Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
File: 387a5e5f-3658-431f-b236-d486cddcae07.roa (raw, json)
Hash identifier: /rCdZWLP7J7sjPrOCGi3zWjCvG9/ubW/sMI74aj/E0c=
Subject key identifier: C9:E8:8A:04:78:FC:36:E0:F9:4C:BB:78:FC:20:C2:2D:3C:02:C3:CE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5509011E14AA9A856C26D3FFC3A32A9934931772
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
Signing time: Fri 10 Oct 2025 17:10:05 +0000
ROA not before: Fri 10 Oct 2025 17:10:05 +0000
ROA not after: Fri 14 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.119.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:09:01:1e:14:aa:9a:85:6c:26:d3:ff:c3:a3:2a:99:34:93:17:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 10 17:10:05 2025 GMT
Not After : Nov 14 23:59:59 2025 GMT
Subject: serialNumber=b86233731371b8d8bb25eff3b3060d2350939671c41a343d9f5fa236b0164a8c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:13:45:78:c3:9c:7f:e2:33:02:0f:a4:f5:15:
8d:58:44:64:d0:89:f9:a2:1e:54:9e:b7:c2:10:5f:
ea:c7:f5:a6:8c:b7:68:21:0d:f4:f8:49:72:00:b1:
c4:25:1c:f9:5a:4d:a9:c5:f2:2f:79:be:26:38:27:
4d:f4:b6:ec:2d:1b:1a:ea:f8:f5:98:6a:a3:53:23:
d5:87:75:16:b6:b3:ec:5a:95:c8:95:93:b4:d2:32:
ca:34:d0:d9:94:2e:0c:1b:6c:25:25:a7:58:12:eb:
2a:0e:68:a0:f2:97:31:f4:1b:99:a2:c8:6d:46:98:
5b:6e:2c:b0:25:c4:52:3c:ac:7a:92:52:ff:2c:3d:
a1:2c:58:3e:f0:8f:91:07:56:0a:e5:4b:d5:84:2b:
39:43:4e:66:46:f2:5c:30:02:05:7b:65:65:8c:37:
f7:a2:20:29:8f:7f:11:85:5d:58:65:ca:85:de:18:
70:0d:7c:83:4e:ce:a3:62:ac:ed:bb:47:88:19:8c:
b1:76:c3:e3:d0:5d:35:c0:8f:ec:6d:2b:50:12:43:
41:4c:d4:25:bc:86:18:45:b4:99:5c:55:19:2a:30:
41:0e:c8:8c:3f:40:83:b0:57:85:5a:06:12:09:f1:
25:af:32:d1:1f:df:6b:46:30:c0:66:00:e4:88:76:
a0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E8:8A:04:78:FC:36:E0:F9:4C:BB:78:FC:20:C2:2D:3C:02:C3:CE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/387a5e5f-3658-431f-b236-d486cddcae07.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.119.128.0/17
Signature Algorithm: sha256WithRSAEncryption
60:a2:6c:55:9f:33:3a:81:a6:94:5b:d0:a4:06:05:e4:9d:b6:
38:bd:2c:9c:25:cd:2c:c1:2a:29:f0:57:e4:28:a3:aa:ea:7a:
ce:db:86:1c:a3:73:ee:87:74:50:32:ed:8f:52:4e:2c:8a:e9:
ae:72:2f:02:92:00:4a:86:56:4b:54:a6:df:f5:24:9c:2b:c1:
69:28:e4:99:0e:5a:d3:d9:52:73:e5:27:fe:65:cd:6d:29:06:
ee:f6:cc:33:21:5f:b2:a7:52:73:37:61:f2:7e:89:94:06:d5:
29:f1:e1:a0:7e:6f:d2:ae:49:d2:73:21:b3:4e:fe:f0:53:86:
14:f3:c5:e1:03:65:b8:b4:f2:1e:7a:a1:d2:cd:91:d7:e8:a7:
12:3a:3f:18:fd:f2:56:e5:de:67:9e:4f:1e:b8:b5:0b:3b:30:
57:64:ec:01:cd:2b:3b:28:08:dc:11:21:02:62:4c:07:14:4f:
68:47:81:5b:02:e9:70:ed:d4:b2:b9:a6:e3:4c:e2:24:f3:7e:
c7:d8:3b:c7:37:f3:2c:10:83:21:8c:15:df:84:61:fe:6f:0b:
b0:fb:ce:bb:ec:90:c3:51:0c:33:e7:71:7e:72:c5:d7:74:9f:
dd:31:2f:c4:78:0b:9f:aa:00:29:7d:a6:bb:b0:96:a6:d5:46:
aa:36:27:87
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVQkBHhSqmoVsJtP/w6MqmTSTF3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMTAxNzEwMDVaFw0yNTExMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4NjIzMzczMTM3MWI4ZDhiYjI1ZWZmM2IzMDYwZDIzNTA5Mzk2NzFjNDFh
MzQzZDlmNWZhMjM2YjAxNjRhOGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALUTRXjDnH/iMwIPpPUVjVhEZNCJ+aIeVJ63whBf6sf1poy3aCEN9PhJcgCx
xCUc+VpNqcXyL3m+JjgnTfS27C0bGur49Zhqo1Mj1Yd1Fraz7FqVyJWTtNIyyjTQ
2ZQuDBtsJSWnWBLrKg5ooPKXMfQbmaLIbUaYW24ssCXEUjysepJS/yw9oSxYPvCP
kQdWCuVL1YQrOUNOZkbyXDACBXtlZYw396IgKY9/EYVdWGXKhd4YcA18g07Oo2Ks
7btHiBmMsXbD49BdNcCP7G0rUBJDQUzUJbyGGEW0mVxVGSowQQ7IjD9Ag7BXhVoG
EgnxJa8y0R/fa0YwwGYA5Ih2oCkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTJ6IoE
ePw24PlMu3j8IMItPALDzjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Mzg3YTVlNWYtMzY1OC00MzFmLWIyMzYtZDQ4NmNkZGNhZTA3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1N3gDAN
BgkqhkiG9w0BAQsFAAOCAQEAYKJsVZ8zOoGmlFvQpAYF5J22OL0snCXNLMEqKfBX
5Cijqup6ztuGHKNz7od0UDLtj1JOLIrprnIvApIASoZWS1Sm3/UknCvBaSjkmQ5a
09lSc+Un/mXNbSkG7vbMMyFfsqdSczdh8n6JlAbVKfHhoH5v0q5J0nMhs07+8FOG
FPPF4QNluLTyHnqh0s2R1+inEjo/GP3yVuXeZ55PHri1CzswV2TsAc0rOygI3BEh
AmJMBxRPaEeBWwLpcO3Usrmm40ziJPN+x9g7xzfzLBCDIYwV34Rh/m8LsPvOu+yQ
w1EMM+dxfnLF13Sf3TEvxHgLn6oAKX2mu7CWptVGqjYnhw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:18:54 2025 by rpki-client