Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
File: 16337db0-8420-40f0-982b-9d50c20f4e08.roa (raw, json)
Hash identifier: OIjsFLGWtHmmluG1eAgDKTFS6FMwTizEEhOj3ESqIwE=
Subject key identifier: 68:70:15:06:00:89:44:4C:25:48:81:D1:5D:09:2E:04:6F:19:9A:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6F6BB47EBD7D920DF7D0E1815BB5C66CBB3B23B5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
Signing time: Tue 19 May 2026 06:00:29 +0000
ROA not before: Tue 19 May 2026 06:00:29 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.254.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:6b:b4:7e:bd:7d:92:0d:f7:d0:e1:81:5b:b5:c6:6c:bb:3b:23:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:29 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=eb9c37f722918cbad47926822e93662a217baa9358643d26493d83fc23e4a44c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f4:b1:6c:b8:bf:d0:18:fc:70:ad:ef:3b:cd:
44:b6:6c:ad:24:c9:73:9b:6c:1e:79:7c:60:5b:34:
ca:f9:b4:b3:15:f6:ef:f1:29:0e:06:30:5e:b2:97:
88:93:23:f2:2d:cc:a1:6e:da:d5:85:4d:5d:45:d7:
4b:42:d6:9d:06:66:00:f1:eb:88:50:09:d6:58:0e:
2c:62:b6:be:bf:9e:ec:ff:82:75:d1:49:0e:49:01:
35:86:50:9f:ad:af:58:36:b5:e2:d3:e5:c5:3c:9a:
9a:b1:52:ca:49:a6:3c:a6:86:7d:62:38:ee:32:ab:
bd:22:84:54:ed:d6:de:83:a9:d6:79:29:57:27:0e:
3a:8c:63:5f:b9:24:09:8f:be:0a:e6:5f:6c:d7:e4:
17:4c:e3:97:08:56:f3:d9:c5:9c:80:18:4e:65:07:
98:a9:96:9f:46:17:d3:f9:a5:63:a2:11:4e:37:37:
56:28:4d:7a:74:0f:98:44:df:26:c2:72:8b:1e:44:
ba:a9:15:b3:13:ff:ac:9b:0d:e4:35:d5:df:b9:eb:
46:2c:39:12:95:f2:4f:fe:4a:6c:8a:b8:84:04:41:
c3:25:01:20:2d:1d:0a:42:45:30:d6:76:b2:f8:f0:
04:b2:55:14:65:4b:b9:0e:cd:0e:92:2c:cd:c3:c8:
e2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:70:15:06:00:89:44:4C:25:48:81:D1:5D:09:2E:04:6F:19:9A:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16337db0-8420-40f0-982b-9d50c20f4e08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.254.0/23
Signature Algorithm: sha256WithRSAEncryption
84:8d:4d:d1:67:e8:2e:e1:dc:5b:2d:b1:75:5b:da:59:ae:6d:
b2:2d:ae:02:5b:03:b0:2b:b2:f2:0d:aa:b1:a1:dd:c4:fa:a8:
a1:d8:0d:39:01:a6:a0:b0:dc:cf:65:89:f1:23:71:27:d5:7b:
35:85:7d:e7:d1:04:37:6a:42:90:01:3b:1b:d9:b8:0e:e6:64:
6e:cd:44:31:fc:c4:8f:fe:d3:04:a7:6e:87:24:81:83:a4:54:
7d:33:4c:25:c5:41:14:b3:0b:3e:ff:cd:f1:f7:77:70:e3:dd:
fd:f6:9f:3d:6d:89:ed:d7:b9:46:18:fb:fe:a1:e2:b7:8c:95:
52:9e:41:05:35:32:9d:32:15:fb:39:c8:e2:cf:fb:75:27:71:
e9:f2:7a:9d:88:1a:26:4a:fa:58:b5:a6:5d:63:c7:43:49:4f:
9e:1f:1b:0f:e8:18:89:6e:47:d0:a1:2c:c2:2c:c5:59:01:f7:
67:15:30:ab:a8:93:88:79:1d:fb:41:99:53:fe:38:64:1a:c4:
bf:8b:13:97:e9:6f:3e:b4:d0:93:98:68:95:a6:06:a0:4b:ee:
86:20:7a:47:57:ca:45:14:5f:fd:ef:0d:2d:a1:ac:de:a7:74:
46:b1:63:46:c0:c4:a0:01:24:62:3f:ef:3a:75:9f:c2:66:0f:
4c:e4:1b:73
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUb2u0fr19kg330OGBW7XGbLs7I7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMjlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGViOWMzN2Y3MjI5MThjYmFkNDc5MjY4MjJlOTM2NjJhMjE3YmFhOTM1ODY0
M2QyNjQ5M2Q4M2ZjMjNlNGE0NGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/0sWy4v9AY/HCt7zvNRLZsrSTJc5tsHnl8YFs0yvm0sxX27/EpDgYwXrKX
iJMj8i3MoW7a1YVNXUXXS0LWnQZmAPHriFAJ1lgOLGK2vr+e7P+CddFJDkkBNYZQ
n62vWDa14tPlxTyamrFSykmmPKaGfWI47jKrvSKEVO3W3oOp1nkpVycOOoxjX7kk
CY++CuZfbNfkF0zjlwhW89nFnIAYTmUHmKmWn0YX0/mlY6IRTjc3VihNenQPmETf
JsJyix5EuqkVsxP/rJsN5DXV37nrRiw5EpXyT/5KbIq4hARBwyUBIC0dCkJFMNZ2
svjwBLJVFGVLuQ7NDpIszcPI4t0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRocBUG
AIlETCVIgdFdCS4EbxmahTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTYzMzdkYjAtODQyMC00MGYwLTk4MmItOWQ1MGMyMGY0ZTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5/jAN
BgkqhkiG9w0BAQsFAAOCAQEAhI1N0WfoLuHcWy2xdVvaWa5tsi2uAlsDsCuy8g2q
saHdxPqoodgNOQGmoLDcz2WJ8SNxJ9V7NYV959EEN2pCkAE7G9m4DuZkbs1EMfzE
j/7TBKduhySBg6RUfTNMJcVBFLMLPv/N8fd3cOPd/fafPW2J7de5Rhj7/qHit4yV
Up5BBTUynTIV+znI4s/7dSdx6fJ6nYgaJkr6WLWmXWPHQ0lPnh8bD+gYiW5H0KEs
wizFWQH3ZxUwq6iTiHkd+0GZU/44ZBrEv4sTl+lvPrTQk5holaYGoEvuhiB6R1fK
RRRf/e8NLaGs3qd0RrFjRsDEoAEkYj/vOnWfwmYPTOQbcw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 12:43:06 2026 by rpki-client