Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: rwclXXKNRS6wZ5bhaf0lizK0yVs2pru92ZSv7AL0JDU=
Subject key identifier: 85:D0:0A:28:BF:C6:6E:68:B1:27:60:8B:1C:90:02:02:B7:56:17:4D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6C6772A61BFD1F5EEA6BFEF95441C36239131218
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Mon 06 Oct 2025 18:10:31 +0000
ROA not before: Mon 06 Oct 2025 18:10:31 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 20:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:67:72:a6:1b:fd:1f:5e:ea:6b:fe:f9:54:41:c3:62:39:13:12:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:31 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=3c03403fc4ec391a739461e30c6f72f4047e1a079daa50eafde1fb6fc6ed709d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:a6:9c:ef:8a:73:0d:b5:a0:f5:e2:2d:3e:
fd:21:e2:fd:3f:76:e6:90:58:a9:d8:42:f0:4a:b2:
f7:e5:2f:43:91:cf:17:fa:a5:b2:54:4b:6c:f1:5e:
6e:f9:c9:cd:71:60:c8:bf:fd:2b:a4:26:84:c6:74:
1b:c2:23:df:e0:c4:cd:63:42:74:68:cf:45:42:c3:
4b:3f:b5:79:92:ea:7d:3d:fe:e4:99:89:1f:8c:45:
b3:43:4e:c5:cf:72:1e:32:c7:66:f9:0e:cf:7a:d3:
af:52:e3:a8:a8:4b:b2:b6:4c:22:db:5f:d9:53:75:
de:35:27:06:e4:64:f7:12:a7:e6:d2:70:b1:36:ed:
6d:65:eb:8b:4c:34:00:b1:5b:6d:10:09:67:af:52:
28:41:5d:85:5b:b9:16:ca:c1:82:65:55:5b:3b:19:
64:3e:77:6b:57:a6:6d:dc:b6:13:c7:80:6b:07:58:
79:8c:20:9b:84:94:20:2f:d9:09:9a:e6:4f:95:18:
3e:aa:6e:a9:33:7b:bc:1f:83:bc:3f:73:1c:54:2a:
60:fa:cb:e0:b3:6b:20:90:29:1e:5a:65:2b:37:df:
bd:2a:11:d5:23:f3:39:77:a8:6c:5d:b7:09:08:50:
db:3e:a6:06:38:ee:70:41:b1:34:cd:b7:95:fe:ad:
bb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:D0:0A:28:BF:C6:6E:68:B1:27:60:8B:1C:90:02:02:B7:56:17:4D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:7e:3c:4c:75:49:78:09:b5:47:54:bf:2c:f5:6a:b0:49:3c:
bf:6f:d9:a4:a1:00:13:7b:70:62:c7:d1:02:48:ea:15:d7:16:
04:4d:22:7d:be:b5:42:37:6f:49:07:29:de:63:45:d4:1c:49:
9d:8c:bf:5c:e5:c6:4e:6d:ca:a5:e9:94:62:14:42:a2:d9:4c:
37:9b:a0:34:9c:45:b2:8a:cf:6e:6f:3f:00:64:0a:1e:c7:e0:
1f:8d:cf:0f:41:1e:58:b7:4b:2b:f1:07:a5:86:2c:d7:42:1a:
ce:fb:43:50:a3:79:e5:22:32:64:b8:60:e6:c4:06:ed:a0:5f:
1d:26:b6:1f:4e:c1:12:2f:77:33:bf:e7:78:29:e4:4c:9e:60:
64:4d:10:d2:79:2f:86:bb:95:80:3d:82:0b:f0:90:e4:40:91:
27:4a:8f:dc:60:56:de:b4:84:c0:fc:51:d0:51:90:5e:9d:7b:
ac:c7:cf:58:ba:34:1a:33:a5:7a:46:b4:50:12:39:8a:07:f0:
8e:09:8b:a7:f0:cd:36:4f:51:ee:31:d7:1f:c5:e1:9f:84:1d:
eb:92:c0:83:50:2a:91:0e:c9:d4:e4:95:73:54:42:9b:3d:b0:
a7:73:fe:6d:90:81:55:61:74:36:d6:72:6a:32:bb:8a:66:83:
7d:61:40:d2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbGdyphv9H17qa/75VEHDYjkTEhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMDM0MDNmYzRlYzM5MWE3Mzk0NjFlMzBjNmY3MmY0MDQ3ZTFhMDc5ZGFh
NTBlYWZkZTFmYjZmYzZlZDcwOWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMYvppzvinMNtaD14i0+/SHi/T925pBYqdhC8Eqy9+UvQ5HPF/qlslRLbPFe
bvnJzXFgyL/9K6QmhMZ0G8Ij3+DEzWNCdGjPRULDSz+1eZLqfT3+5JmJH4xFs0NO
xc9yHjLHZvkOz3rTr1LjqKhLsrZMIttf2VN13jUnBuRk9xKn5tJwsTbtbWXri0w0
ALFbbRAJZ69SKEFdhVu5FsrBgmVVWzsZZD53a1embdy2E8eAawdYeYwgm4SUIC/Z
CZrmT5UYPqpuqTN7vB+DvD9zHFQqYPrL4LNrIJApHlplKzffvSoR1SPzOXeobF23
CQhQ2z6mBjjucEGxNM23lf6tux8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSF0Aoo
v8ZuaLEnYIsckAICt1YXTTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQApfjxMdUl4CbVHVL8s9WqwSTy/b9mkoQATe3Bix9EC
SOoV1xYETSJ9vrVCN29JByneY0XUHEmdjL9c5cZObcql6ZRiFEKi2Uw3m6A0nEWy
is9ubz8AZAoex+Afjc8PQR5Yt0sr8QelhizXQhrO+0NQo3nlIjJkuGDmxAbtoF8d
JrYfTsESL3czv+d4KeRMnmBkTRDSeS+Gu5WAPYIL8JDkQJEnSo/cYFbetITA/FHQ
UZBenXusx89YujQaM6V6RrRQEjmKB/COCYun8M02T1HuMdcfxeGfhB3rksCDUCqR
DsnU5JVzVEKbPbCnc/5tkIFVYXQ21nJqMruKZoN9YUDS
-----END CERTIFICATE-----
Generated at Thu Oct 16 05:19:15 2025 by rpki-client