Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: W2KcAzSgn6hebW3UzIG9OfLmR6Sv5zLKfNM7ap9Tln0=
Subject key identifier: 65:C5:A2:58:D3:F7:E2:3E:00:8E:A1:BE:BF:CE:9E:C7:55:9D:48:95
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B6031EEFA3B04C01D513549FEEC7F2BB3C1A3DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Fri 26 Sep 2025 20:21:10 +0000
ROA not before: Fri 26 Sep 2025 20:21:10 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:60:31:ee:fa:3b:04:c0:1d:51:35:49:fe:ec:7f:2b:b3:c1:a3:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:10 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=c08a9f8128e7bd01584fadc0cdc2dbc755af892e920d09e02ea6cc81bda90c4b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c2:a2:66:40:6c:70:d1:9b:f1:8c:25:20:50:
58:88:cb:3d:c6:d9:63:3c:b9:c2:8e:64:da:63:3a:
48:62:aa:e2:a6:c9:f4:20:61:79:a6:95:5f:57:80:
77:c0:f7:3d:20:72:d2:18:5a:c2:9e:eb:23:ac:1b:
32:d1:2f:1d:7e:ef:a8:b9:0b:8a:26:05:f7:50:eb:
5e:73:6e:69:d4:d5:33:11:83:2b:50:38:14:a3:82:
fa:4b:55:22:dc:d0:7d:fa:5d:98:fa:e4:d8:91:36:
44:aa:e8:8f:78:9e:23:bf:e1:b5:41:d4:47:dd:68:
60:b2:2a:6d:8c:dc:c6:87:cd:1b:77:4a:a6:83:18:
52:4e:0b:a2:f9:26:ee:25:9c:ea:2e:bf:38:03:e2:
3a:3b:92:7a:c9:f0:d0:03:b8:01:7c:36:71:fa:a8:
31:61:34:97:3a:a3:69:29:dd:e1:92:2f:00:76:7a:
76:8e:04:bd:cf:c2:0f:9b:d6:09:5f:fe:e8:ed:c1:
a1:91:ac:c2:1a:e4:03:10:13:09:62:d2:71:20:51:
0f:0c:f8:bb:d7:e5:07:77:5d:9c:7d:9e:fd:47:95:
5b:00:a5:17:2c:7b:54:ea:5c:f0:d5:89:18:cc:ba:
a1:3a:ae:0d:10:2d:b0:a4:09:b4:fb:58:64:50:f5:
dc:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C5:A2:58:D3:F7:E2:3E:00:8E:A1:BE:BF:CE:9E:C7:55:9D:48:95
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
d1:38:9e:6d:68:a6:c2:45:0c:5d:a8:20:cf:f6:08:51:e2:01:
f0:c8:37:3f:9c:7e:10:04:d7:13:ed:ff:c1:6c:45:fe:53:e4:
04:fc:52:24:39:11:0e:01:90:2a:df:6f:76:cd:94:96:68:cd:
ac:36:eb:09:da:9a:74:10:51:bb:d0:a9:1b:05:74:c9:d4:5c:
19:f1:8f:67:9b:ba:3d:74:c1:64:99:40:2c:4a:e8:0b:39:74:
19:46:a9:25:10:f5:3e:01:9e:f0:53:22:90:43:84:f1:f7:9f:
29:ef:2d:3c:9f:76:93:c2:aa:85:a3:31:06:e7:4c:e8:1c:a5:
10:2a:f7:ad:72:41:f7:51:c4:fa:4d:55:8d:bb:fe:8a:a2:28:
aa:5e:01:bd:fb:19:77:d6:63:b6:6c:56:c0:63:b0:2c:a1:0a:
b0:e5:9a:8f:0b:cd:28:5d:c4:da:bc:e0:9b:85:da:e0:74:68:
b5:6f:07:df:78:48:be:9e:c2:84:ff:ac:a7:bf:b4:cd:af:86:
2e:ec:3d:29:d3:1c:df:c3:40:72:80:0b:bc:78:45:07:b5:fe:
41:6a:32:10:2d:34:d8:ce:20:d3:77:96:67:aa:76:07:10:db:
10:3f:1f:4d:cc:3e:a7:45:78:b5:fd:0c:2f:9d:7e:3e:05:dd:
da:3d:65:75
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUO2Ax7vo7BMAdUTVJ/ux/K7PBo98wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMTBaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwOGE5ZjgxMjhlN2JkMDE1ODRmYWRjMGNkYzJkYmM3NTVhZjg5MmU5MjBk
MDllMDJlYTZjYzgxYmRhOTBjNGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKfComZAbHDRm/GMJSBQWIjLPcbZYzy5wo5k2mM6SGKq4qbJ9CBheaaVX1eA
d8D3PSBy0hhawp7rI6wbMtEvHX7vqLkLiiYF91DrXnNuadTVMxGDK1A4FKOC+ktV
ItzQffpdmPrk2JE2RKroj3ieI7/htUHUR91oYLIqbYzcxofNG3dKpoMYUk4Lovkm
7iWc6i6/OAPiOjuSesnw0AO4AXw2cfqoMWE0lzqjaSnd4ZIvAHZ6do4Evc/CD5vW
CV/+6O3BoZGswhrkAxATCWLScSBRDwz4u9flB3ddnH2e/UeVWwClFyx7VOpc8NWJ
GMy6oTquDRAtsKQJtPtYZFD13LcCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRlxaJY
0/fiPgCOob6/zp7HVZ1IlTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEA0TiebWimwkUMXaggz/YIUeIB8Mg3P5x+EATXE+3/
wWxF/lPkBPxSJDkRDgGQKt9vds2UlmjNrDbrCdqadBBRu9CpGwV0ydRcGfGPZ5u6
PXTBZJlALEroCzl0GUapJRD1PgGe8FMikEOE8fefKe8tPJ92k8KqhaMxBudM6Byl
ECr3rXJB91HE+k1Vjbv+iqIoql4BvfsZd9ZjtmxWwGOwLKEKsOWajwvNKF3E2rzg
m4Xa4HRotW8H33hIvp7ChP+sp7+0za+GLuw9KdMc38NAcoALvHhFB7X+QWoyEC00
2M4g03eWZ6p2BxDbED8fTcw+p0V4tf0ML51+PgXd2j1ldQ==
-----END CERTIFICATE-----
Generated at Thu Oct 16 22:57:43 2025 by rpki-client