Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json)
Hash identifier: P+luYuzxT3TLaHITJVyWHJrRI+V4lYQ10j8pbJ3QO54=
Subject key identifier: CE:71:9F:E1:9A:62:6D:25:B7:DC:17:2E:75:14:2D:07:16:E9:DF:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1549389DA795FE1800B7F78CCD1E7AC9E54E3A33
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
Signing time: Fri 26 Sep 2025 20:39:26 +0000
ROA not before: Fri 26 Sep 2025 20:39:26 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 00:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:49:38:9d:a7:95:fe:18:00:b7:f7:8c:cd:1e:7a:c9:e5:4e:3a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:39:26 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=bae16cf41f953982273f35e810197d440e4121889c4f14976c9c14abd91125c5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2f:4a:7f:f2:a3:49:43:54:8a:0a:51:14:6c:
c0:f3:42:77:6b:44:55:2e:be:fd:1d:b0:28:27:4b:
0f:83:5d:f9:2e:ce:e6:e2:c5:93:bd:d8:d5:aa:35:
8e:03:37:76:be:56:ce:02:67:af:cc:b8:fe:c7:69:
07:f1:aa:0a:47:12:80:3b:8c:c7:cc:5f:93:b3:7b:
95:a8:c3:62:90:b4:aa:19:1d:42:12:f5:ed:aa:46:
76:5f:08:58:9d:ef:25:1d:28:e8:bb:c5:25:32:b7:
f9:a5:cf:13:06:dd:93:19:ad:a1:8e:4c:91:e2:4f:
fc:05:e7:61:78:ca:06:e8:11:d8:f4:ab:8f:55:41:
0d:e8:93:87:ca:8e:d6:06:29:63:64:c3:a0:eb:7d:
7b:76:9b:6a:ef:88:9f:0c:dd:28:58:4d:a9:e2:0a:
c1:30:21:c1:76:b6:2a:99:07:6b:bd:b4:95:dd:db:
1f:32:c1:c5:a0:eb:c4:4f:da:f7:19:24:c6:fd:ca:
94:a5:8c:65:c0:29:c5:2c:14:b3:4a:2b:21:1e:87:
d2:59:69:5f:4b:62:55:bb:61:1d:8d:cf:66:d1:f9:
84:20:be:ce:58:6d:4f:b0:9d:b0:ff:f1:50:1d:a6:
19:0b:20:d1:07:48:61:28:8b:37:e2:fe:44:02:41:
3e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:71:9F:E1:9A:62:6D:25:B7:DC:17:2E:75:14:2D:07:16:E9:DF:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
cc:2d:46:3a:59:c3:e5:39:32:d1:a4:0c:04:4f:dd:e0:cd:f1:
6c:b9:bc:4e:24:24:26:2b:ac:1d:d6:1b:04:13:cd:4b:7a:c5:
ce:a9:f2:0f:4c:e4:28:8a:bc:38:6c:59:0b:bc:bb:49:f9:6e:
05:14:88:48:d0:93:cf:2f:d6:de:ec:85:24:3c:d6:31:b9:11:
e9:8f:20:b2:4d:35:78:da:cb:fa:ad:3d:95:71:b0:97:0e:cb:
c6:3e:4a:07:7e:dc:3b:d7:ef:76:83:ab:78:ac:35:09:fb:6c:
ff:19:5e:20:ec:6e:a5:d8:4a:d7:b3:ca:ea:63:d8:3d:09:21:
54:86:a4:31:d0:c4:94:86:4c:89:f6:9f:2f:0e:9b:29:59:87:
00:15:0b:b1:3e:4d:74:4b:1b:8d:9b:be:ec:af:14:cb:77:6d:
ce:48:26:1c:1e:fa:30:2f:0d:7f:0b:66:d5:c2:b7:98:22:0d:
19:18:64:9c:e7:a3:8c:92:b1:82:2a:6c:81:ac:d1:07:5c:a1:
41:82:e0:51:7f:db:5e:40:e8:a0:09:40:13:80:ee:76:d0:9e:
5e:e7:2f:06:ff:43:fc:7b:af:b4:c2:3e:b3:e4:25:d4:0f:c7:
a2:fb:d1:24:e2:d9:81:03:2c:c4:74:f2:c8:22:b0:c1:0c:4a:
42:ed:97:bb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFUk4naeV/hgAt/eMzR56yeVOOjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDM5MjZaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhZTE2Y2Y0MWY5NTM5ODIyNzNmMzVlODEwMTk3ZDQ0MGU0MTIxODg5YzRm
MTQ5NzZjOWMxNGFiZDkxMTI1YzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsvSn/yo0lDVIoKURRswPNCd2tEVS6+/R2wKCdLD4Nd+S7O5uLFk73Y1ao1
jgM3dr5WzgJnr8y4/sdpB/GqCkcSgDuMx8xfk7N7lajDYpC0qhkdQhL17apGdl8I
WJ3vJR0o6LvFJTK3+aXPEwbdkxmtoY5MkeJP/AXnYXjKBugR2PSrj1VBDeiTh8qO
1gYpY2TDoOt9e3abau+InwzdKFhNqeIKwTAhwXa2KpkHa720ld3bHzLBxaDrxE/a
9xkkxv3KlKWMZcApxSwUs0orIR6H0llpX0tiVbthHY3PZtH5hCC+zlhtT7CdsP/x
UB2mGQsg0QdIYSiLN+L+RAJBPosCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTOcZ/h
mmJtJbfcFy51FC0HFunfrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQDMLUY6WcPlOTLRpAwET93gzfFsubxOJCQmK6wd1hsE
E81LesXOqfIPTOQoirw4bFkLvLtJ+W4FFIhI0JPPL9be7IUkPNYxuRHpjyCyTTV4
2sv6rT2VcbCXDsvGPkoHftw71+92g6t4rDUJ+2z/GV4g7G6l2ErXs8rqY9g9CSFU
hqQx0MSUhkyJ9p8vDpspWYcAFQuxPk10SxuNm77srxTLd23OSCYcHvowLw1/C2bV
wreYIg0ZGGSc56OMkrGCKmyBrNEHXKFBguBRf9teQOigCUATgO520J5e5y8G/0P8
e6+0wj6z5CXUD8ei+9Ek4tmBAyzEdPLIIrDBDEpC7Ze7
-----END CERTIFICATE-----
Generated at Fri Oct 17 05:37:40 2025 by rpki-client