Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
File: 0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa (raw, json)
Hash identifier: qB6TnWWe5vx3uQLscwpc+4uDCsuIMZ8zyjz9H5adMss=
Subject key identifier: FC:80:F6:18:3B:2A:1B:E8:72:F7:CF:34:FA:52:7B:C2:ED:42:28:46
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1A2A32AF0457FFB2EA62914FA5C0ABA59F785148
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
Signing time: Fri 06 Feb 2026 00:40:26 +0000
ROA not before: Fri 06 Feb 2026 00:40:26 +0000
ROA not after: Thu 07 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.170.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:2a:32:af:04:57:ff:b2:ea:62:91:4f:a5:c0:ab:a5:9f:78:51:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 6 00:40:26 2026 GMT
Not After : May 7 23:59:59 2026 GMT
Subject: serialNumber=e2f4d82720dff8f74d4fb852a2d25ad3514da24fcf31e18f114bb849b4d7c8e5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:28:61:85:71:66:74:95:f3:30:67:14:b2:
3f:3e:82:d9:d9:72:b4:a9:bd:bd:88:cf:91:ad:b5:
0e:71:19:21:00:ad:c9:b8:5f:27:f1:be:5a:46:09:
81:f5:bc:a1:7c:84:a4:21:27:16:e8:82:ca:5c:f0:
d2:38:67:e6:17:b1:f1:9a:e3:4b:e9:f7:f0:21:05:
db:86:c1:91:8a:cb:03:c0:e8:ca:0a:35:0a:cd:62:
58:1f:cb:5b:1f:3d:ad:fe:4b:9d:8f:be:76:99:69:
57:fc:73:6b:3f:fc:25:60:4e:b0:c4:64:1f:54:fe:
e2:32:7c:85:b7:69:87:0a:df:10:66:4a:9a:9d:02:
ae:38:d9:9b:42:ba:86:e3:3c:f4:4a:16:0a:32:3f:
db:d0:8e:5c:c3:f9:d5:27:e8:78:12:98:d9:66:6e:
53:90:d7:3a:fa:47:91:e9:27:a9:5f:f1:2b:3c:43:
40:6a:cc:88:b6:29:04:e5:9f:0f:52:79:0f:77:46:
04:c6:5c:01:2d:e4:bd:3d:c2:9f:dd:59:37:61:a6:
c7:fb:74:ff:2b:28:13:49:5c:ab:a9:31:2a:07:e9:
13:05:55:09:c8:f7:4b:4d:4b:71:a8:f2:07:3e:f6:
de:30:91:59:e8:b9:ea:43:7b:a4:84:4e:41:50:75:
1d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:80:F6:18:3B:2A:1B:E8:72:F7:CF:34:FA:52:7B:C2:ED:42:28:46
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/0cdce43b-0ed9-46d0-bf13-e6d99a26e097.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.170.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:a7:91:40:1a:bf:d5:50:c7:dc:96:19:b7:2c:9b:3e:82:48:
e2:29:b3:59:aa:2a:4c:d0:37:6b:68:33:2b:93:41:0d:7c:96:
e0:ef:47:e4:56:55:a5:bd:3f:4a:0a:b2:d0:03:64:72:7f:04:
2f:63:22:2b:26:a8:2a:33:a0:5d:1a:9e:a0:df:90:80:02:4d:
4c:51:ce:e0:8f:97:45:f4:53:44:94:5f:e6:c3:8f:25:18:a7:
5e:cd:a7:cf:dc:e9:b4:f9:80:44:2f:6b:8e:4b:cc:40:7c:b8:
53:a8:3f:de:b8:c3:79:9d:9e:0a:b2:f6:c0:33:21:db:78:65:
38:27:06:d3:f5:37:ff:bd:5b:09:8a:ff:9b:95:ec:17:7b:ea:
16:87:38:06:24:13:ed:d5:fe:e6:98:f7:67:b7:c1:cd:c7:98:
29:f4:52:5d:61:07:03:c6:42:34:42:c5:be:bd:89:8b:39:2d:
bb:80:9e:b5:61:d6:da:c6:bb:d3:f5:b3:77:3c:2f:32:c4:fd:
d1:43:74:5c:ec:78:c0:31:6c:7a:2d:20:52:71:8b:ce:52:9a:
54:9f:c0:e7:00:75:9b:63:7c:98:be:11:48:bd:65:db:2b:02:
ea:5e:db:9d:be:be:e2:5c:8c:cb:ec:bc:2b:bb:2b:79:35:1d:
e2:5b:60:35
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGioyrwRX/7LqYpFPpcCrpZ94UUgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMDYwMDQwMjZaFw0yNjA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGUyZjRkODI3MjBkZmY4Zjc0ZDRmYjg1MmEyZDI1YWQzNTE0ZGEyNGZjZjMx
ZTE4ZjExNGJiODQ5YjRkN2M4ZTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcYKGGFcWZ0lfMwZxSyPz6C2dlytKm9vYjPka21DnEZIQCtybhfJ/G+WkYJ
gfW8oXyEpCEnFuiCylzw0jhn5hex8ZrjS+n38CEF24bBkYrLA8Doygo1Cs1iWB/L
Wx89rf5LnY++dplpV/xzaz/8JWBOsMRkH1T+4jJ8hbdphwrfEGZKmp0CrjjZm0K6
huM89EoWCjI/29COXMP51SfoeBKY2WZuU5DXOvpHkeknqV/xKzxDQGrMiLYpBOWf
D1J5D3dGBMZcAS3kvT3Cn91ZN2Gmx/t0/ysoE0lcq6kxKgfpEwVVCcj3S01Lcajy
Bz723jCRWei56kN7pIROQVB1HWECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT8gPYY
Oyob6HL3zzT6UnvC7UIoRjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MGNkY2U0M2ItMGVkOS00NmQwLWJmMTMtZTZkOTlhMjZlMDk3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5qjAN
BgkqhkiG9w0BAQsFAAOCAQEALaeRQBq/1VDH3JYZtyybPoJI4imzWaoqTNA3a2gz
K5NBDXyW4O9H5FZVpb0/Sgqy0ANkcn8EL2MiKyaoKjOgXRqeoN+QgAJNTFHO4I+X
RfRTRJRf5sOPJRinXs2nz9zptPmARC9rjkvMQHy4U6g/3rjDeZ2eCrL2wDMh23hl
OCcG0/U3/71bCYr/m5XsF3vqFoc4BiQT7dX+5pj3Z7fBzceYKfRSXWEHA8ZCNELF
vr2Jizktu4CetWHW2sa70/WzdzwvMsT90UN0XOx4wDFsei0gUnGLzlKaVJ/A5wB1
m2N8mL4RSL1l2ysC6l7bnb6+4lyMy+y8K7sreTUd4ltgNQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:42:25 2026 by rpki-client