Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: TjHGw14LzlAxNFEc59Z7JTCFXORQfrPi9uX2d+ByAjs=
Subject key identifier: FC:AD:62:F8:30:EA:5A:53:61:66:FD:44:C3:D2:2D:69:50:9B:8D:03
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 288A06D67FBDD16F15F6C43D174BED9FE465A49E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Tue 09 Sep 2025 16:10:20 +0000
ROA not before: Tue 09 Sep 2025 16:10:20 +0000
ROA not after: Tue 14 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 13:46:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:8a:06:d6:7f:bd:d1:6f:15:f6:c4:3d:17:4b:ed:9f:e4:65:a4:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 9 16:10:20 2025 GMT
Not After : Oct 14 23:59:59 2025 GMT
Subject: serialNumber=91ea41e59a1147b276e25e41188623ba0b2ced5c0861bd1bfb4591b18500c92e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:34:46:62:87:96:b7:db:87:7f:ae:99:1b:ce:
a7:cc:cd:f9:8f:61:4e:c7:2d:77:03:a0:78:04:a5:
ef:f9:eb:e3:bc:f8:b9:c2:5d:6e:6a:51:0f:54:73:
01:49:08:27:45:33:6d:2d:8b:83:09:7e:be:02:cf:
14:de:43:78:60:c5:a6:68:e6:b1:70:b7:7b:fe:0e:
11:3a:55:cb:f2:17:a0:67:23:9a:51:4f:b8:54:09:
00:d5:a2:c6:70:36:14:8f:e6:5d:22:2a:56:ee:58:
4a:45:7a:6e:54:26:31:7a:eb:de:46:31:3e:c1:12:
db:4e:58:9c:8b:f6:c5:bc:06:ec:1b:14:21:e7:52:
39:68:5a:95:5e:47:55:fb:b4:30:26:e6:bf:de:5f:
df:fe:37:2f:5d:c8:33:30:b0:d9:3b:30:42:46:33:
5e:05:2f:f5:bf:6f:88:45:de:84:a0:4b:86:0a:2c:
0e:c7:44:f6:18:f2:8c:2e:a0:c1:f4:3c:14:7e:d8:
8c:74:ef:1b:39:5e:90:93:cd:42:f7:dd:b5:86:aa:
1e:8b:38:4b:71:38:e1:ae:29:75:be:a6:44:4b:dc:
52:50:e4:9a:88:93:b6:68:2a:ad:bb:09:55:4b:3e:
ab:09:42:35:96:88:86:40:bc:0e:30:24:28:ff:e0:
1e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AD:62:F8:30:EA:5A:53:61:66:FD:44:C3:D2:2D:69:50:9B:8D:03
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5e:fd:c8:0d:00:59:06:80:c8:c6:1a:ca:d0:0d:0b:80:ab:25:
9a:32:34:f5:fe:12:94:eb:29:bd:c7:99:8f:8f:b7:c1:0e:54:
95:15:67:1e:d4:3d:bf:c2:92:12:00:09:84:7d:80:1c:13:02:
0c:46:2e:18:8d:7a:22:95:0f:55:6a:20:af:1f:5c:c0:fa:ab:
29:ad:67:4a:69:75:20:c1:dd:9c:12:27:c0:e8:26:3f:d3:6f:
b7:0b:bc:5e:2f:cb:f6:21:30:0b:72:df:0d:c5:75:c6:01:a2:
55:2a:02:9b:91:30:c6:d6:a9:e5:f4:32:62:f5:15:29:e3:16:
db:71:35:c7:36:80:54:a3:8e:d0:70:68:d0:c7:cc:9e:7c:bd:
3b:8f:26:1a:94:e3:3d:a9:d4:fc:6e:aa:b3:a7:b1:0c:13:49:
9c:93:04:f7:73:01:f0:d0:3b:98:e7:87:64:5a:5e:a0:63:b7:
9a:b0:02:5f:0a:8d:59:51:f8:85:c8:b1:23:87:33:5a:7c:cb:
26:ad:f6:8c:ed:21:15:cd:81:f2:f1:6f:ce:84:09:e1:9a:15:
e9:4d:83:04:4f:4c:c8:91:e7:5b:8b:93:72:d3:f1:10:47:0f:
b6:dc:b5:8d:37:34:ee:59:fd:2a:59:f7:53:b5:16:aa:97:e2:
59:cc:13:24
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKIoG1n+90W8V9sQ9F0vtn+RlpJ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MDkxNjEwMjBaFw0yNTEwMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxZWE0MWU1OWExMTQ3YjI3NmUyNWU0MTE4ODYyM2JhMGIyY2VkNWMwODYx
YmQxYmZiNDU5MWIxODUwMGM5MmUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANE0RmKHlrfbh3+umRvOp8zN+Y9hTsctdwOgeASl7/nr47z4ucJdbmpRD1Rz
AUkIJ0UzbS2Lgwl+vgLPFN5DeGDFpmjmsXC3e/4OETpVy/IXoGcjmlFPuFQJANWi
xnA2FI/mXSIqVu5YSkV6blQmMXrr3kYxPsES205YnIv2xbwG7BsUIedSOWhalV5H
Vfu0MCbmv95f3/43L13IMzCw2TswQkYzXgUv9b9viEXehKBLhgosDsdE9hjyjC6g
wfQ8FH7YjHTvGzlekJPNQvfdtYaqHos4S3E44a4pdb6mREvcUlDkmoiTtmgqrbsJ
VUs+qwlCNZaIhkC8DjAkKP/gHmcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8rWL4
MOpaU2Fm/UTD0i1pUJuNAzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQBe/cgNAFkGgMjGGsrQDQuAqyWaMjT1/hKU6ym9x5mP
j7fBDlSVFWce1D2/wpISAAmEfYAcEwIMRi4YjXoilQ9VaiCvH1zA+qsprWdKaXUg
wd2cEifA6CY/02+3C7xeL8v2ITALct8NxXXGAaJVKgKbkTDG1qnl9DJi9RUp4xbb
cTXHNoBUo47QcGjQx8yefL07jyYalOM9qdT8bqqzp7EME0mckwT3cwHw0DuY54dk
Wl6gY7easAJfCo1ZUfiFyLEjhzNafMsmrfaM7SEVzYHy8W/OhAnhmhXpTYMET0zI
kedbi5Ny0/EQRw+23LWNNzTuWf0qWfdTtRaql+JZzBMk
-----END CERTIFICATE-----
Generated at Mon Sep 15 19:29:26 2025 by rpki-client