Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
File: 7dc90e26-05aa-40c8-bbd0-967e095d6485.roa (raw, json)
Hash identifier: CnqUDQ9oYqf5u1OuRgzZq3jAT+ICdmYTMjmCX0VRSvw=
Subject key identifier: A6:22:34:86:39:B4:33:3E:CA:AF:31:C2:A1:D4:51:7F:80:C1:85:CF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C723E911CF0261C39875B64FC9FF2C92F6B4C59
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
Signing time: Fri 26 Sep 2025 20:10:03 +0000
ROA not before: Fri 26 Sep 2025 20:10:03 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 143.65.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:72:3e:91:1c:f0:26:1c:39:87:5b:64:fc:9f:f2:c9:2f:6b:4c:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:10:03 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=f23c2920333e0b0bca0f79abdb39ada8ac3bd0902fab66c5493253d86f7ae511, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cb:9d:f8:2b:2f:e7:8c:bb:d2:f8:0b:bf:dd:
89:21:f4:d6:57:41:28:75:67:9e:08:49:18:e3:0f:
cb:29:91:52:0d:02:fc:ee:50:0b:43:fb:e4:2d:f7:
09:69:0e:c6:11:2f:e3:8b:7c:ea:9d:e5:57:71:69:
0d:5a:a4:c3:91:89:87:8b:fd:dc:75:11:7c:24:c7:
cb:84:45:a3:f5:36:5a:83:72:3f:8e:cf:a9:89:bb:
bd:1a:4a:5b:0f:13:7d:de:60:69:cf:c8:1f:6c:3f:
d8:00:e1:07:e5:c1:46:be:fc:25:0f:ed:c5:dc:02:
8c:6f:40:e3:58:29:99:11:3d:da:51:59:62:f5:78:
fd:69:d1:45:90:e9:6e:00:81:65:36:18:2e:0d:8c:
ef:a4:24:86:aa:b1:4e:6d:5f:9f:82:f7:41:53:97:
82:bf:50:2e:26:ce:22:03:d6:8b:bb:17:82:3f:4d:
e6:c5:18:03:d7:2e:67:cb:fb:dd:53:e6:74:22:f5:
1e:85:12:f0:56:a3:d9:9b:7a:c6:5c:33:95:3c:f4:
72:04:35:37:1c:22:be:06:85:e7:66:4e:fe:b7:18:
93:fc:1d:f6:59:5d:d8:49:43:0c:9a:1b:f6:12:96:
77:c8:ba:e4:20:a1:d2:b9:56:2a:5e:ff:ec:ad:14:
c3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:22:34:86:39:B4:33:3E:CA:AF:31:C2:A1:D4:51:7F:80:C1:85:CF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7dc90e26-05aa-40c8-bbd0-967e095d6485.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.65.0.0/17
Signature Algorithm: sha256WithRSAEncryption
ca:0e:c1:29:ca:62:0f:6c:6d:fb:f4:6f:fd:f1:40:45:a4:32:
5b:63:50:e0:83:0c:e3:64:58:0d:56:2f:1c:8f:73:6d:fe:f3:
b0:ab:3a:1a:d8:28:e0:18:b0:6e:01:80:93:95:14:82:1c:44:
d7:84:ae:ae:e0:be:d7:4a:64:51:1b:92:70:44:47:19:2f:a5:
a3:df:70:83:8f:b9:fe:93:9f:f6:ee:24:5c:c6:24:d8:14:4c:
7c:50:39:3d:0d:ee:77:c9:db:8f:48:df:2b:ef:61:76:a1:1e:
3d:1a:67:9e:4e:e6:ca:38:c0:17:16:aa:89:54:c5:b9:14:f9:
9f:a6:e1:17:e4:70:3a:73:3d:4c:a1:fe:98:3e:cb:69:ab:db:
6d:7d:26:dc:60:46:0d:14:29:68:56:54:e6:fe:d5:b1:3d:99:
99:71:9a:5f:6b:d8:2a:1c:c4:d7:86:e9:50:44:80:14:a9:23:
49:f8:cd:4f:4e:a9:35:5a:0c:73:6c:47:79:f5:5d:1a:0f:d5:
d8:c7:bc:d4:3e:d3:f7:89:8e:8f:5f:a0:de:bc:29:3f:93:84:
3f:42:9c:be:fd:84:0d:5f:68:24:e7:f8:4a:ae:60:ad:85:43:
5c:b3:03:a5:77:71:f9:1c:f0:e6:cc:fe:45:70:ee:88:1e:86:
57:01:90:4e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUDHI+kRzwJhw5h1tk/J/yyS9rTFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDEwMDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGYyM2MyOTIwMzMzZTBiMGJjYTBmNzlhYmRiMzlhZGE4YWMzYmQwOTAyZmFi
NjZjNTQ5MzI1M2Q4NmY3YWU1MTExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK7LnfgrL+eMu9L4C7/diSH01ldBKHVnnghJGOMPyymRUg0C/O5QC0P75C33
CWkOxhEv44t86p3lV3FpDVqkw5GJh4v93HURfCTHy4RFo/U2WoNyP47PqYm7vRpK
Ww8Tfd5gac/IH2w/2ADhB+XBRr78JQ/txdwCjG9A41gpmRE92lFZYvV4/WnRRZDp
bgCBZTYYLg2M76QkhqqxTm1fn4L3QVOXgr9QLibOIgPWi7sXgj9N5sUYA9cuZ8v7
3VPmdCL1HoUS8Faj2Zt6xlwzlTz0cgQ1NxwivgaF52ZO/rcYk/wd9lld2ElDDJob
9hKWd8i65CCh0rlWKl7/7K0UwykCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSmIjSG
ObQzPsqvMcKh1FF/gMGFzzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2RjOTBlMjYtMDVhYS00MGM4LWJiZDAtOTY3ZTA5NWQ2NDg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB49BADAN
BgkqhkiG9w0BAQsFAAOCAQEAyg7BKcpiD2xt+/Rv/fFARaQyW2NQ4IMM42RYDVYv
HI9zbf7zsKs6Gtgo4BiwbgGAk5UUghxE14SuruC+10pkURuScERHGS+lo99wg4+5
/pOf9u4kXMYk2BRMfFA5PQ3ud8nbj0jfK+9hdqEePRpnnk7myjjAFxaqiVTFuRT5
n6bhF+RwOnM9TKH+mD7LaavbbX0m3GBGDRQpaFZU5v7VsT2ZmXGaX2vYKhzE14bp
UESAFKkjSfjNT06pNVoMc2xHefVdGg/V2Me81D7T94mOj1+g3rwpP5OEP0Kcvv2E
DV9oJOf4Sq5grYVDXLMDpXdx+Rzw5sz+RXDuiB6GVwGQTg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:52:57 2025 by rpki-client