Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: +JsAnHpf/YABFVAACwVk9wwqkykJnWRRSMvZnjvNQKQ=
Subject key identifier: 6B:AF:E6:60:97:2B:AC:5E:70:F1:E7:35:CB:50:C6:D4:17:DF:00:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37B600626D99B2BA4CDD0DD93B2C5105DBCD1FC2
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Sat 28 Feb 2026 06:40:03 +0000
ROA not before: Sat 28 Feb 2026 06:40:03 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:b6:00:62:6d:99:b2:ba:4c:dd:0d:d9:3b:2c:51:05:db:cd:1f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:03 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c11be3bd5ceb9b97ac6f9724b47c2d92c7fad5193ed1be4faf228c9aadd7dfdb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:38:b3:76:6d:c4:55:08:85:55:99:06:2d:49:
34:1f:19:62:9c:4b:2e:57:8a:30:e9:fe:40:17:2e:
fa:62:65:93:69:d1:47:ee:a9:0b:7a:cf:2c:5a:e6:
15:69:ff:30:bc:75:b9:2a:3d:e5:ad:71:09:c6:23:
7f:f6:e7:e5:6e:dc:f5:c6:02:97:8b:3c:ec:07:95:
cb:0d:12:0e:20:fe:dd:f8:3b:16:30:ac:f2:a7:e1:
5e:df:9c:85:c6:dc:3a:09:23:98:6d:fe:83:d4:08:
27:a0:05:7d:f2:a6:e4:31:44:8e:9e:81:20:ed:53:
9b:1f:c1:31:90:45:79:18:9c:7e:23:03:68:d0:8e:
e7:e8:1c:d5:e1:7b:05:2c:04:9a:b1:1a:1f:ad:6b:
8f:4c:91:70:a3:a9:bd:6f:0e:30:a4:4d:8f:9c:0d:
f5:51:8e:99:22:16:b6:1f:f6:6a:c2:77:ee:83:e1:
e0:2b:c9:f7:60:02:9f:39:7c:20:dc:7d:5f:2c:e7:
ba:2f:3e:6f:ec:2f:2e:b6:9e:89:88:20:79:53:2e:
3f:91:09:f0:39:ad:0e:25:04:14:fb:bf:d1:bd:68:
f2:d7:d8:94:1b:00:62:38:98:c8:94:fe:f5:5c:a0:
05:11:2b:10:d9:73:96:09:42:80:4b:90:2c:29:a0:
2f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:AF:E6:60:97:2B:AC:5E:70:F1:E7:35:CB:50:C6:D4:17:DF:00:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6a:13:9c:f6:64:02:eb:0d:11:43:06:45:94:82:52:dc:b1:86:
21:57:8d:ec:16:47:a9:e5:ce:8e:78:a0:9e:2f:99:85:6a:8c:
f2:4b:74:ab:e5:f0:ab:8d:9c:74:bc:98:ac:b9:46:59:4c:b8:
fe:14:93:b5:4d:71:81:8b:4f:87:48:e4:4a:a6:89:a4:ad:72:
16:48:5a:ed:4d:47:63:d8:0f:7a:64:2f:6d:0c:70:07:b6:de:
72:be:e5:a6:f6:c7:f3:15:77:2e:51:bb:ff:4e:f5:5a:17:c6:
e5:07:2a:ed:a3:cf:ae:df:bd:16:8c:83:7a:9f:a7:37:13:17:
01:7b:a9:2c:29:a7:31:9c:ae:f5:02:6b:67:5d:42:d9:ab:2d:
23:b8:a4:6c:d3:fb:36:17:5c:8c:43:84:2b:94:e2:eb:f9:97:
2e:a0:39:a0:e8:92:d1:3c:88:2f:55:7d:42:9f:0d:c5:6e:da:
53:80:aa:f5:f8:ac:10:3e:e6:78:f5:09:55:00:97:b5:13:98:
36:0d:de:a6:c9:c4:65:42:cd:0b:d4:22:76:47:7b:59:71:60:
97:0b:85:36:6f:a5:13:7a:af:73:02:4e:c9:5f:3e:b3:90:24:
d6:71:ba:89:19:b3:59:b1:15:bd:8d:b2:48:d9:0c:52:dc:b8:
83:93:a2:36
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN7YAYm2ZsrpM3Q3ZOyxRBdvNH8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDNaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMWJlM2JkNWNlYjliOTdhYzZmOTcyNGI0N2MyZDkyYzdmYWQ1MTkzZWQx
YmU0ZmFmMjI4YzlhYWRkN2RmZGIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKI4s3ZtxFUIhVWZBi1JNB8ZYpxLLleKMOn+QBcu+mJlk2nRR+6pC3rPLFrm
FWn/MLx1uSo95a1xCcYjf/bn5W7c9cYCl4s87AeVyw0SDiD+3fg7FjCs8qfhXt+c
hcbcOgkjmG3+g9QIJ6AFffKm5DFEjp6BIO1Tmx/BMZBFeRicfiMDaNCO5+gc1eF7
BSwEmrEaH61rj0yRcKOpvW8OMKRNj5wN9VGOmSIWth/2asJ37oPh4CvJ92ACnzl8
INx9Xyznui8+b+wvLraeiYggeVMuP5EJ8DmtDiUEFPu/0b1o8tfYlBsAYjiYyJT+
9VygBRErENlzlglCgEuQLCmgL7sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRrr+Zg
lyusXnDx5zXLUMbUF98AoDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQBqE5z2ZALrDRFDBkWUglLcsYYhV43sFkep5c6OeKCe
L5mFaozyS3Sr5fCrjZx0vJisuUZZTLj+FJO1TXGBi0+HSORKpomkrXIWSFrtTUdj
2A96ZC9tDHAHtt5yvuWm9sfzFXcuUbv/TvVaF8blByrto8+u370WjIN6n6c3ExcB
e6ksKacxnK71AmtnXULZqy0juKRs0/s2F1yMQ4QrlOLr+ZcuoDmg6JLRPIgvVX1C
nw3FbtpTgKr1+KwQPuZ49QlVAJe1E5g2Dd6mycRlQs0L1CJ2R3tZcWCXC4U2b6UT
eq9zAk7JXz6zkCTWcbqJGbNZsRW9jbJI2QxS3LiDk6I2
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:54:03 2026 by rpki-client