Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
File: 7e4eba0d-9f48-42a3-b449-56ce7143e040.roa (raw, json)
Hash identifier: zFX8q2gkuSYGm7WdrLenVL3pLGwx9jM3qq6MPfSrR5U=
Subject key identifier: A2:5C:CF:D0:32:01:05:3D:10:39:09:D4:50:44:9D:B5:C1:A8:A1:A7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15F4739449684BD9B5E411D45972B3AC755EB328
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
Signing time: Mon 04 May 2026 15:30:08 +0000
ROA not before: Mon 04 May 2026 15:30:08 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 185.72.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:f4:73:94:49:68:4b:d9:b5:e4:11:d4:59:72:b3:ac:75:5e:b3:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:08 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=6573cef83113ccc76d6ac9980adfb744d2bb69954fc30aa940de25655ef35a73, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:9a:17:f9:d8:d2:e3:7d:3b:a6:e2:8a:33:
61:67:2f:23:6f:82:05:11:8e:e3:91:c9:c2:fd:3a:
e9:ca:c2:da:a4:9a:13:4d:55:d3:59:3d:f0:d6:cb:
5c:77:2d:fa:c6:bf:3e:d7:2f:23:ff:a2:64:9d:38:
6c:4a:df:5a:d3:66:6d:77:5c:2e:e6:01:96:fd:f4:
f2:6c:97:dd:24:2d:7c:2a:14:6b:e3:6d:75:4e:61:
f9:a4:0a:7e:85:0b:67:e4:16:4b:ec:dc:e3:de:ee:
e7:c0:8a:4d:21:1d:b7:3a:28:29:82:3e:4d:e4:47:
be:46:27:8f:cb:fc:32:31:d2:39:a5:16:86:9b:fc:
01:88:c7:4b:e6:2b:a6:dc:c4:4e:7b:36:ec:91:b6:
16:9d:ca:12:37:0e:be:99:12:70:86:d5:cf:f6:1f:
24:ba:a2:49:4e:92:df:98:41:3b:52:b6:6f:b9:95:
47:fb:18:9e:43:0a:95:42:62:a0:ae:a5:8c:1c:20:
24:23:9c:e1:77:bb:95:c4:a3:95:f9:73:b6:0e:60:
1f:4e:74:26:cd:c1:23:40:e1:f7:51:3d:9e:8e:6b:
e5:c7:a9:d2:d3:49:92:d9:c8:73:7b:c3:e7:ed:97:
be:e6:e9:f9:bd:6b:06:2e:5a:6e:55:fa:49:1f:48:
80:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5C:CF:D0:32:01:05:3D:10:39:09:D4:50:44:9D:B5:C1:A8:A1:A7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7e4eba0d-9f48-42a3-b449-56ce7143e040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.192.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:a3:03:30:a8:ce:fb:7d:27:6a:ae:c8:a5:83:e3:ed:6c:91:
36:8a:2b:d2:b9:9f:38:77:36:d6:e2:44:41:4a:a4:94:c4:da:
8f:43:0e:6a:11:b3:b5:5a:b0:8d:0f:a5:5f:92:e0:9d:fb:72:
88:87:65:f2:e4:3e:67:6b:47:59:8b:ac:b3:f8:7f:42:24:a4:
60:8a:21:4c:1c:28:61:67:30:d9:88:13:b5:fb:3d:e5:af:f5:
a5:2e:12:0f:69:d1:9b:78:d8:b3:cf:aa:d4:34:a9:a1:e4:18:
d8:8e:75:41:bc:51:f3:b0:07:c0:f3:8d:98:ef:9e:66:50:f5:
63:6c:50:11:07:d7:ec:be:36:9d:42:f2:9d:ba:b6:ff:b9:86:
a2:d3:69:c0:be:7e:ca:df:9c:a5:08:00:6d:91:73:ae:b3:55:
b8:74:f4:a0:4a:a8:b1:8d:70:6a:b9:10:7e:27:95:a6:72:5e:
1e:ec:c3:e9:94:d5:66:e3:44:9a:78:75:cf:97:88:fd:75:25:
6f:1d:0c:ad:a8:6d:57:2e:a8:90:3d:2c:09:10:40:14:1a:d4:
09:9e:ff:42:fe:5c:32:80:51:f4:0e:bb:b1:73:c6:4d:cb:3c:
4a:90:66:05:03:fa:68:83:38:c6:80:d3:7a:8f:a8:e7:30:12:
42:dd:04:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUFfRzlEloS9m15BHUWXKzrHVesygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMDhaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1NzNjZWY4MzExM2NjYzc2ZDZhYzk5ODBhZGZiNzQ0ZDJiYjY5OTU0ZmMz
MGFhOTQwZGUyNTY1NWVmMzVhNzMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJzymhf52NLjfTum4oozYWcvI2+CBRGO45HJwv066crC2qSaE01V01k98NbL
XHct+sa/PtcvI/+iZJ04bErfWtNmbXdcLuYBlv308myX3SQtfCoUa+NtdU5h+aQK
foULZ+QWS+zc497u58CKTSEdtzooKYI+TeRHvkYnj8v8MjHSOaUWhpv8AYjHS+Yr
ptzETns27JG2Fp3KEjcOvpkScIbVz/YfJLqiSU6S35hBO1K2b7mVR/sYnkMKlUJi
oK6ljBwgJCOc4Xe7lcSjlflztg5gH050Js3BI0Dh91E9no5r5cep0tNJktnIc3vD
5+2Xvubp+b1rBi5ablX6SR9IgMECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSiXM/Q
MgEFPRA5CdRQRJ21waihpzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2U0ZWJhMGQtOWY0OC00MmEzLWI0NDktNTZjZTcxNDNlMDQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlIwDAN
BgkqhkiG9w0BAQsFAAOCAQEATKMDMKjO+30naq7IpYPj7WyRNoor0rmfOHc21uJE
QUqklMTaj0MOahGztVqwjQ+lX5LgnftyiIdl8uQ+Z2tHWYuss/h/QiSkYIohTBwo
YWcw2YgTtfs95a/1pS4SD2nRm3jYs8+q1DSpoeQY2I51QbxR87AHwPONmO+eZlD1
Y2xQEQfX7L42nULynbq2/7mGotNpwL5+yt+cpQgAbZFzrrNVuHT0oEqosY1warkQ
fieVpnJeHuzD6ZTVZuNEmnh1z5eI/XUlbx0MrahtVy6okD0sCRBAFBrUCZ7/Qv5c
MoBR9A67sXPGTcs8SpBmBQP6aIM4xoDTeo+o5zASQt0ERg==
-----END CERTIFICATE-----
Generated at Tue May 12 23:14:17 2026 by rpki-client