Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
File: 157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa (raw, json)
Hash identifier: n7+NJnqXYiKu2kF/4V9K19fB/CwSES71DNSaoaW3Y1o=
Subject key identifier: DB:F5:CE:45:70:55:5F:FF:9F:54:97:40:76:47:63:E4:90:50:A2:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7465AD6AB30FA164BD1576FACA89901BFEA4C4DF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
Signing time: Fri 13 Feb 2026 15:30:39 +0000
ROA not before: Fri 13 Feb 2026 15:30:39 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 80.203.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:65:ad:6a:b3:0f:a1:64:bd:15:76:fa:ca:89:90:1b:fe:a4:c4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:39 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=294c77b9062f9f4f4606ddc0212db09b54a3df87fd497d3557dbf8b1df79e2fc, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:43:df:eb:bb:5c:b0:74:65:63:d1:a9:65:d1:
b2:7b:a1:4e:6b:1e:06:a1:c6:cc:6f:43:73:43:37:
30:eb:cc:0a:95:83:3d:7c:b3:ea:1d:dd:41:81:5a:
9a:36:13:63:a3:6c:97:69:5a:3a:b6:ac:09:38:1a:
ce:a7:e8:4b:6a:95:cc:1e:cd:19:c9:81:1f:bd:c6:
46:c4:8a:49:19:ea:a0:30:41:0a:0f:65:2c:6b:f9:
1b:78:92:29:9a:fb:3e:8a:9c:9d:84:f8:02:bc:bf:
10:05:20:70:8a:47:cb:34:84:00:4d:a6:a9:56:92:
08:9f:82:49:93:2f:32:bf:39:c7:a8:6a:5b:d0:bf:
3e:43:91:d0:25:fb:c5:8c:c1:08:86:38:84:ee:4d:
89:ee:ed:5c:c6:a8:45:3a:ed:ba:a1:6d:1d:cc:52:
d3:89:2b:23:64:a8:71:da:ea:e7:e9:6b:ad:a6:3f:
cc:e7:bf:4e:4a:5c:a7:3d:47:b3:96:20:25:cb:ca:
e1:f7:ac:fb:a4:33:76:58:95:e4:4a:a0:e7:4f:5c:
86:fd:74:df:e9:de:78:8b:f8:20:89:a9:f6:67:55:
30:bd:c1:56:df:91:74:10:91:a7:b5:98:3d:be:51:
9f:c8:89:07:90:d3:91:a2:17:ac:32:f4:7e:f8:cf:
e4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F5:CE:45:70:55:5F:FF:9F:54:97:40:76:47:63:E4:90:50:A2:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/157e5e79-2e0b-4b8f-adb2-fd57f3d28ab6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.203.128.0/17
Signature Algorithm: sha256WithRSAEncryption
c3:d0:60:94:4e:c1:60:7a:be:1b:a9:1b:9e:60:94:f1:48:b1:
0b:8e:e0:ef:43:95:1b:82:44:13:ab:88:84:17:cb:92:e2:2b:
81:80:57:fa:99:44:9c:71:68:68:80:9c:04:ff:55:08:84:5c:
3d:2a:6f:6e:0f:e4:0b:45:7a:97:a3:92:d8:3b:cb:c9:d6:23:
88:37:4f:9a:aa:c6:4b:6a:67:ca:16:09:05:6f:22:d9:57:8d:
14:4b:bb:2b:fc:c3:f6:08:31:6b:62:55:cc:ff:18:28:65:90:
00:77:d4:8c:62:a2:98:c0:7c:2b:97:1b:4e:14:d6:52:8f:31:
96:2d:3a:5c:ed:23:6f:4d:23:c6:07:76:ed:65:9a:8c:50:87:
43:02:47:52:f8:6e:ae:a5:e4:dd:0c:c1:b5:0c:66:f0:d1:7f:
91:21:a6:e6:40:f0:ea:50:59:53:ea:94:ba:f4:12:97:b5:5c:
6d:11:46:40:25:e0:56:c2:e8:c3:fd:bd:de:af:fe:bd:ab:c9:
1f:1e:36:1b:10:73:bd:23:86:b6:e2:87:e7:17:72:54:8d:3c:
c4:43:09:36:47:7d:4b:cf:6b:70:c2:16:2d:98:8e:1f:e9:12:
d6:99:e8:5f:2e:0f:03:06:a7:15:fa:e5:0d:40:41:64:e4:be:
a5:f2:6b:02
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUdGWtarMPoWS9FXb6yomQG/6kxN8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMzlaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDI5NGM3N2I5MDYyZjlmNGY0NjA2ZGRjMDIxMmRiMDliNTRhM2RmODdmZDQ5
N2QzNTU3ZGJmOGIxZGY3OWUyZmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALND3+u7XLB0ZWPRqWXRsnuhTmseBqHGzG9Dc0M3MOvMCpWDPXyz6h3dQYFa
mjYTY6Nsl2laOrasCTgazqfoS2qVzB7NGcmBH73GRsSKSRnqoDBBCg9lLGv5G3iS
KZr7PoqcnYT4Ary/EAUgcIpHyzSEAE2mqVaSCJ+CSZMvMr85x6hqW9C/PkOR0CX7
xYzBCIY4hO5Nie7tXMaoRTrtuqFtHcxS04krI2Socdrq5+lrraY/zOe/Tkpcpz1H
s5YgJcvK4fes+6QzdliV5Eqg509chv103+neeIv4IImp9mdVML3BVt+RdBCRp7WY
Pb5Rn8iJB5DTkaIXrDL0fvjP5MkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTb9c5F
cFVf/59Ul0B2R2PkkFCiyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTU3ZTVlNzktMmUwYi00YjhmLWFkYjItZmQ1N2YzZDI4YWI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1DLgDAN
BgkqhkiG9w0BAQsFAAOCAQEAw9BglE7BYHq+G6kbnmCU8UixC47g70OVG4JEE6uI
hBfLkuIrgYBX+plEnHFoaICcBP9VCIRcPSpvbg/kC0V6l6OS2DvLydYjiDdPmqrG
S2pnyhYJBW8i2VeNFEu7K/zD9ggxa2JVzP8YKGWQAHfUjGKimMB8K5cbThTWUo8x
li06XO0jb00jxgd27WWajFCHQwJHUvhurqXk3QzBtQxm8NF/kSGm5kDw6lBZU+qU
uvQSl7VcbRFGQCXgVsLow/293q/+vavJHx42GxBzvSOGtuKH5xdyVI08xEMJNkd9
S89rcMIWLZiOH+kS1pnoXy4PAwanFfrlDUBBZOS+pfJrAg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:40 2026 by rpki-client