Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
File: e3a37277-f023-468b-8a43-2519fccedc3e.roa (raw, json)
Hash identifier: 3YmhymdHhU6UAGYf+myf8IxQ4g3J62B7joW8cNRqLQo=
Subject key identifier: 7B:A4:CE:68:40:0E:3A:50:70:6C:C9:18:42:A1:D7:28:2C:2C:9D:AF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15F33360F08DC920E755865B6FA52B92B3F3F907
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
Signing time: Mon 04 May 2026 15:30:21 +0000
ROA not before: Mon 04 May 2026 15:30:21 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 85.213.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:f3:33:60:f0:8d:c9:20:e7:55:86:5b:6f:a5:2b:92:b3:f3:f9:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:21 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=3939097611cb689269bb592638d8ba7f46ed4ae76924d094561436cace8589bf, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:69:71:a8:5b:22:16:48:8d:02:a6:00:3c:44:
8f:06:88:e2:d8:66:b8:f6:3d:75:f5:a6:18:97:50:
56:b3:62:fe:53:41:56:1f:c3:db:2e:10:5f:96:ca:
15:72:bd:10:80:51:72:a6:6f:44:ab:38:23:60:f7:
1e:0e:d1:d5:01:30:e4:09:48:28:b7:e2:41:52:a8:
bd:d5:b9:1d:a3:99:78:0e:76:07:3a:16:d4:75:2d:
a9:5f:89:e5:f6:3e:d2:10:b7:1e:35:44:10:2f:14:
0d:71:d2:90:3a:3a:c2:1f:66:bc:e9:10:b3:f9:81:
ba:5e:54:48:3c:b8:ac:b6:cf:b4:4f:8b:b8:18:5a:
bd:02:cf:87:91:23:45:ec:98:dd:07:84:e7:ac:15:
99:d5:a9:f9:e3:1f:43:a0:a6:29:9d:2c:c4:9a:95:
02:a9:a1:b5:93:7e:76:4f:a3:a2:f8:57:b5:c7:4d:
b1:9d:9f:45:55:cd:75:af:45:6d:ac:c8:cd:05:69:
75:75:df:1b:31:60:da:f6:35:18:9e:3e:7e:76:9e:
15:a9:c2:4c:54:c9:b7:90:9a:5d:e0:87:e9:19:80:
b2:c8:c5:13:80:f0:f4:72:a2:22:04:9a:1d:86:bf:
b2:d5:72:16:3a:a1:e0:f5:02:66:2e:36:6c:1a:60:
0f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:A4:CE:68:40:0E:3A:50:70:6C:C9:18:42:A1:D7:28:2C:2C:9D:AF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e3a37277-f023-468b-8a43-2519fccedc3e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.213.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:1e:04:45:6b:7a:d4:d9:1e:25:3c:fe:95:17:84:e5:71:ab:
03:a9:19:14:cb:51:64:d5:36:f1:a1:a9:5c:04:3c:1b:d5:f8:
78:73:c1:bd:5b:06:ca:d7:b4:a6:17:68:9c:79:be:86:0b:c4:
18:62:e0:6a:62:81:75:02:b2:ac:d1:c8:f1:bb:d9:21:19:0c:
b6:37:58:71:0b:8a:79:d8:11:ba:0f:b2:17:06:29:d8:76:b9:
95:6f:84:2b:e4:98:c2:48:4a:e1:51:b2:69:5f:fa:0b:c1:15:
80:44:a6:71:77:8f:c0:91:6a:85:33:61:9e:fe:78:98:ca:ad:
b1:1b:74:b8:9a:7d:da:11:44:e1:e7:f9:6d:99:1f:ef:20:23:
ff:95:b1:18:56:6d:3b:ba:09:c0:09:48:3b:33:4c:52:4a:89:
95:c4:cb:ae:63:e3:1c:ed:b2:e3:ca:14:0e:01:99:5d:83:86:
bf:4c:56:16:75:d7:29:86:5a:74:39:98:fc:4f:b3:7d:4d:1c:
00:17:2f:0f:a5:d0:d1:b5:7b:15:57:4e:45:55:0e:3c:40:94:
20:19:75:18:31:79:5e:19:c4:0d:e2:ee:92:e3:90:df:45:8a:
22:b5:f8:c1:0b:8e:63:5d:4b:6c:ea:4b:9d:3a:f0:1a:c4:7b:
14:1e:1a:3c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFfMzYPCNySDnVYZbb6UrkrPz+QcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMjFaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDM5MzkwOTc2MTFjYjY4OTI2OWJiNTkyNjM4ZDhiYTdmNDZlZDRhZTc2OTI0
ZDA5NDU2MTQzNmNhY2U4NTg5YmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9pcahbIhZIjQKmADxEjwaI4thmuPY9dfWmGJdQVrNi/lNBVh/D2y4QX5bK
FXK9EIBRcqZvRKs4I2D3Hg7R1QEw5AlIKLfiQVKovdW5HaOZeA52BzoW1HUtqV+J
5fY+0hC3HjVEEC8UDXHSkDo6wh9mvOkQs/mBul5USDy4rLbPtE+LuBhavQLPh5Ej
ReyY3QeE56wVmdWp+eMfQ6CmKZ0sxJqVAqmhtZN+dk+jovhXtcdNsZ2fRVXNda9F
bazIzQVpdXXfGzFg2vY1GJ4+fnaeFanCTFTJt5CaXeCH6RmAssjFE4Dw9HKiIgSa
HYa/stVyFjqh4PUCZi42bBpgD+MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR7pM5o
QA46UHBsyRhCodcoLCydrzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTNhMzcyNzctZjAyMy00NjhiLThhNDMtMjUxOWZjY2VkYzNlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFXVMA0G
CSqGSIb3DQEBCwUAA4IBAQA1HgRFa3rU2R4lPP6VF4TlcasDqRkUy1Fk1Tbxoalc
BDwb1fh4c8G9WwbK17SmF2iceb6GC8QYYuBqYoF1ArKs0cjxu9khGQy2N1hxC4p5
2BG6D7IXBinYdrmVb4Qr5JjCSErhUbJpX/oLwRWARKZxd4/AkWqFM2Ge/niYyq2x
G3S4mn3aEUTh5/ltmR/vICP/lbEYVm07ugnACUg7M0xSSomVxMuuY+Mc7bLjyhQO
AZldg4a/TFYWddcphlp0OZj8T7N9TRwAFy8PpdDRtXsVV05FVQ48QJQgGXUYMXle
GcQN4u6S45DfRYoitfjBC45jXUts6kudOvAaxHsUHho8
-----END CERTIFICATE-----
Generated at Tue May 12 22:44:07 2026 by rpki-client