Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
File: 1e935d64-1d66-4e52-ada3-30f1ed26d564.roa (raw, json)
Hash identifier: A5kdv7qmM2EaNgE9WU7lmivrmS59lH1ABn9NkML26N4=
Subject key identifier: FE:2D:60:66:07:8A:BB:9E:0F:06:BD:55:D4:AA:91:BC:AF:7A:BB:22
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 14D72767562143C9EE1E9F1F88F381CD0150AFF4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
Signing time: Sat 28 Feb 2026 06:30:59 +0000
ROA not before: Sat 28 Feb 2026 06:30:59 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 145.17.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:d7:27:67:56:21:43:c9:ee:1e:9f:1f:88:f3:81:cd:01:50:af:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:59 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=14cc4a15a0b6fc84e76b185e2f40915b57003e6209a0e41523f2446c1e1a592b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:76:26:51:e1:0f:d6:c2:ae:03:69:9b:41:55:
b7:02:23:3a:17:36:10:0c:5d:18:08:93:17:72:39:
e7:2d:cf:6a:ef:9f:da:7a:31:52:41:91:37:c0:4c:
8f:07:96:ac:68:6d:b5:d5:f7:fe:4a:fe:16:89:d4:
c9:2c:0b:32:04:87:f9:9d:f0:0e:a2:ce:61:cb:47:
c1:d2:af:f1:c7:d8:5f:74:51:5a:91:97:a6:0f:39:
6b:04:0f:dc:cb:fd:e7:7c:17:cf:18:8d:47:8c:59:
25:c8:22:87:ef:61:31:82:68:fb:ab:53:f3:44:41:
e7:db:a6:20:f9:9a:21:94:04:46:77:66:2f:70:a2:
2a:0c:8e:80:af:58:2b:1f:ad:c3:ec:34:40:44:cf:
68:50:a1:ce:5b:92:2e:8d:70:a9:36:e7:e6:4c:14:
8e:75:e4:4b:0e:43:a4:d0:87:94:b6:43:96:ac:43:
a7:f8:09:c2:e2:76:20:88:a0:5a:fe:fe:ee:3e:84:
e8:aa:69:ef:63:ec:3c:c7:75:a6:60:53:7d:2e:0a:
e8:c8:25:f4:0d:ac:54:85:7d:17:d8:59:ed:46:33:
2a:5d:9b:4f:64:b9:cf:71:ab:fb:1a:0f:35:5e:62:
f6:61:b9:98:75:ac:f5:fd:d0:31:d1:97:a4:2e:74:
81:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:2D:60:66:07:8A:BB:9E:0F:06:BD:55:D4:AA:91:BC:AF:7A:BB:22
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1e935d64-1d66-4e52-ada3-30f1ed26d564.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.17.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d4:fc:d9:a5:ab:1b:ec:5d:c8:73:a7:7f:75:b5:ea:e1:8d:89:
73:ae:c9:29:dd:2b:37:de:e0:ae:ef:53:a4:c2:f3:5a:9d:24:
10:25:05:13:8e:25:36:48:02:86:50:f5:9f:9c:bd:d9:ca:7d:
6b:fd:b7:2d:85:e2:10:87:56:80:29:3e:60:59:c0:f6:ff:fa:
e4:8c:67:4e:bd:84:bd:c3:66:83:cb:83:c3:32:0b:81:c4:7e:
2e:3a:71:89:89:28:a4:2c:32:1c:3d:95:df:fa:b7:28:af:94:
ec:56:bf:4d:21:09:2f:46:42:51:4f:d0:bf:70:88:44:40:4d:
a6:5f:7c:17:f0:a3:9f:d5:af:5e:09:03:33:61:90:44:3b:f0:
d4:ca:12:d5:a2:b4:87:43:27:a4:b5:79:1f:f6:32:85:c9:0d:
22:f6:b7:ff:95:90:c9:11:eb:e2:86:f8:2d:5a:f8:22:ed:53:
3d:a3:ff:e0:03:f8:49:13:51:d8:0c:e9:8e:9d:7c:07:34:37:
2e:f6:34:86:82:f7:d7:42:82:49:ff:bc:60:7a:c2:c3:69:f7:
09:c2:d2:ba:bd:cd:e9:de:1e:2e:32:ea:47:64:cb:80:07:97:
d1:95:e8:f1:b5:51:df:63:c2:20:b3:06:b9:5b:4c:a4:f8:96:
6a:7a:1e:79
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFNcnZ1YhQ8nuHp8fiPOBzQFQr/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDE0Y2M0YTE1YTBiNmZjODRlNzZiMTg1ZTJmNDA5MTViNTcwMDNlNjIwOWEw
ZTQxNTIzZjI0NDZjMWUxYTU5MmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKl2JlHhD9bCrgNpm0FVtwIjOhc2EAxdGAiTF3I55y3Pau+f2noxUkGRN8BM
jweWrGhttdX3/kr+FonUySwLMgSH+Z3wDqLOYctHwdKv8cfYX3RRWpGXpg85awQP
3Mv953wXzxiNR4xZJcgih+9hMYJo+6tT80RB59umIPmaIZQERndmL3CiKgyOgK9Y
Kx+tw+w0QETPaFChzluSLo1wqTbn5kwUjnXkSw5DpNCHlLZDlqxDp/gJwuJ2IIig
Wv7+7j6E6Kpp72PsPMd1pmBTfS4K6Mgl9A2sVIV9F9hZ7UYzKl2bT2S5z3Gr+xoP
NV5i9mG5mHWs9f3QMdGXpC50gbECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT+LWBm
B4q7ng8GvVXUqpG8r3q7IjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWU5MzVkNjQtMWQ2Ni00ZTUyLWFkYTMtMzBmMWVkMjZkNTY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJERMA0G
CSqGSIb3DQEBCwUAA4IBAQDU/NmlqxvsXchzp391terhjYlzrskp3Ss33uCu71Ok
wvNanSQQJQUTjiU2SAKGUPWfnL3Zyn1r/bctheIQh1aAKT5gWcD2//rkjGdOvYS9
w2aDy4PDMguBxH4uOnGJiSikLDIcPZXf+rcor5TsVr9NIQkvRkJRT9C/cIhEQE2m
X3wX8KOf1a9eCQMzYZBEO/DUyhLVorSHQyektXkf9jKFyQ0i9rf/lZDJEevihvgt
Wvgi7VM9o//gA/hJE1HYDOmOnXwHNDcu9jSGgvfXQoJJ/7xgesLDafcJwtK6vc3p
3h4uMupHZMuAB5fRlejxtVHfY8Igswa5W0yk+JZqeh55
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:44:52 2026 by rpki-client