Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: Oh/eIvdWeOYkIDz372p+I0UyAEqFafgxa1qUzKzYBJc=
Subject key identifier: 35:97:13:37:E9:CA:96:38:09:25:54:AD:15:AA:B6:4E:BA:79:A5:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1CF69399B15ED1DD69D9159F9F41927609BD5B98
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Mon 04 May 2026 15:30:22 +0000
ROA not before: Mon 04 May 2026 15:30:22 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:f6:93:99:b1:5e:d1:dd:69:d9:15:9f:9f:41:92:76:09:bd:5b:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:22 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=feec17590b1f47c477bf31a9782a8931d43784c6504b99ab3f5049cdbcce7115, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3e:ca:0d:b7:97:76:0a:43:c6:bb:5f:8a:d7:
19:92:2b:d8:30:19:7d:30:29:b2:c5:f7:de:cf:81:
7e:be:35:29:c5:61:a5:74:01:cd:a6:4f:91:f4:a1:
19:64:c5:6e:f1:7c:18:da:1a:15:5f:90:ac:4b:58:
8d:5e:b1:cc:81:84:6f:2f:46:b4:69:6a:aa:cf:ce:
30:47:fe:59:9e:2a:75:10:c9:8c:11:c5:70:9f:0a:
e7:3d:d2:a3:29:7e:31:a1:c4:18:51:a0:8c:e3:57:
19:a3:19:01:20:08:13:1e:4d:16:4a:cf:29:85:89:
6a:88:cc:16:8c:6e:40:da:c5:08:39:3c:e1:67:d0:
33:3b:51:e0:92:05:86:06:94:cb:c2:cd:a0:42:09:
61:b8:19:5c:2d:6d:76:60:54:c2:c5:e1:a9:3c:7f:
8c:7f:fa:07:9f:00:e1:97:52:89:7e:bd:74:4d:92:
96:9e:3b:b7:af:f8:86:b8:55:09:da:38:7d:07:85:
38:ae:5e:06:4c:21:b4:0a:10:1f:3f:cf:31:8f:aa:
79:c0:c4:d2:0a:ee:78:e0:b0:45:7c:e7:a1:d2:6f:
5a:f6:0d:20:1f:c9:75:4d:5d:3a:45:ab:84:10:6b:
dd:d1:a2:e6:63:ce:f3:c5:38:14:90:87:07:1a:e8:
3d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:97:13:37:E9:CA:96:38:09:25:54:AD:15:AA:B6:4E:BA:79:A5:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
52:f9:a3:3a:43:11:f1:06:a9:ef:03:58:2e:83:82:ac:57:bf:
fd:e8:9d:5d:36:ba:d8:e5:20:11:78:ad:82:1d:2a:19:27:dc:
b5:d5:ee:f2:f8:40:b7:b1:0a:5d:9a:9c:ad:32:30:8d:07:0f:
45:f9:83:58:0c:65:e5:41:c7:b7:04:fd:6b:88:a9:39:e9:9b:
22:e9:41:71:bd:e3:ba:c1:20:ab:52:ee:90:89:c5:58:6e:49:
cf:eb:66:04:09:d9:de:18:ce:8e:15:64:f2:56:06:b8:b2:91:
6f:2e:0c:7d:91:65:93:e9:1c:8e:c7:ce:00:f6:77:de:3e:28:
25:f8:1f:77:83:e6:e4:1e:b6:3e:a4:4d:1e:41:23:ba:6c:d9:
5c:28:a6:0c:d6:d6:e3:87:61:24:ac:3b:29:29:71:48:bf:19:
5f:8c:4e:3e:97:ca:6e:08:2a:df:c7:f7:80:52:c4:3b:80:95:
08:71:09:62:5c:ed:6a:88:c1:4a:a0:c0:fb:78:3f:3d:ed:c1:
fd:84:93:79:0b:ed:09:61:ab:bc:b5:b6:22:fb:0e:23:ef:38:
02:12:3d:0a:12:72:42:b4:2f:fe:b5:82:ec:91:7f:21:e1:b1:
6a:e7:ad:86:fc:2a:8d:58:da:b0:c2:cd:9c:37:01:5f:e2:3e:
ac:4d:4a:cf
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUHPaTmbFe0d1p2RWfn0GSdgm9W5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGZlZWMxNzU5MGIxZjQ3YzQ3N2JmMzFhOTc4MmE4OTMxZDQzNzg0YzY1MDRi
OTlhYjNmNTA0OWNkYmNjZTcxMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKs+yg23l3YKQ8a7X4rXGZIr2DAZfTApssX33s+Bfr41KcVhpXQBzaZPkfSh
GWTFbvF8GNoaFV+QrEtYjV6xzIGEby9GtGlqqs/OMEf+WZ4qdRDJjBHFcJ8K5z3S
oyl+MaHEGFGgjONXGaMZASAIEx5NFkrPKYWJaojMFoxuQNrFCDk84WfQMztR4JIF
hgaUy8LNoEIJYbgZXC1tdmBUwsXhqTx/jH/6B58A4ZdSiX69dE2Slp47t6/4hrhV
Cdo4fQeFOK5eBkwhtAoQHz/PMY+qecDE0grueOCwRXznodJvWvYNIB/JdU1dOkWr
hBBr3dGi5mPO88U4FJCHBxroPWkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQ1lxM3
6cqWOAklVK0VqrZOunmlZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUvmjOkMR8Qap7wNYLoOCrFe//eidXTa62OUgEXit
gh0qGSfctdXu8vhAt7EKXZqcrTIwjQcPRfmDWAxl5UHHtwT9a4ipOembIulBcb3j
usEgq1LukInFWG5Jz+tmBAnZ3hjOjhVk8lYGuLKRby4MfZFlk+kcjsfOAPZ33j4o
Jfgfd4Pm5B62PqRNHkEjumzZXCimDNbW44dhJKw7KSlxSL8ZX4xOPpfKbggq38f3
gFLEO4CVCHEJYlztaojBSqDA+3g/Pe3B/YSTeQvtCWGrvLW2IvsOI+84AhI9ChJy
QrQv/rWC7JF/IeGxauethvwqjVjasMLNnDcBX+I+rE1Kzw==
-----END CERTIFICATE-----
Generated at Tue May 12 23:15:25 2026 by rpki-client