Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
File: 575d6f80-6d4b-4183-8b86-cc4106bedd78.roa (raw, json)
Hash identifier: 2WIv8/9QVvb0mX0vGHzXqvVlwsbn0gW5FnWjKtzmwQQ=
Subject key identifier: B7:22:A3:57:05:E1:6A:3A:1D:1C:8D:78:53:73:6F:62:49:AC:82:E3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 17E0A013CB51A5949EE63D696CFBBC8732A49CA6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
Signing time: Mon 04 May 2026 15:30:22 +0000
ROA not before: Mon 04 May 2026 15:30:22 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.119.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:e0:a0:13:cb:51:a5:94:9e:e6:3d:69:6c:fb:bc:87:32:a4:9c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:22 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=edc5717dacaa5a7e9451f029a2a2c0c33579a51343a77cdbed9d539d4e76c2c2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2d:da:ea:d8:15:75:18:5e:a3:c0:2f:3e:1d:
c2:85:a8:cf:a5:e0:fa:cf:42:3d:55:bf:74:c3:c9:
12:07:21:f2:d0:65:8b:61:fc:14:00:7c:04:f0:a3:
c7:a2:a4:61:4f:28:c5:45:63:9c:b1:70:cf:da:01:
81:48:33:c3:74:db:6a:2f:1f:89:4c:7f:21:bc:4a:
2b:2d:85:50:5c:64:5d:bd:4c:97:72:85:e2:94:33:
90:e5:55:af:b3:b3:a8:17:80:f2:bc:27:4f:5d:44:
f6:0f:b1:53:a8:50:ee:71:e6:02:7a:9b:d2:64:66:
ba:5c:29:4a:69:9d:40:a0:8a:ed:db:70:b6:22:dd:
9e:f0:61:c6:9c:3b:6e:5c:fb:a7:7e:82:7f:ee:5b:
af:82:eb:4c:a1:30:9e:60:23:ae:ea:46:f0:af:53:
a6:9c:3c:76:b3:d5:2f:b2:4f:a9:6b:3d:67:56:37:
2d:13:fe:88:4d:50:e0:d7:ca:f4:25:53:c9:e5:32:
9d:82:04:09:2f:51:9b:ed:51:96:e7:7b:13:f1:93:
f7:c5:3d:e3:eb:7f:0e:66:e3:42:e7:67:7f:8b:fd:
c4:39:b5:72:94:23:86:4d:71:6a:0f:a9:51:ee:00:
23:bc:83:ee:ae:c5:9b:4f:b8:99:84:79:05:30:50:
ff:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:22:A3:57:05:E1:6A:3A:1D:1C:8D:78:53:73:6F:62:49:AC:82:E3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/575d6f80-6d4b-4183-8b86-cc4106bedd78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.119.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a4:14:86:b9:9b:16:e2:07:5a:85:de:6c:d7:28:06:b8:16:77:
8a:c2:2a:10:ef:2f:dc:e4:52:d9:f5:6e:c5:6a:a0:b5:62:38:
35:1c:84:e9:4b:1b:5a:33:47:f0:42:21:b4:8e:fc:ee:30:2a:
58:64:b1:4e:2f:8b:d6:5e:6d:93:30:60:16:f6:3f:37:0d:a8:
a1:95:94:f2:7a:ba:e1:43:51:ab:0f:ac:6d:30:db:a0:5b:67:
db:84:45:08:e0:4c:0a:42:6a:ff:a4:8a:df:12:c9:db:e9:ed:
d9:86:58:fb:7f:bf:91:41:1c:bf:f5:f0:1c:88:b2:cf:e2:f0:
cd:d1:61:bb:23:dd:c2:8c:e8:b3:f7:4b:6f:a3:c5:2f:b6:e3:
73:74:17:25:f2:11:6d:c2:a0:dc:e6:8a:18:f6:35:87:a9:f0:
b5:95:ae:71:4b:09:dc:6a:de:fb:14:04:18:38:d3:f0:7f:c0:
ee:ca:34:6d:e7:fe:51:da:1c:62:03:a0:69:f4:b0:5e:3d:22:
a1:01:8a:fc:a5:50:21:6c:fb:66:fa:85:56:32:9a:85:d6:05:
4c:1a:45:dd:b1:2d:48:57:08:56:b8:50:26:66:e3:5d:83:7f:
17:1b:ba:06:a9:a1:89:a7:d7:c2:bc:b7:81:00:7c:5c:63:c1:
2d:74:8b:0a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUF+CgE8tRpZSe5j1pbPu8hzKknKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjJaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkYzU3MTdkYWNhYTVhN2U5NDUxZjAyOWEyYTJjMGMzMzU3OWE1MTM0M2E3
N2NkYmVkOWQ1MzlkNGU3NmMyYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYt2urYFXUYXqPALz4dwoWoz6Xg+s9CPVW/dMPJEgch8tBli2H8FAB8BPCj
x6KkYU8oxUVjnLFwz9oBgUgzw3Tbai8fiUx/IbxKKy2FUFxkXb1Ml3KF4pQzkOVV
r7OzqBeA8rwnT11E9g+xU6hQ7nHmAnqb0mRmulwpSmmdQKCK7dtwtiLdnvBhxpw7
blz7p36Cf+5br4LrTKEwnmAjrupG8K9Tppw8drPVL7JPqWs9Z1Y3LRP+iE1Q4NfK
9CVTyeUynYIECS9Rm+1Rlud7E/GT98U94+t/DmbjQudnf4v9xDm1cpQjhk1xag+p
Ue4AI7yD7q7Fm0+4mYR5BTBQ/+UCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS3IqNX
BeFqOh0cjXhTc29iSayC4zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTc1ZDZmODAtNmQ0Yi00MTgzLThiODYtY2M0MTA2YmVkZDc4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMN3MA0G
CSqGSIb3DQEBCwUAA4IBAQCkFIa5mxbiB1qF3mzXKAa4FneKwioQ7y/c5FLZ9W7F
aqC1Yjg1HITpSxtaM0fwQiG0jvzuMCpYZLFOL4vWXm2TMGAW9j83DaihlZTyerrh
Q1GrD6xtMNugW2fbhEUI4EwKQmr/pIrfEsnb6e3Zhlj7f7+RQRy/9fAciLLP4vDN
0WG7I93CjOiz90tvo8UvtuNzdBcl8hFtwqDc5ooY9jWHqfC1la5xSwncat77FAQY
ONPwf8DuyjRt5/5R2hxiA6Bp9LBePSKhAYr8pVAhbPtm+oVWMpqF1gVMGkXdsS1I
VwhWuFAmZuNdg38XG7oGqaGJp9fCvLeBAHxcY8EtdIsK
-----END CERTIFICATE-----
Generated at Tue May 12 23:32:07 2026 by rpki-client