Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: tUw+ci6eWlU2QKdGs7E45/muPLdfs0Htz4uPIbjYCPE=
Subject key identifier: BD:83:A5:18:03:28:F8:A7:AA:E9:48:87:31:A6:C3:01:A0:60:FE:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 111355D87004257887E88F2915F478D88BEDCAED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Mon 06 Oct 2025 18:10:05 +0000
ROA not before: Mon 06 Oct 2025 18:10:05 +0000
ROA not after: Mon 10 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:13:55:d8:70:04:25:78:87:e8:8f:29:15:f4:78:d8:8b:ed:ca:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 6 18:10:05 2025 GMT
Not After : Nov 10 23:59:59 2025 GMT
Subject: serialNumber=9c8b36f375af8baa03d6af98a068631f2c967e612cbcd3c3b60fc3eb8695982d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:57:4d:28:0b:ae:7d:c2:5c:98:23:d5:8c:ce:
4a:fa:cd:fa:f9:c2:26:a5:e9:48:a0:86:1e:9d:a3:
6f:e1:6f:dc:12:52:65:2f:52:6d:28:9d:19:70:66:
5c:d7:ae:ed:0e:e4:ca:e1:c9:89:54:e4:fc:28:98:
f6:e5:3c:6c:8a:15:2a:1e:c8:f3:29:48:05:a9:69:
88:c0:d3:70:15:ba:39:7d:bf:b8:57:8b:66:ce:e0:
9f:a0:8c:aa:26:81:cc:ab:5e:68:98:57:9a:c0:78:
2e:6f:11:f1:96:5d:a3:b4:0a:4b:ac:e6:4d:2f:40:
5f:60:6f:59:2f:e3:c9:fc:30:11:a0:aa:cd:09:ce:
50:4f:cd:4e:eb:99:f1:af:db:a0:8a:34:60:a2:26:
fb:5a:17:71:58:03:4a:13:05:44:2e:d5:6d:bf:87:
e5:9e:90:a9:bb:80:7a:19:1b:49:b0:c2:54:97:dc:
55:f8:bc:13:ab:b3:98:1f:12:a3:df:ee:17:1a:4b:
12:26:f1:ea:38:12:51:d6:29:06:b3:fe:7f:f7:d3:
13:2f:d5:9b:17:4a:46:c6:b3:07:58:ef:ca:be:37:
32:29:88:87:3c:b8:e1:7e:af:27:6f:b1:98:b7:1e:
73:3b:3e:73:09:ee:e2:9a:ed:d9:82:68:53:69:64:
25:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:83:A5:18:03:28:F8:A7:AA:E9:48:87:31:A6:C3:01:A0:60:FE:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b3:18:1a:03:60:13:6b:98:47:3d:ce:08:39:0b:05:2d:2b:87:
86:b1:db:29:2b:b8:21:9b:dc:75:c0:54:6a:64:f2:e5:e9:2f:
93:dc:56:d5:5b:19:28:c4:7b:89:32:75:97:22:63:ba:26:fe:
5f:7f:50:e8:4b:b9:cc:f0:98:d2:47:8b:f2:c1:28:25:5b:8d:
46:f3:80:df:8c:75:40:b6:82:b6:18:18:89:67:b9:25:28:28:
26:3a:8a:34:3e:3d:59:81:b9:e8:f4:e5:ec:f5:3c:78:f3:72:
1b:cf:ea:fe:83:af:68:49:af:93:c9:df:d7:a9:5f:2e:42:1f:
01:bf:54:97:9b:ae:71:ba:d7:ac:f8:d1:bf:c9:fc:ec:90:44:
f8:88:b6:b1:4f:d1:8d:a2:58:42:0c:e1:6b:e2:dc:32:2b:05:
1f:38:93:c2:4a:be:fd:7b:0c:42:06:4b:4f:1d:b6:8a:29:e3:
ea:68:15:d9:44:51:81:d1:cd:33:fa:a8:c1:ba:cd:8d:50:a0:
3b:c8:15:92:5e:ea:c5:0c:3b:7a:03:bd:cf:4a:9e:3d:fb:a8:
a7:4b:48:89:ee:58:32:58:81:c8:d3:ba:c1:2b:6b:0b:24:77:
5d:5a:8a:b2:42:b6:1b:d1:ea:40:40:b0:9c:17:d7:5d:19:79:
f4:5f:48:43
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUERNV2HAEJXiH6I8pFfR42Ivtyu0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMDYxODEwMDVaFw0yNTExMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOGIzNmYzNzVhZjhiYWEwM2Q2YWY5OGEwNjg2MzFmMmM5NjdlNjEyY2Jj
ZDNjM2I2MGZjM2ViODY5NTk4MmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPFXTSgLrn3CXJgj1YzOSvrN+vnCJqXpSKCGHp2jb+Fv3BJSZS9SbSidGXBm
XNeu7Q7kyuHJiVTk/CiY9uU8bIoVKh7I8ylIBalpiMDTcBW6OX2/uFeLZs7gn6CM
qiaBzKteaJhXmsB4Lm8R8ZZdo7QKS6zmTS9AX2BvWS/jyfwwEaCqzQnOUE/NTuuZ
8a/boIo0YKIm+1oXcVgDShMFRC7Vbb+H5Z6QqbuAehkbSbDCVJfcVfi8E6uzmB8S
o9/uFxpLEibx6jgSUdYpBrP+f/fTEy/VmxdKRsazB1jvyr43MimIhzy44X6vJ2+x
mLceczs+cwnu4prt2YJoU2lkJQsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9g6UY
Ayj4p6rpSIcxpsMBoGD+fzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQCzGBoDYBNrmEc9zgg5CwUtK4eGsdspK7ghm9x1wFRq
ZPLl6S+T3FbVWxkoxHuJMnWXImO6Jv5ff1DoS7nM8JjSR4vywSglW41G84DfjHVA
toK2GBiJZ7klKCgmOoo0Pj1Zgbno9OXs9Tx483Ibz+r+g69oSa+Tyd/XqV8uQh8B
v1SXm65xutes+NG/yfzskET4iLaxT9GNolhCDOFr4twyKwUfOJPCSr79ewxCBktP
HbaKKePqaBXZRFGB0c0z+qjBus2NUKA7yBWSXurFDDt6A73PSp49+6inS0iJ7lgy
WIHI07rBK2sLJHddWoqyQrYb0epAQLCcF9ddGXn0X0hD
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:52:55 2025 by rpki-client