Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
File: f5f17520-2ea0-4b9a-a01c-04329523a547.roa (raw, json)
Hash identifier: rtkLHmPvC4a1XucvaEVqF8emgKX7LrGwascxMa1M/64=
Subject key identifier: 9A:9F:A1:88:64:D5:DD:F2:68:D5:80:C8:5A:DE:97:B8:6B:C1:1D:B2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57F72BB7548580DF1EA3B1B1857BC51162CDA7F9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
Signing time: Mon 04 May 2026 15:30:18 +0000
ROA not before: Mon 04 May 2026 15:30:18 +0000
ROA not after: Sun 02 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 195.61.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:f7:2b:b7:54:85:80:df:1e:a3:b1:b1:85:7b:c5:11:62:cd:a7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 4 15:30:18 2026 GMT
Not After : Aug 2 23:59:59 2026 GMT
Subject: serialNumber=9c98c62cf5cc3b6dd34ae77c635d1d7f5dd52f277bdab4471ca10569fa74f225, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:80:f1:0e:96:a8:f2:66:ee:37:cb:79:39:b2:
f8:90:9d:54:1c:cb:73:4b:3a:27:69:ee:f6:6d:79:
f6:c1:bc:ee:e8:a5:1d:6f:63:b5:cb:dc:bf:d7:61:
02:dd:df:2f:1e:e7:e6:08:fb:73:2c:b8:33:de:a8:
b5:f7:dd:67:fd:3f:90:bc:d0:f9:cb:14:9e:6c:02:
73:8e:c4:88:ce:27:28:8f:ec:b2:4c:3b:1b:70:ca:
6a:e0:cb:b0:7c:2d:f3:b8:17:aa:f7:b9:70:b0:11:
54:b6:19:eb:f4:40:37:aa:be:8b:e1:e6:dd:b8:5f:
f2:b4:a0:64:45:5e:92:96:bc:96:cf:ba:20:42:ea:
c9:19:a5:d3:7d:31:e4:29:ba:ee:81:0a:a7:e4:eb:
f7:0d:7f:68:95:8e:c0:2c:df:a5:c6:ba:28:cb:f5:
93:09:5e:d8:03:a1:7c:15:8a:f0:6b:e3:27:f0:7f:
dc:8f:16:03:2c:9c:6b:ef:3a:77:8d:98:0e:d4:7e:
02:2a:11:00:0e:5e:25:76:54:4f:e5:7d:e5:b4:e5:
49:b8:58:66:b1:f0:3d:39:93:6f:fe:6f:39:ea:66:
49:ec:7b:53:51:7b:55:bb:87:12:55:cc:ac:87:4b:
cd:7f:3d:15:d6:26:0d:dc:0d:b1:54:48:e6:b1:54:
31:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:9F:A1:88:64:D5:DD:F2:68:D5:80:C8:5A:DE:97:B8:6B:C1:1D:B2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f5f17520-2ea0-4b9a-a01c-04329523a547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.61.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bf:fd:42:81:1e:14:21:7f:62:ac:ac:b1:38:bb:be:fa:87:be:
df:ff:ef:e2:af:1f:ea:ad:5b:42:81:73:d9:df:b2:d1:3e:43:
be:4a:52:99:86:d3:df:13:80:09:e1:93:7a:1e:85:f2:0f:56:
55:57:4d:5f:1c:f5:20:7e:e5:7b:0d:b1:70:51:35:0e:5d:d3:
2d:d3:a4:98:95:29:7f:bd:71:64:36:b0:bc:13:f9:e9:e7:f7:
15:c7:a1:48:53:23:97:c1:5b:ac:a2:73:4e:86:58:67:0c:67:
64:78:b4:c1:15:a7:f6:b8:69:ef:69:fa:0d:61:09:06:c2:f8:
f5:45:dd:21:49:86:59:c4:76:3b:66:ed:c5:7c:59:0e:3f:69:
0f:e2:a4:86:6b:d0:29:28:77:e1:43:34:28:59:a1:c7:91:8b:
c6:c3:1a:96:e5:ec:3d:ff:29:7e:e1:eb:db:9b:6b:2d:82:5b:
66:78:92:59:87:5f:4f:e8:73:2b:20:4f:5e:09:c9:08:6a:03:
87:84:ae:a9:5c:81:37:5c:21:62:e3:6a:b5:38:0f:96:52:7e:
60:31:42:a8:1e:81:6f:85:49:09:89:b9:6e:a5:37:e0:f9:cb:
15:f3:e2:a5:fd:e3:99:b0:11:7a:f8:3f:bf:38:8c:eb:68:0a:
d2:c0:7d:48
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV/crt1SFgN8eo7GxhXvFEWLNp/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MDQxNTMwMThaFw0yNjA4MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDljOThjNjJjZjVjYzNiNmRkMzRhZTc3YzYzNWQxZDdmNWRkNTJmMjc3YmRh
YjQ0NzFjYTEwNTY5ZmE3NGYyMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMOA8Q6WqPJm7jfLeTmy+JCdVBzLc0s6J2nu9m159sG87uilHW9jtcvcv9dh
At3fLx7n5gj7cyy4M96otffdZ/0/kLzQ+csUnmwCc47EiM4nKI/sskw7G3DKauDL
sHwt87gXqve5cLARVLYZ6/RAN6q+i+Hm3bhf8rSgZEVekpa8ls+6IELqyRml030x
5Cm67oEKp+Tr9w1/aJWOwCzfpca6KMv1kwle2AOhfBWK8GvjJ/B/3I8WAyyca+86
d42YDtR+AioRAA5eJXZUT+V95bTlSbhYZrHwPTmTb/5vOepmSex7U1F7VbuHElXM
rIdLzX89FdYmDdwNsVRI5rFUMWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSan6GI
ZNXd8mjVgMha3pe4a8EdsjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjVmMTc1MjAtMmVhMC00YjlhLWEwMWMtMDQzMjk1MjNhNTQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMM9MA0G
CSqGSIb3DQEBCwUAA4IBAQC//UKBHhQhf2KsrLE4u776h77f/+/irx/qrVtCgXPZ
37LRPkO+SlKZhtPfE4AJ4ZN6HoXyD1ZVV01fHPUgfuV7DbFwUTUOXdMt06SYlSl/
vXFkNrC8E/np5/cVx6FIUyOXwVusonNOhlhnDGdkeLTBFaf2uGnvafoNYQkGwvj1
Rd0hSYZZxHY7Zu3FfFkOP2kP4qSGa9ApKHfhQzQoWaHHkYvGwxqW5ew9/yl+4evb
m2stgltmeJJZh19P6HMrIE9eCckIagOHhK6pXIE3XCFi42q1OA+WUn5gMUKoHoFv
hUkJiblupTfg+csV8+Kl/eOZsBF6+D+/OIzraArSwH1I
-----END CERTIFICATE-----
Generated at Wed May 13 01:05:23 2026 by rpki-client