Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
File: 8ee7bd52-fc09-4c49-af31-341b51b405e0.roa (raw, json)
Hash identifier: retJv411pOyzXFBLBd4VjqifEMaRPYZA026jdBVI38I=
Subject key identifier: C4:ED:FA:3F:F3:CF:37:7F:8C:5C:E1:64:45:2D:9B:D8:4E:76:A0:8F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 70985C819F79130F9AC51181AC005B628A59B525
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
Signing time: Tue 21 Oct 2025 14:40:04 +0000
ROA not before: Tue 21 Oct 2025 14:40:04 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 194.234.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:98:5c:81:9f:79:13:0f:9a:c5:11:81:ac:00:5b:62:8a:59:b5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:40:04 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=ef7165a8cb005d84ecf67929dbce0d4c5b282abe2c4e51a0205d63421fee097c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e0:3d:4a:9c:f5:20:24:24:79:6b:c0:d3:a8:
c9:81:e1:e1:91:cf:ba:20:1a:c1:87:ba:1b:1c:9e:
d9:84:57:10:1b:f0:8c:fe:79:80:25:87:00:58:e8:
d7:10:36:2b:d6:be:2b:e8:d5:64:ba:da:b2:23:e4:
38:e1:c0:1a:8b:93:5d:ca:30:b4:d9:32:1b:a5:06:
c0:48:d6:ec:38:6e:50:9a:35:4f:b2:1e:45:a3:e5:
b9:c7:72:4d:70:c5:2d:2a:3b:70:27:54:76:30:87:
f8:cf:b2:fd:9d:65:3d:2a:9b:40:9f:77:38:70:4d:
e1:b8:cb:8c:4a:9c:58:03:52:9a:d6:50:22:ad:c9:
7c:48:3b:1c:88:7f:43:4d:3b:bb:6e:a8:e5:f4:7f:
1e:87:52:47:80:c3:5b:17:f2:5e:b4:b8:f8:bb:7b:
03:60:2f:22:64:18:f2:3c:18:d0:e8:62:53:39:a4:
e4:61:75:b0:e4:17:50:f7:c9:0d:5d:e9:be:41:8d:
95:80:10:83:e5:ab:7c:40:5c:44:2d:ee:3f:ea:23:
d8:d2:07:e2:7a:26:fe:24:87:cb:e5:97:95:21:ba:
91:81:4d:69:51:70:6f:69:0e:46:21:b1:30:d6:ca:
3e:6c:58:25:e7:58:99:49:2f:9e:b3:9b:a3:4f:6c:
46:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:ED:FA:3F:F3:CF:37:7F:8C:5C:E1:64:45:2D:9B:D8:4E:76:A0:8F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8ee7bd52-fc09-4c49-af31-341b51b405e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.234.0.0/15
Signature Algorithm: sha256WithRSAEncryption
49:fd:5a:3e:ca:21:1d:03:65:ea:86:6a:87:e1:17:32:c2:83:
07:4d:74:1e:e8:7f:13:0d:ef:9b:e4:25:0a:a5:cb:52:d2:0d:
e6:6a:11:61:4b:37:06:6f:72:a1:81:17:f7:cd:0d:f7:2e:f6:
3b:8d:16:1e:5b:d0:3c:9e:ff:26:71:d7:ec:e8:7d:74:51:1a:
b5:c1:49:1a:09:50:d6:9e:96:34:8c:25:03:a3:dc:41:1f:94:
59:06:ef:4b:a6:52:82:1a:46:f8:8f:1e:77:4d:82:33:fd:0f:
ce:43:9e:c9:a8:29:78:ca:a4:42:c6:29:9c:8c:e1:fc:27:cb:
51:9a:02:c9:92:78:29:a7:70:14:30:c1:8a:d9:c5:9d:2c:b0:
a2:e0:e2:0d:14:43:5f:43:67:ab:ed:e1:51:2b:da:da:4f:e4:
89:1f:e2:8b:ce:b2:8b:6f:b6:49:ba:0e:3c:8d:90:ba:07:2d:
8b:6e:fb:b4:cf:23:bd:49:5b:c8:c4:ad:7d:fb:1a:ff:e9:d4:
03:ec:d0:26:21:7e:fe:33:8b:83:33:5c:d7:e1:68:73:dd:7c:
c2:98:44:b8:91:8e:70:41:db:f7:cb:18:24:96:41:d5:d7:04:
16:2e:ca:49:46:f4:1e:f6:a5:05:e8:cf:5b:16:90:7a:b4:08:
65:1f:ab:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcJhcgZ95Ew+axRGBrABbYopZtSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDQwMDRaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGVmNzE2NWE4Y2IwMDVkODRlY2Y2NzkyOWRiY2UwZDRjNWIyODJhYmUyYzRl
NTFhMDIwNWQ2MzQyMWZlZTA5N2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKbgPUqc9SAkJHlrwNOoyYHh4ZHPuiAawYe6Gxye2YRXEBvwjP55gCWHAFjo
1xA2K9a+K+jVZLrasiPkOOHAGouTXcowtNkyG6UGwEjW7DhuUJo1T7IeRaPlucdy
TXDFLSo7cCdUdjCH+M+y/Z1lPSqbQJ93OHBN4bjLjEqcWANSmtZQIq3JfEg7HIh/
Q007u26o5fR/HodSR4DDWxfyXrS4+Lt7A2AvImQY8jwY0OhiUzmk5GF1sOQXUPfJ
DV3pvkGNlYAQg+WrfEBcRC3uP+oj2NIH4nom/iSHy+WXlSG6kYFNaVFwb2kORiGx
MNbKPmxYJedYmUkvnrObo09sRisCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTE7fo/
8883f4xc4WRFLZvYTnagjzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGVlN2JkNTItZmMwOS00YzQ5LWFmMzEtMzQxYjUxYjQwNWUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAcLqMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ/Vo+yiEdA2XqhmqH4RcywoMHTXQe6H8TDe+b5CUK
pctS0g3mahFhSzcGb3KhgRf3zQ33LvY7jRYeW9A8nv8mcdfs6H10URq1wUkaCVDW
npY0jCUDo9xBH5RZBu9LplKCGkb4jx53TYIz/Q/OQ57JqCl4yqRCximcjOH8J8tR
mgLJkngpp3AUMMGK2cWdLLCi4OINFENfQ2er7eFRK9raT+SJH+KLzrKLb7ZJug48
jZC6By2Lbvu0zyO9SVvIxK19+xr/6dQD7NAmIX7+M4uDM1zX4Whz3XzCmES4kY5w
Qdv3yxgklkHV1wQWLspJRvQe9qUF6M9bFpB6tAhlH6sD
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:00:16 2025 by rpki-client