Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: Y/HM3icD64nJE8k1Iqy7eeYEbOXTWM02wxBXVN4F0ms=
Subject key identifier: 44:DC:1C:0E:9A:4A:34:55:40:D1:CE:D3:3C:CD:52:2A:F9:0F:3E:32
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E222AB371C5176AB5A0205BDAFFD9DD5FAA1BF1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Sat 28 Feb 2026 06:40:34 +0000
ROA not before: Sat 28 Feb 2026 06:40:34 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:22:2a:b3:71:c5:17:6a:b5:a0:20:5b:da:ff:d9:dd:5f:aa:1b:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:34 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=74c78ec30f57c6c94d698f55ad26be7680dc4ab6013d3eaa6ae5d2ff70462ed6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:f6:40:7e:82:0d:6f:f1:98:e8:c1:c1:ff:
8f:68:56:d0:1e:e6:84:83:4c:68:78:03:18:2e:bc:
70:c4:19:1f:91:f4:0a:fc:0d:02:90:bd:fb:72:60:
ad:0b:fb:d5:23:56:c5:b1:06:18:fe:be:e3:7a:1d:
35:8d:ad:c1:d2:92:da:2e:d8:60:af:04:8a:08:c0:
57:32:56:9d:7d:bd:77:dc:ff:f7:9f:53:16:9e:a1:
b4:f7:73:63:3b:33:7c:f5:a3:cf:da:93:cc:e9:0b:
3d:56:6a:6a:d2:0c:cb:ae:11:05:e0:8b:24:5e:da:
fb:2c:24:94:32:27:8d:c4:37:45:f0:49:8a:f5:7b:
88:2c:27:87:6b:b4:cc:ac:9b:0d:3c:b0:a8:b9:67:
5c:f5:d2:bb:cd:ee:49:55:fa:24:fc:81:c2:58:ba:
b6:4f:5e:22:fb:83:9a:ae:ac:f1:2a:25:e6:28:f9:
99:17:c8:dc:f4:dc:fc:a2:a2:50:c2:8f:b9:7e:c6:
bd:21:44:9a:d5:72:81:71:53:a8:ba:4b:e8:e9:46:
f2:64:86:be:ab:72:da:db:50:76:76:a7:59:45:7b:
3d:72:a9:c1:3f:50:21:fe:4e:e4:17:5d:2b:b6:94:
b2:8f:6c:85:c4:95:2a:ce:26:1b:20:29:ce:d1:07:
9d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DC:1C:0E:9A:4A:34:55:40:D1:CE:D3:3C:CD:52:2A:F9:0F:3E:32
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
61:7e:b4:5c:d8:54:51:22:50:98:5d:52:c7:5e:e8:e2:07:f3:
54:78:87:b6:5b:91:d4:95:eb:bf:e8:2a:da:a1:3d:81:f6:8d:
e0:4d:b9:90:9f:d9:4e:cc:8c:d7:e0:5d:f4:16:81:b9:5f:dc:
58:5c:ab:0f:db:fc:f6:3f:a8:84:46:a6:73:a1:80:45:d0:eb:
cc:03:f9:bd:9f:a8:23:fe:c7:38:d1:a8:7d:2a:d0:b5:82:a4:
ec:f6:74:a3:a7:72:0f:e0:12:74:60:a4:44:81:22:c2:c5:e6:
cc:a0:b9:54:b1:71:02:46:d7:1a:7e:67:2c:9a:30:98:f5:92:
71:1e:d4:12:50:5b:bd:f8:2f:1c:de:21:64:b9:cc:76:8e:f2:
ba:45:16:1f:33:2e:09:f8:78:1d:a1:6c:3b:04:e2:4c:a7:bf:
9e:a4:83:e6:95:81:b9:18:0e:a8:cd:3c:ef:fd:ce:6a:2f:d1:
62:2f:99:76:08:e7:39:97:82:5f:63:80:39:01:5f:78:15:0d:
e3:a3:6a:b1:a3:a8:4b:24:fc:dd:2d:f3:6d:10:35:86:a0:ab:
4c:90:a9:41:f3:8c:92:d0:7a:cd:37:3a:22:77:ab:35:90:95:
9e:80:a8:d7:cb:e0:85:ec:33:1a:d0:b9:cb:cb:c9:dc:da:bd:
ed:dc:eb:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUPiIqs3HFF2q1oCBb2v/Z3V+qG/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDc0Yzc4ZWMzMGY1N2M2Yzk0ZDY5OGY1NWFkMjZiZTc2ODBkYzRhYjYwMTNk
M2VhYTZhZTVkMmZmNzA0NjJlZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJn9kB+gg1v8ZjowcH/j2hW0B7mhINMaHgDGC68cMQZH5H0CvwNApC9+3Jg
rQv71SNWxbEGGP6+43odNY2twdKS2i7YYK8EigjAVzJWnX29d9z/959TFp6htPdz
YzszfPWjz9qTzOkLPVZqatIMy64RBeCLJF7a+ywklDInjcQ3RfBJivV7iCwnh2u0
zKybDTywqLlnXPXSu83uSVX6JPyBwli6tk9eIvuDmq6s8Sol5ij5mRfI3PTc/KKi
UMKPuX7GvSFEmtVygXFTqLpL6OlG8mSGvqty2ttQdnanWUV7PXKpwT9QIf5O5Bdd
K7aUso9shcSVKs4mGyApztEHnfMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRE3BwO
mko0VUDRztM8zVIq+Q8+MjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAYX60XNhUUSJQmF1Sx17o4gfzVHiHtluR1JXrv+gq
2qE9gfaN4E25kJ/ZTsyM1+Bd9BaBuV/cWFyrD9v89j+ohEamc6GARdDrzAP5vZ+o
I/7HONGofSrQtYKk7PZ0o6dyD+ASdGCkRIEiwsXmzKC5VLFxAkbXGn5nLJowmPWS
cR7UElBbvfgvHN4hZLnMdo7yukUWHzMuCfh4HaFsOwTiTKe/nqSD5pWBuRgOqM08
7/3Oai/RYi+ZdgjnOZeCX2OAOQFfeBUN46NqsaOoSyT83S3zbRA1hqCrTJCpQfOM
ktB6zTc6InerNZCVnoCo18vghewzGtC5y8vJ3Nq97dzrcw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:42 2026 by rpki-client