Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
File: e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa (raw, json)
Hash identifier: 5dVblMf7NlH6ijDQq4XHvy1hrgaOIctK+yVKWAI/4KU=
Subject key identifier: B6:23:96:F7:AF:E3:35:16:09:7A:B8:E1:2E:4B:7B:26:20:1E:E8:7A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 5DF9DBAF1EA6D7860FEB9F3E2DFEF0C302EB6E05
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
Signing time: Mon 04 May 2026 15:30:07 +0000
ROA not before: Mon 04 May 2026 15:30:07 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 62.230.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:f9:db:af:1e:a6:d7:86:0f:eb:9f:3e:2d:fe:f0:c3:02:eb:6e:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:07 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=afb09287759d4a960f4d3aaa12326aff71559f00ab07fac736a6b0ba5c6d7d13, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:08:63:57:70:8a:4c:c4:56:79:f0:90:5c:36:
37:8b:94:fc:c1:d2:20:18:44:9e:24:b4:48:0e:92:
56:c0:30:7d:49:6f:e7:d3:6c:89:9b:f0:94:4b:9f:
79:ad:d0:ff:4b:a1:d4:02:33:19:6b:96:a8:49:3e:
29:e2:ab:35:2f:c0:86:61:42:81:be:35:46:ff:7a:
af:b2:e8:01:e1:29:6e:50:c9:42:f2:8a:01:15:9d:
d9:fe:2d:26:54:81:99:82:74:59:d4:35:f6:2c:ad:
75:98:aa:62:4a:32:e4:8e:8e:a9:c2:f3:ac:52:35:
e3:59:bc:0c:df:d6:1f:93:56:ca:ac:19:c8:e9:a0:
ec:e8:3c:ef:df:c2:a7:3c:9f:2d:e7:ea:ab:5f:7a:
2b:11:17:65:94:78:03:41:93:d0:81:4a:6b:56:ef:
2b:2e:2a:8e:a2:d6:b2:5b:18:62:b9:1c:4d:79:cf:
29:43:f2:2d:f2:26:8b:6a:3c:d1:20:ed:87:86:e5:
fd:1d:fa:75:e3:1c:f6:cd:e5:9d:98:f0:fb:16:ba:
ca:1a:59:f6:c7:e4:03:54:1c:8f:01:9e:5a:a8:5f:
26:d3:df:bb:9f:cc:6c:21:7f:19:c9:85:80:77:0a:
b9:c6:8e:f8:42:9b:17:c0:4c:5d:4e:64:59:95:d8:
8b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:23:96:F7:AF:E3:35:16:09:7A:B8:E1:2E:4B:7B:26:20:1E:E8:7A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e91c1f40-9f81-4796-b5cc-2c1fe9202cdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.230.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:86:d1:39:9d:f3:05:36:f7:0e:0e:ff:28:a1:86:99:b7:12:
81:80:97:fc:cb:3d:54:bc:f4:2e:98:81:61:4e:81:ee:e5:05:
b7:42:a8:4f:47:66:04:94:37:aa:b1:1c:95:6e:a0:ad:31:70:
14:c3:13:ac:a3:35:da:e1:5b:81:78:20:31:19:8f:ae:5d:07:
3c:7c:ac:66:4d:5d:f5:c5:87:6b:b0:79:29:bb:38:5a:fb:06:
2a:42:65:1a:e0:93:5b:07:54:bf:5c:33:52:21:75:06:8a:69:
50:e2:73:08:f8:49:8f:94:b1:9a:df:a1:c8:4d:1d:fc:ac:1a:
55:9e:66:f2:a0:63:97:16:ce:97:30:31:61:01:f6:90:23:92:
2c:4a:6e:6a:b2:59:5a:c8:5a:8c:14:06:e1:74:cd:08:bb:72:
5a:05:5c:83:56:7f:4a:81:56:3e:38:30:a1:12:7f:88:30:bd:
e6:e2:ab:64:1e:f6:81:33:72:57:3a:4b:e9:7e:a8:3c:8e:5e:
32:06:eb:57:34:1d:a7:70:63:be:d9:05:2b:3e:63:94:9a:9b:
c8:35:42:97:56:9c:34:5b:e6:7d:b8:e8:53:81:d1:16:d8:40:
87:63:db:10:10:3d:a1:17:a6:bb:bb:00:b5:cc:45:d9:ff:69:
1e:dd:e5:2e
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUXfnbrx6m14YP658+Lf7wwwLrbgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMDdaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmYjA5Mjg3NzU5ZDRhOTYwZjRkM2FhYTEyMzI2YWZmNzE1NTlmMDBhYjA3
ZmFjNzM2YTZiMGJhNWM2ZDdkMTMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4IY1dwikzEVnnwkFw2N4uU/MHSIBhEniS0SA6SVsAwfUlv59NsiZvwlEuf
ea3Q/0uh1AIzGWuWqEk+KeKrNS/AhmFCgb41Rv96r7LoAeEpblDJQvKKARWd2f4t
JlSBmYJ0WdQ19iytdZiqYkoy5I6OqcLzrFI141m8DN/WH5NWyqwZyOmg7Og879/C
pzyfLefqq196KxEXZZR4A0GT0IFKa1bvKy4qjqLWslsYYrkcTXnPKUPyLfImi2o8
0SDth4bl/R36deMc9s3lnZjw+xa6yhpZ9sfkA1QcjwGeWqhfJtPfu5/MbCF/GcmF
gHcKucaO+EKbF8BMXU5kWZXYixUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2I5b3
r+M1Fgl6uOEuS3smIB7oejAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTkxYzFmNDAtOWY4MS00Nzk2LWI1Y2MtMmMxZmU5MjAyY2RmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAD7mMA0G
CSqGSIb3DQEBCwUAA4IBAQAJhtE5nfMFNvcODv8ooYaZtxKBgJf8yz1UvPQumIFh
ToHu5QW3QqhPR2YElDeqsRyVbqCtMXAUwxOsozXa4VuBeCAxGY+uXQc8fKxmTV31
xYdrsHkpuzha+wYqQmUa4JNbB1S/XDNSIXUGimlQ4nMI+EmPlLGa36HITR38rBpV
nmbyoGOXFs6XMDFhAfaQI5IsSm5qsllayFqMFAbhdM0Iu3JaBVyDVn9KgVY+ODCh
En+IML3m4qtkHvaBM3JXOkvpfqg8jl4yButXNB2ncGO+2QUrPmOUmpvINUKXVpw0
W+Z9uOhTgdEW2ECHY9sQED2hF6a7uwC1zEXZ/2ke3eUu
-----END CERTIFICATE-----
Generated at Tue May 12 22:50:38 2026 by rpki-client