Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: 1p7FVm3cFinoxsQbunjoj+n01zDt9Kdy0+vk76QRAn8=
Subject key identifier: 6C:C5:83:5A:15:A8:D2:F7:28:63:1F:EA:98:78:ED:F8:8C:F4:1F:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 643DF9449E2E8B7987A134C26606851656E75DA1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Mon 04 May 2026 15:30:25 +0000
ROA not before: Mon 04 May 2026 15:30:25 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:3d:f9:44:9e:2e:8b:79:87:a1:34:c2:66:06:85:16:56:e7:5d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:25 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=c9533afd185242b728b8f0006c7c0f3358d58ddfaa9acde44f1837e253965ff9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:18:d0:13:89:a3:2c:bc:f3:6b:b2:dd:4a:bb:
ee:4f:10:98:93:f5:ab:77:6f:24:07:e7:76:01:1c:
54:f1:3c:9e:d8:4c:0b:ee:11:54:3a:10:54:20:03:
43:fc:b1:ad:97:a5:e3:28:f4:e0:c5:a0:0a:ef:e0:
82:e4:07:65:e8:d6:52:f9:10:2c:84:55:2a:2c:12:
69:f2:aa:74:46:26:f3:c0:c4:36:ca:fc:ca:3b:d8:
ec:5d:46:b0:22:0d:ca:0e:a0:d7:9d:a3:e3:b8:ae:
82:c4:69:d7:53:d4:e6:22:94:07:8d:1f:82:2f:90:
f9:cd:b9:cf:55:76:87:e7:53:c6:f9:19:a0:a0:1b:
fa:64:bc:b8:17:90:1e:cf:89:28:6a:a3:a1:a4:6a:
ac:75:d9:bf:93:2f:28:f7:09:ab:d3:b0:a9:25:bb:
51:a5:7e:5b:7b:ab:e3:d1:fd:8f:c5:e9:66:18:e1:
ac:5d:0c:32:88:50:cf:12:a1:ab:d7:5f:a8:08:ea:
a6:b7:8e:f9:23:4c:81:94:a6:75:5a:56:8f:f6:9a:
71:ea:52:13:17:4f:c6:da:39:b3:17:f0:3b:35:d3:
4a:93:a3:e0:50:cd:13:ce:8a:02:21:7c:56:47:34:
b2:d1:6d:ae:65:a8:83:f6:3a:c5:9f:cb:1b:15:aa:
2d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C5:83:5A:15:A8:D2:F7:28:63:1F:EA:98:78:ED:F8:8C:F4:1F:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4a:a7:b7:3a:94:7b:53:a9:89:b7:ca:15:0a:4e:7d:96:c5:98:
68:85:9a:4a:b5:64:a1:b9:2a:ee:79:03:ef:e8:8f:2e:af:8f:
a9:b5:e1:59:4f:7a:6e:7b:1a:81:b5:60:93:12:2d:7e:d0:33:
a3:fb:0c:8c:92:b8:1c:17:f5:f8:3c:84:59:63:9e:52:cc:10:
a5:5b:3b:16:85:56:b4:6d:df:cf:f8:a7:6c:56:69:4f:a8:9e:
64:48:5d:61:bc:5d:64:c0:84:1a:36:01:83:f8:bc:54:e8:99:
5c:0b:6e:9a:6d:b5:b1:af:d0:ea:21:62:76:17:5a:26:16:ad:
05:2e:64:02:9e:42:86:67:8a:ab:6e:c0:29:33:31:b9:8e:44:
b3:de:41:31:f3:a2:df:77:bc:bc:2b:af:7b:af:48:83:20:94:
da:1b:a1:59:99:ff:b3:7f:a3:c6:c8:3c:b2:bf:20:63:68:66:
bb:1e:aa:47:46:4c:fb:93:a2:50:b6:d4:66:47:1a:53:65:8e:
89:72:23:8e:41:ea:4e:fe:bd:6a:76:c7:79:59:80:99:65:6c:
e7:30:1f:c6:07:f1:30:c1:d9:64:53:24:96:b2:34:4a:1b:cc:
1a:dc:1e:91:54:6a:44:8b:da:a9:58:8c:62:2e:93:6a:48:fd:
58:81:12:8e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZD35RJ4ui3mHoTTCZgaFFlbnXaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjVaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5NTMzYWZkMTg1MjQyYjcyOGI4ZjAwMDZjN2MwZjMzNThkNThkZGZhYTlh
Y2RlNDRmMTgzN2UyNTM5NjVmZjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKQY0BOJoyy882uy3Uq77k8QmJP1q3dvJAfndgEcVPE8nthMC+4RVDoQVCAD
Q/yxrZel4yj04MWgCu/gguQHZejWUvkQLIRVKiwSafKqdEYm88DENsr8yjvY7F1G
sCINyg6g152j47iugsRp11PU5iKUB40fgi+Q+c25z1V2h+dTxvkZoKAb+mS8uBeQ
Hs+JKGqjoaRqrHXZv5MvKPcJq9OwqSW7UaV+W3ur49H9j8XpZhjhrF0MMohQzxKh
q9dfqAjqpreO+SNMgZSmdVpWj/aacepSExdPxto5sxfwOzXTSpOj4FDNE86KAiF8
Vkc0stFtrmWog/Y6xZ/LGxWqLeECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRsxYNa
FajS9yhjH+qYeO34jPQfyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEASqe3OpR7U6mJt8oVCk59lsWYaIWaSrVkobkq7nkD
7+iPLq+PqbXhWU96bnsagbVgkxItftAzo/sMjJK4HBf1+DyEWWOeUswQpVs7FoVW
tG3fz/inbFZpT6ieZEhdYbxdZMCEGjYBg/i8VOiZXAtumm21sa/Q6iFidhdaJhat
BS5kAp5ChmeKq27AKTMxuY5Es95BMfOi33e8vCuve69IgyCU2huhWZn/s3+jxsg8
sr8gY2hmux6qR0ZM+5OiULbUZkcaU2WOiXIjjkHqTv69anbHeVmAmWVs5zAfxgfx
MMHZZFMklrI0ShvMGtwekVRqRIvaqViMYi6Takj9WIESjg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:53:44 2026 by rpki-client