Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
File: 1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa (raw, json)
Hash identifier: fHLFeZOygzibEBk9FIN/pMl+eiQg093gzPrIHwNkafM=
Subject key identifier: A4:9E:72:E3:74:9A:DA:B0:10:D9:66:68:39:B8:33:93:18:74:D0:44
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 31A6A02DC699AFA13ACB97D3C621A9DBAE5E99D6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
Signing time: Tue 19 May 2026 06:00:48 +0000
ROA not before: Tue 19 May 2026 06:00:48 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.133.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:a6:a0:2d:c6:99:af:a1:3a:cb:97:d3:c6:21:a9:db:ae:5e:99:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:48 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=af18ce8a68615c3702a004c06403e6e812d83d4932c401845a1129ff6bd068f2, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:7d:8f:70:1b:62:fe:9c:69:e3:2e:90:92:37:
47:94:e9:8c:2d:7a:50:a3:c9:ed:98:89:67:e7:ea:
d6:a3:b7:3e:75:6d:18:89:f8:71:da:44:95:04:45:
2a:71:51:10:36:15:96:64:a7:44:b7:aa:34:b3:7d:
ce:8b:a9:99:79:25:6c:e9:d0:01:13:3a:e2:96:44:
27:c0:72:08:5a:00:95:ce:be:13:1d:ad:bd:05:f4:
43:38:b0:ea:b2:5f:52:63:93:6d:16:1d:8b:9f:52:
64:cc:97:6d:0b:c0:c5:b8:16:51:a4:83:2b:d6:15:
ad:14:c9:29:3a:61:a7:6d:17:d4:4a:2a:f1:0f:45:
ac:12:f5:58:3b:3d:93:de:27:c0:78:49:6e:a3:7b:
51:ea:75:c3:21:49:3e:2b:bf:66:7a:3c:cb:f5:21:
34:91:b4:82:80:d3:c5:ae:73:1e:85:1d:df:c0:bc:
63:dd:70:c2:79:aa:ea:0c:70:5b:72:10:ee:30:88:
d0:d3:b5:bc:22:06:3a:34:b0:da:6c:8c:db:1c:94:
65:f2:5c:a1:8e:5f:89:8e:8d:3f:73:73:a4:d7:b4:
90:a3:fb:91:ea:ae:c4:90:05:3d:9b:b1:26:88:4e:
78:15:4d:c5:05:18:2d:ae:39:4c:ad:46:62:6b:e8:
ce:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9E:72:E3:74:9A:DA:B0:10:D9:66:68:39:B8:33:93:18:74:D0:44
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e868e55-b1b6-47f2-b1d2-6daf64461ffc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.133.0.0/16
Signature Algorithm: sha256WithRSAEncryption
66:7e:d6:2c:ef:d8:c2:f5:56:08:9b:33:ec:d9:4e:f1:8d:81:
e2:74:8c:d3:1a:e7:eb:86:43:36:93:4a:2b:53:3e:0a:8c:3a:
dc:97:fd:a1:3b:2c:e8:26:28:6c:49:df:19:cf:a5:6e:cc:26:
75:0a:f8:15:a8:99:4f:33:23:fd:98:87:0d:ff:09:ee:e9:b8:
64:47:ed:37:9c:9a:48:a3:62:ae:cf:46:fe:72:67:c1:fe:b8:
49:99:a4:b8:c1:dc:de:3f:b8:f0:12:66:3d:18:6a:60:cd:8b:
d8:24:52:ea:70:b9:c1:7d:f5:87:ff:f5:6b:ba:9d:35:03:e9:
63:bb:66:5f:51:c4:ae:70:fb:03:6f:c8:07:31:06:9d:3b:d1:
7e:ef:3d:e4:ca:4d:c6:94:de:88:56:5d:87:e6:d0:82:24:01:
8b:b1:61:8f:62:d0:7a:f6:01:34:f8:eb:37:2a:70:ac:ad:3d:
56:85:5d:4e:42:ff:57:6b:52:88:4b:0d:0a:03:51:a7:55:99:
a4:ef:cc:4d:b1:33:a5:14:57:ac:18:cb:fb:3b:58:1a:10:ae:
19:51:fe:74:fd:b1:03:73:50:3a:44:1b:03:67:57:fc:42:4b:
c5:c1:f6:11:7b:c7:9b:05:cc:a0:37:ee:f4:1d:5a:f0:f1:aa:
15:12:6e:cf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMaagLcaZr6E6y5fTxiGp265emdYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwNDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGFmMThjZThhNjg2MTVjMzcwMmEwMDRjMDY0MDNlNmU4MTJkODNkNDkzMmM0
MDE4NDVhMTEyOWZmNmJkMDY4ZjIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJN9j3AbYv6caeMukJI3R5TpjC16UKPJ7ZiJZ+fq1qO3PnVtGIn4cdpElQRF
KnFREDYVlmSnRLeqNLN9zoupmXklbOnQARM64pZEJ8ByCFoAlc6+Ex2tvQX0Qziw
6rJfUmOTbRYdi59SZMyXbQvAxbgWUaSDK9YVrRTJKTphp20X1Eoq8Q9FrBL1WDs9
k94nwHhJbqN7Uep1wyFJPiu/Zno8y/UhNJG0goDTxa5zHoUd38C8Y91wwnmq6gxw
W3IQ7jCI0NO1vCIGOjSw2myM2xyUZfJcoY5fiY6NP3NzpNe0kKP7kequxJAFPZux
JohOeBVNxQUYLa45TK1GYmvozkcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSknnLj
dJrasBDZZmg5uDOTGHTQRDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU4NjhlNTUtYjFiNi00N2YyLWIxZDItNmRhZjY0NDYxZmZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMKFMA0G
CSqGSIb3DQEBCwUAA4IBAQBmftYs79jC9VYImzPs2U7xjYHidIzTGufrhkM2k0or
Uz4KjDrcl/2hOyzoJihsSd8Zz6VuzCZ1CvgVqJlPMyP9mIcN/wnu6bhkR+03nJpI
o2Kuz0b+cmfB/rhJmaS4wdzeP7jwEmY9GGpgzYvYJFLqcLnBffWH//Vrup01A+lj
u2ZfUcSucPsDb8gHMQadO9F+7z3kyk3GlN6IVl2H5tCCJAGLsWGPYtB69gE0+Os3
KnCsrT1WhV1OQv9Xa1KISw0KA1GnVZmk78xNsTOlFFesGMv7O1gaEK4ZUf50/bED
c1A6RBsDZ1f8QkvFwfYRe8ebBcygN+70HVrw8aoVEm7P
-----END CERTIFICATE-----
Generated at Sat Jun 13 11:33:34 2026 by rpki-client