Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
File: 83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa (raw, json)
Hash identifier: brS+Pk7bo51+9mmg05ZFSjOs5bV31xxyG7PRKgMiwVI=
Subject key identifier: A3:DD:B7:A0:B8:13:DB:39:FE:15:E1:5D:78:DA:D5:62:12:C3:CF:78
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3525D8025A1EE2CF215EC5AF7A5652004DD72B09
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
Signing time: Sat 15 Nov 2025 06:50:29 +0000
ROA not before: Sat 15 Nov 2025 06:50:29 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 21:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:25:d8:02:5a:1e:e2:cf:21:5e:c5:af:7a:56:52:00:4d:d7:2b:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:50:29 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=59e2c04d052e214cd18760e8b6be23be83bea4ab24a6c94848aef09c5fcf9621, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:58:2f:48:4e:12:a2:58:e0:29:17:ed:6c:b9:
32:2c:d1:04:17:03:4a:06:ea:b0:2c:92:a7:bd:aa:
ed:fa:f6:88:2d:9f:51:94:49:37:67:cb:cf:2f:14:
df:52:33:d4:62:02:9b:fd:85:8f:4d:f7:6e:f2:fa:
bb:a9:df:65:3b:9c:83:bb:85:d5:2e:ae:29:5c:6c:
f3:7e:1d:e1:d2:d8:93:ab:fb:47:48:b5:fa:83:15:
1f:11:eb:92:1a:37:b6:42:51:d3:ea:86:74:67:75:
d6:3b:dd:d6:6a:b0:e8:bd:cd:e5:00:81:23:87:6c:
26:7c:43:1f:85:02:03:45:1c:5f:80:49:ca:e7:e3:
8c:bf:49:7a:e3:ca:76:e7:43:54:5b:94:7c:0b:5d:
c5:31:68:07:b5:e2:26:26:40:cb:d0:f2:9f:0c:93:
ef:a8:33:99:29:a6:22:7e:bd:19:6b:06:0a:3c:9f:
1d:d6:2f:cc:34:b9:1f:ca:a1:94:78:b3:b9:97:a9:
8d:36:98:6a:85:67:9d:2f:32:00:a6:44:ae:f8:96:
be:9e:9d:3a:4d:55:4c:28:a9:89:f4:a1:ea:de:32:
cc:c6:71:37:ba:6d:61:ff:a8:ae:24:7b:24:cc:cd:
58:02:8d:f1:80:43:68:74:31:96:10:c8:6d:72:c2:
59:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DD:B7:A0:B8:13:DB:39:FE:15:E1:5D:78:DA:D5:62:12:C3:CF:78
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/83a3dbd5-059a-4f95-b55b-26c786f91e3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.0.0/17
Signature Algorithm: sha256WithRSAEncryption
38:fa:d7:67:25:16:fd:f9:55:a4:c2:4a:50:f1:6c:4d:e1:21:
6f:12:d6:8f:1c:34:c8:eb:47:05:46:c4:92:8a:c9:ea:73:c8:
7f:83:60:10:bd:4a:56:a6:9d:d3:e2:00:1c:70:98:b6:92:15:
2e:07:44:75:cb:6f:47:35:13:5d:fe:66:86:7b:a9:b4:14:df:
74:0f:9c:95:8e:41:1d:b4:44:cb:3f:76:8a:b1:04:d9:88:34:
56:cc:2a:82:6e:26:88:c6:d1:16:5b:c0:81:4f:48:73:d3:4f:
f7:bd:4a:5b:f6:52:75:95:d2:a4:85:66:38:b9:90:03:30:a6:
80:57:71:cd:cf:3e:9f:eb:9a:d5:42:77:e8:22:53:20:0d:2f:
c6:53:3a:fb:9f:10:01:a8:2c:5f:15:32:56:f6:93:1c:63:07:
70:b4:4a:bd:8d:07:88:f4:a6:1c:2d:1f:08:e8:46:d5:8c:e5:
e8:02:f4:73:5a:4c:cf:50:86:77:c0:d4:15:94:01:d5:d6:fd:
f6:30:a8:c6:4d:f8:16:bc:2c:50:3b:99:74:a5:0e:d7:23:e0:
92:e1:b6:5e:f0:62:df:ef:b0:67:6e:2f:37:68:ac:01:aa:28:
fe:00:47:02:cf:83:39:79:91:f8:40:a7:82:ae:27:6c:99:71:
d8:34:09:66
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUNSXYAloe4s8hXsWvelZSAE3XKwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjUwMjlaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU5ZTJjMDRkMDUyZTIxNGNkMTg3NjBlOGI2YmUyM2JlODNiZWE0YWIyNGE2
Yzk0ODQ4YWVmMDljNWZjZjk2MjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRYL0hOEqJY4CkX7Wy5MizRBBcDSgbqsCySp72q7fr2iC2fUZRJN2fLzy8U
31Iz1GICm/2Fj033bvL6u6nfZTucg7uF1S6uKVxs834d4dLYk6v7R0i1+oMVHxHr
kho3tkJR0+qGdGd11jvd1mqw6L3N5QCBI4dsJnxDH4UCA0UcX4BJyufjjL9JeuPK
dudDVFuUfAtdxTFoB7XiJiZAy9DynwyT76gzmSmmIn69GWsGCjyfHdYvzDS5H8qh
lHizuZepjTaYaoVnnS8yAKZErviWvp6dOk1VTCipifSh6t4yzMZxN7ptYf+oriR7
JMzNWAKN8YBDaHQxlhDIbXLCWZUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSj3beg
uBPbOf4V4V142tViEsPPeDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODNhM2RiZDUtMDU5YS00Zjk1LWI1NWItMjZjNzg2ZjkxZTNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIADAN
BgkqhkiG9w0BAQsFAAOCAQEAOPrXZyUW/flVpMJKUPFsTeEhbxLWjxw0yOtHBUbE
korJ6nPIf4NgEL1KVqad0+IAHHCYtpIVLgdEdctvRzUTXf5mhnuptBTfdA+clY5B
HbREyz92irEE2Yg0Vswqgm4miMbRFlvAgU9Ic9NP971KW/ZSdZXSpIVmOLmQAzCm
gFdxzc8+n+ua1UJ36CJTIA0vxlM6+58QAagsXxUyVvaTHGMHcLRKvY0HiPSmHC0f
COhG1Yzl6AL0c1pMz1CGd8DUFZQB1db99jCoxk34FrwsUDuZdKUO1yPgkuG2XvBi
3++wZ24vN2isAaoo/gBHAs+DOXmR+ECngq4nbJlx2DQJZg==
-----END CERTIFICATE-----
Generated at Sun Nov 16 06:41:10 2025 by rpki-client