Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
File: 207ef309-dcb5-4264-bf57-0d52fea079cd.roa (raw, json)
Hash identifier: opzXfkstSXCMNLHiBCPESpLj+VfwneAKVuYKcwuztcY=
Subject key identifier: 4B:46:BE:A0:A7:3F:A7:02:28:FD:CA:4B:2D:65:84:6A:08:71:B3:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 682AD207A552508EA20CD64A1030810387327138
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
Signing time: Mon 04 May 2026 15:30:10 +0000
ROA not before: Mon 04 May 2026 15:30:10 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 130.24.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:2a:d2:07:a5:52:50:8e:a2:0c:d6:4a:10:30:81:03:87:32:71:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:10 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=b0ec16c136670d32d2125344062322d53eb9d71839ef9050c96a6c410a109e22, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:89:77:a1:62:3f:57:9c:7e:2f:0d:64:96:78:
20:0e:4e:92:21:05:f4:db:5d:3b:76:a4:18:ba:58:
ac:63:ac:9c:af:74:f2:54:a1:e5:f0:31:0f:f4:3e:
80:b3:b2:c3:cb:ad:ff:c8:ab:f2:27:26:9d:e0:d7:
e8:dd:63:c5:61:81:a7:9b:b4:4f:56:84:24:cf:d5:
2d:11:91:8f:11:db:39:19:de:f2:4a:ac:79:14:ee:
8a:a6:ff:23:b4:ee:a6:1b:37:24:c0:3c:f4:90:e6:
8b:05:7f:40:47:73:ac:f9:b2:53:66:d2:ef:2b:63:
a1:26:97:f2:bc:4c:63:28:13:fa:ec:9f:54:da:02:
d7:bb:8a:56:bc:ee:51:47:90:aa:28:ab:7c:08:8f:
15:14:29:5b:1c:38:4a:5c:64:cf:7a:96:39:65:8a:
af:32:b2:9c:c8:25:f7:0f:0e:dd:4d:06:a6:2b:43:
59:a8:f1:32:60:de:6a:a5:99:50:98:4b:83:29:5e:
f0:74:d9:3e:27:41:cd:ed:39:0c:73:e1:51:2f:f4:
5f:25:61:04:f7:0a:bb:0d:8a:84:47:5c:17:8e:0d:
12:9e:4c:3a:95:0d:89:ae:b6:0a:41:bc:ff:de:0b:
75:c7:b2:74:20:83:0c:68:7e:6a:77:65:f4:cc:50:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:46:BE:A0:A7:3F:A7:02:28:FD:CA:4B:2D:65:84:6A:08:71:B3:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/207ef309-dcb5-4264-bf57-0d52fea079cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.24.0.0/16
Signature Algorithm: sha256WithRSAEncryption
31:63:81:d7:7e:8d:ec:43:24:c7:9a:a1:2e:36:80:65:62:81:
9f:e4:f8:d4:70:9e:9f:da:25:7d:2a:c7:3c:96:7d:68:70:0e:
74:f2:bc:52:a1:67:82:ad:d4:04:96:95:57:eb:57:59:b1:fd:
1a:e4:6d:83:ee:fe:e1:1c:80:ae:55:87:14:54:e8:d3:32:d5:
9c:37:0b:08:38:0b:89:79:cb:76:03:5c:54:83:d3:62:86:51:
dc:25:3b:02:11:7a:46:ab:28:23:c1:3d:0a:03:13:cc:03:50:
b0:f1:39:e9:42:cb:07:82:07:7d:44:c2:13:9a:2f:15:73:b2:
82:e0:94:13:fb:26:aa:19:51:c0:d5:00:c6:2a:8e:a1:3a:03:
a4:32:14:1f:88:db:6c:40:dd:8e:61:51:94:d3:a5:a3:c4:a3:
14:53:a9:9b:38:e5:04:7c:64:52:88:11:b1:60:e5:dc:a3:d2:
c3:72:54:04:3e:55:c7:d9:d3:4b:74:64:24:e1:1e:c4:56:77:
3f:b5:28:3a:8d:eb:30:f2:37:d4:ac:bf:0b:31:52:09:38:1c:
01:c9:bc:a6:65:d7:d2:0b:e3:88:bf:90:7a:35:ab:71:58:e9:
de:78:f4:8c:ed:af:45:c2:4c:6f:67:00:32:9c:5d:89:ba:de:
96:b9:d6:1e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaCrSB6VSUI6iDNZKEDCBA4cycTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMTBaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwZWMxNmMxMzY2NzBkMzJkMjEyNTM0NDA2MjMyMmQ1M2ViOWQ3MTgzOWVm
OTA1MGM5NmE2YzQxMGExMDllMjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2Jd6FiP1ecfi8NZJZ4IA5OkiEF9NtdO3akGLpYrGOsnK908lSh5fAxD/Q+
gLOyw8ut/8ir8icmneDX6N1jxWGBp5u0T1aEJM/VLRGRjxHbORne8kqseRTuiqb/
I7Tuphs3JMA89JDmiwV/QEdzrPmyU2bS7ytjoSaX8rxMYygT+uyfVNoC17uKVrzu
UUeQqiirfAiPFRQpWxw4Slxkz3qWOWWKrzKynMgl9w8O3U0GpitDWajxMmDeaqWZ
UJhLgyle8HTZPidBze05DHPhUS/0XyVhBPcKuw2KhEdcF44NEp5MOpUNia62CkG8
/94LdceydCCDDGh+andl9MxQuCMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRLRr6g
pz+nAij9ykstZYRqCHGzcTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjA3ZWYzMDktZGNiNS00MjY0LWJmNTctMGQ1MmZlYTA3OWNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAIIYMA0G
CSqGSIb3DQEBCwUAA4IBAQAxY4HXfo3sQyTHmqEuNoBlYoGf5PjUcJ6f2iV9Ksc8
ln1ocA508rxSoWeCrdQElpVX61dZsf0a5G2D7v7hHICuVYcUVOjTMtWcNwsIOAuJ
ect2A1xUg9NihlHcJTsCEXpGqygjwT0KAxPMA1Cw8TnpQssHggd9RMITmi8Vc7KC
4JQT+yaqGVHA1QDGKo6hOgOkMhQfiNtsQN2OYVGU06WjxKMUU6mbOOUEfGRSiBGx
YOXco9LDclQEPlXH2dNLdGQk4R7EVnc/tSg6jesw8jfUrL8LMVIJOBwBybymZdfS
C+OIv5B6NatxWOneePSM7a9FwkxvZwAynF2Jut6WudYe
-----END CERTIFICATE-----
Generated at Tue May 12 22:50:30 2026 by rpki-client