Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
File: ecd45447-b567-4c62-b588-28bb50cce889.roa (raw, json)
Hash identifier: vCfJ2HqlXo5kxky7btcc43XIxqEm9fFPO3Kzm4Id/uY=
Subject key identifier: 66:9D:B6:60:80:A7:48:98:DC:44:A8:EB:63:FB:4E:63:A6:58:3D:52
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5DBA5A3047AD18B4A2002AF56D09F73E10FA9940
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
Signing time: Fri 26 Sep 2025 20:21:03 +0000
ROA not before: Fri 26 Sep 2025 20:21:03 +0000
ROA not after: Fri 31 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 195.17.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:ba:5a:30:47:ad:18:b4:a2:00:2a:f5:6d:09:f7:3e:10:fa:99:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Sep 26 20:21:03 2025 GMT
Not After : Oct 31 23:59:59 2025 GMT
Subject: serialNumber=87e97a652fd3178fc338064266e50e102f6ebd6fb237ab1de5087a306afcadd5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:44:47:b8:b8:54:ba:ef:e1:95:2d:26:4d:a8:
ec:77:11:7f:cd:db:37:8e:9d:f2:b9:4b:40:b0:d6:
d2:a7:af:c2:25:96:70:ed:80:e9:b6:98:ea:21:27:
71:77:51:b9:4c:e9:d6:a0:69:35:80:ac:45:a5:d4:
53:73:8e:11:81:6d:2f:11:12:89:9f:9f:e2:3e:b0:
fe:7d:29:13:1b:3e:b5:02:f8:7c:60:61:56:7f:eb:
84:da:2e:91:6b:b0:4e:7c:39:97:e9:f5:92:1b:1c:
25:3c:a2:10:17:04:92:b2:9d:2b:2b:69:86:d1:f7:
d9:10:f3:12:e2:53:12:47:9c:f0:a2:57:dd:67:81:
30:c5:2b:bc:71:19:25:e1:56:21:b7:e1:c4:d8:fd:
07:40:09:0f:22:cc:7d:84:de:4b:80:2c:e3:2c:cb:
11:d5:df:fe:59:de:b4:ac:ec:58:7e:b5:7c:dc:8f:
9b:cc:1f:b0:e5:f8:63:05:40:66:2c:4c:63:80:9f:
e0:cf:a3:9a:e8:04:f7:4c:6b:b2:f7:de:d9:32:c8:
dd:9c:9b:76:10:d1:8b:6b:10:00:e3:de:da:2a:bf:
5f:6e:03:01:69:b2:5e:44:a6:56:3b:b7:4a:95:5c:
e0:89:05:ea:d6:f6:b7:ec:d1:59:17:85:8b:94:da:
01:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:9D:B6:60:80:A7:48:98:DC:44:A8:EB:63:FB:4E:63:A6:58:3D:52
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ecd45447-b567-4c62-b588-28bb50cce889.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:5c:bd:06:30:79:51:62:d8:9b:58:78:a1:af:1a:18:25:4d:
3a:22:8e:a2:c4:26:e4:e3:fd:13:e5:68:03:7d:50:a0:68:9d:
4b:e3:f9:50:f7:ac:60:70:fa:a3:29:4b:b7:22:63:98:02:bb:
82:01:0d:93:f8:54:54:94:fe:0b:16:27:1c:c0:30:cf:34:a5:
f3:da:c3:29:1c:91:31:85:90:43:e0:4f:d9:30:3a:6a:d7:7f:
76:39:c2:24:82:a0:c6:12:a5:7c:a7:91:bc:1d:e3:de:06:3e:
48:6e:fa:ee:8d:0d:84:20:eb:66:4c:65:3a:46:a4:f5:08:86:
39:2b:3b:5c:0c:43:d2:f4:18:0c:03:d8:f7:28:4e:34:be:b2:
d4:e4:97:f3:92:1d:42:71:5a:a3:c3:a8:02:51:b0:41:35:84:
84:d3:4c:3e:9e:80:70:94:01:70:c7:09:f0:e2:1b:94:63:97:
e7:93:77:94:b9:20:46:74:5b:aa:05:b6:3d:33:2e:0a:ef:29:
82:82:3d:b3:f3:75:0a:08:ab:39:7f:6a:e1:28:0d:78:65:7f:
28:7d:c5:92:93:2a:25:49:af:90:b2:dd:61:c8:91:9f:dc:e1:
89:f9:24:4a:e5:87:9e:70:a2:75:40:b6:22:f1:a7:e0:f5:82:
a5:1d:de:d1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXbpaMEetGLSiACr1bQn3PhD6mUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTA5MjYyMDIxMDNaFw0yNTEwMzEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3ZTk3YTY1MmZkMzE3OGZjMzM4MDY0MjY2ZTUwZTEwMmY2ZWJkNmZiMjM3
YWIxZGU1MDg3YTMwNmFmY2FkZDUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5ER7i4VLrv4ZUtJk2o7HcRf83bN46d8rlLQLDW0qevwiWWcO2A6baY6iEn
cXdRuUzp1qBpNYCsRaXUU3OOEYFtLxESiZ+f4j6w/n0pExs+tQL4fGBhVn/rhNou
kWuwTnw5l+n1khscJTyiEBcEkrKdKytphtH32RDzEuJTEkec8KJX3WeBMMUrvHEZ
JeFWIbfhxNj9B0AJDyLMfYTeS4As4yzLEdXf/lnetKzsWH61fNyPm8wfsOX4YwVA
ZixMY4Cf4M+jmugE90xrsvfe2TLI3ZybdhDRi2sQAOPe2iq/X24DAWmyXkSmVju3
SpVc4IkF6tb2t+zRWReFi5TaAfcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRmnbZg
gKdImNxEqOtj+05jplg9UjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZWNkNDU0NDctYjU2Ny00YzYyLWI1ODgtMjhiYjUwY2NlODg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMMRMA0G
CSqGSIb3DQEBCwUAA4IBAQB8XL0GMHlRYtibWHihrxoYJU06Io6ixCbk4/0T5WgD
fVCgaJ1L4/lQ96xgcPqjKUu3ImOYAruCAQ2T+FRUlP4LFiccwDDPNKXz2sMpHJEx
hZBD4E/ZMDpq1392OcIkgqDGEqV8p5G8HePeBj5IbvrujQ2EIOtmTGU6RqT1CIY5
KztcDEPS9BgMA9j3KE40vrLU5Jfzkh1CcVqjw6gCUbBBNYSE00w+noBwlAFwxwnw
4huUY5fnk3eUuSBGdFuqBbY9My4K7ymCgj2z83UKCKs5f2rhKA14ZX8ofcWSkyol
Sa+Qst1hyJGf3OGJ+SRK5YeecKJ1QLYi8afg9YKlHd7R
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:15:50 2025 by rpki-client