Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: h8q+NYDdYRaMEOgNE12qQKRA5W/jUjMz+Lm63BwhxDg=
Subject key identifier: 5F:5E:FD:73:74:72:D5:60:FC:44:D0:37:CD:F4:D1:BA:9A:AB:ED:0E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 151DD555FEF1268C462C4AD4184E9B32C98FE8E4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Mon 06 Oct 2025 18:10:31 +0000
ROA not before: Mon 06 Oct 2025 18:10:31 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 17:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:1d:d5:55:fe:f1:26:8c:46:2c:4a:d4:18:4e:9b:32:c9:8f:e8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:31 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=16dde3abcd1e7f90afe6e82acae1aa89ef22839d800050ca935a3b527233815d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d6:4b:1f:26:78:e4:cc:5a:68:9e:2a:1d:0a:
1f:e1:ce:5d:6c:8f:b9:c2:dd:dc:c7:5a:49:c1:64:
52:55:ea:b6:f4:54:ff:f2:57:3e:3e:fa:fb:a7:2e:
96:d6:a8:84:fd:c6:1e:d2:f6:71:15:d7:11:27:ba:
0d:2d:53:db:dc:e5:40:69:89:9c:9b:91:37:e3:0a:
3e:4a:18:3c:a8:d1:7f:f9:80:be:ec:18:30:6a:0d:
03:26:a9:d2:26:0b:1c:f1:a2:43:43:f5:b9:01:6e:
3d:98:f0:be:fe:e5:99:42:35:c5:46:b8:4d:ad:9b:
20:2a:73:3b:b9:b1:1c:94:41:b6:df:a5:fc:c4:81:
f9:31:d3:d9:e9:49:17:73:c2:a1:e1:55:df:26:bb:
eb:96:41:b6:88:b6:81:2a:ae:cf:04:16:72:4d:34:
85:5c:96:7c:ba:39:26:73:17:e6:94:fc:a1:90:d0:
17:eb:14:2b:4e:fd:2f:61:7e:67:ad:b7:39:47:8e:
de:49:e7:22:6a:f1:91:a4:95:04:6d:4d:5c:8f:86:
c9:23:ba:5d:f6:ba:e1:ac:f0:b7:ff:13:b7:9d:34:
67:cd:da:b6:60:a4:f4:cc:39:45:1c:0a:c6:7c:da:
2e:63:ae:3a:63:46:8b:34:6c:88:2e:f6:3d:84:1a:
06:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5E:FD:73:74:72:D5:60:FC:44:D0:37:CD:F4:D1:BA:9A:AB:ED:0E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
86:60:ae:5c:ef:d7:a8:9d:f9:1e:dc:c5:b2:1f:13:a7:3b:8a:
33:c3:2d:3a:65:cb:ef:4a:8b:49:7f:a0:37:e4:92:81:fe:3c:
50:b3:e2:b2:38:3b:59:40:f1:37:c8:66:71:68:14:58:32:98:
22:be:f7:c9:20:1b:8a:49:94:3c:3d:8c:c7:0a:c6:d9:f0:8c:
fd:94:14:1c:e8:98:61:dd:3a:18:5c:b4:7b:c9:de:06:63:99:
aa:23:d8:58:f2:ba:45:3a:e6:8f:0b:18:58:30:86:36:42:6c:
40:8c:4c:9a:ee:63:f6:6c:ec:62:9a:4f:af:2e:4a:46:d1:63:
70:96:45:68:c4:b4:e7:28:7f:e7:63:7d:14:95:67:33:76:34:
55:2e:26:bf:d7:ba:22:3d:97:e0:36:e7:65:08:c4:f9:6e:5b:
21:57:38:c2:3b:de:4c:e5:f7:60:9f:e2:77:a4:e2:93:20:3f:
dd:84:89:75:9b:e4:9a:54:bf:66:3a:d2:e8:43:5a:56:87:b3:
58:b4:ff:3a:77:00:8c:24:62:49:9d:2d:f6:0c:a7:7f:73:96:
4f:d6:36:d5:3e:86:0a:74:99:9b:a6:6e:d1:8e:eb:c9:54:39:
53:d2:0e:a6:b5:b0:a0:5a:8f:ba:f4:11:b4:d3:65:e2:48:3e:
7c:74:b2:1c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFR3VVf7xJoxGLErUGE6bMsmP6OQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMzFaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2ZGRlM2FiY2QxZTdmOTBhZmU2ZTgyYWNhZTFhYTg5ZWYyMjgzOWQ4MDAw
NTBjYTkzNWEzYjUyNzIzMzgxNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL3WSx8meOTMWmieKh0KH+HOXWyPucLd3MdaScFkUlXqtvRU//JXPj76+6cu
ltaohP3GHtL2cRXXESe6DS1T29zlQGmJnJuRN+MKPkoYPKjRf/mAvuwYMGoNAyap
0iYLHPGiQ0P1uQFuPZjwvv7lmUI1xUa4Ta2bICpzO7mxHJRBtt+l/MSB+THT2elJ
F3PCoeFV3ya765ZBtoi2gSquzwQWck00hVyWfLo5JnMX5pT8oZDQF+sUK079L2F+
Z623OUeO3knnImrxkaSVBG1NXI+GySO6Xfa64azwt/8Tt500Z83atmCk9Mw5RRwK
xnzaLmOuOmNGizRsiC72PYQaBg8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRfXv1z
dHLVYPxE0DfN9NG6mqvtDjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEAhmCuXO/XqJ35HtzFsh8TpzuKM8MtOmXL70qLSX+g
N+SSgf48ULPisjg7WUDxN8hmcWgUWDKYIr73ySAbikmUPD2MxwrG2fCM/ZQUHOiY
Yd06GFy0e8neBmOZqiPYWPK6RTrmjwsYWDCGNkJsQIxMmu5j9mzsYppPry5KRtFj
cJZFaMS05yh/52N9FJVnM3Y0VS4mv9e6Ij2X4DbnZQjE+W5bIVc4wjveTOX3YJ/i
d6TikyA/3YSJdZvkmlS/ZjrS6ENaVoezWLT/OncAjCRiSZ0t9gynf3OWT9Y21T6G
CnSZm6Zu0Y7ryVQ5U9IOprWwoFqPuvQRtNNl4kg+fHSyHA==
-----END CERTIFICATE-----
Generated at Tue Oct 14 02:08:25 2025 by rpki-client