS7AG1n5npiJEpz69tZgfT3MtzX
xs8xqnOG9rUclQ3W6YpR67Zj9BJWC/sixD80rDYR6I/qyJap7d6StFZBv8upMwgT
c7JgqFG/Nz1xI3XwTEZEldPp7wHoIC5wA5grj+ylGOX+
-----END CERTIFICATE-----
Generated at Wed Sep 17 20:48:30 2025 by rpki-client