Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
File: 21ed4032-a4d1-486a-97f8-a4eed91bb627.roa (raw, json)
Hash identifier: gqjuRSrTB41ZHQ3/js94LrMfXLnSS19/XqGOPK7tL+s=
Subject key identifier: 3E:6A:28:F0:40:C7:1D:D0:6E:F0:0C:50:13:0E:18:86:FE:0F:FA:FB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 530088C8CFB6BA6DCD118175710FB34A377295D9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
Signing time: Sat 28 Feb 2026 06:30:45 +0000
ROA not before: Sat 28 Feb 2026 06:30:45 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.52.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:00:88:c8:cf:b6:ba:6d:cd:11:81:75:71:0f:b3:4a:37:72:95:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:45 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=583f8b84958dd7bc937b6d108e3051c5e51952b715820c95fe891b5d2cdb5a60, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:60:b1:9b:8d:b5:b2:56:8e:ec:b6:ae:b0:83:
f2:fb:6d:e8:28:7b:da:ce:60:8a:9f:fb:55:95:a7:
40:d5:14:0b:06:01:2f:ba:c7:c9:01:ed:80:ac:69:
28:70:04:33:5b:36:2e:7d:42:21:94:2b:1b:04:d3:
79:4f:cd:26:75:be:36:be:88:1a:31:35:1d:fe:db:
22:f1:d5:73:63:36:c8:06:92:fb:df:89:30:81:74:
48:98:15:03:24:f0:5f:4b:56:8e:e5:0f:2a:12:6e:
ce:95:aa:c7:43:6b:be:06:d0:d6:b0:cc:70:cd:df:
ea:d6:d0:0d:69:42:b1:7c:4a:0c:3a:b9:7f:c5:9c:
2a:07:c7:09:9d:f0:59:f0:9e:8f:64:49:74:07:13:
85:c4:0d:db:f1:6c:55:a8:91:2f:a6:74:88:08:de:
f8:e6:8c:e0:d3:49:08:34:f0:8e:25:59:3a:21:ec:
78:5f:25:3d:88:75:bf:69:c6:0c:ee:07:8c:15:34:
99:46:4c:cc:c0:9a:fa:72:82:5e:57:8b:15:1b:e1:
0c:7c:b2:bb:3b:3f:e1:9e:f6:49:07:cc:ee:d2:22:
21:9f:b5:0e:48:ed:03:b7:20:93:8e:f5:91:2f:69:
8f:d0:53:e9:ea:e0:cc:8e:59:80:8b:03:ac:5d:af:
d4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6A:28:F0:40:C7:1D:D0:6E:F0:0C:50:13:0E:18:86:FE:0F:FA:FB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/21ed4032-a4d1-486a-97f8-a4eed91bb627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.52.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7f:68:9d:14:5e:4a:43:b2:a4:c5:6a:cc:60:31:fc:c2:0e:5d:
2f:c5:13:1e:cb:f6:81:8d:61:64:32:54:e0:9b:1d:43:fc:9e:
23:71:c3:29:db:c2:44:59:9b:30:b3:73:bc:6f:a3:88:73:2f:
07:f2:0c:64:de:23:16:92:6a:e5:28:5c:66:49:01:46:29:6f:
c6:3e:1c:85:f5:d7:3d:47:eb:54:e4:fc:b3:f9:10:0a:dc:1d:
1b:4d:95:58:f0:61:11:f3:cb:64:19:77:89:b8:cb:25:dd:2f:
35:54:62:6c:29:56:e7:76:ff:3f:4f:49:94:d2:8d:57:db:b6:
a6:16:42:fc:2e:6f:6f:24:62:92:62:d5:e9:fd:53:4b:4b:16:
d8:36:af:42:d9:ca:2b:c3:0e:c7:93:d4:3e:21:ca:9f:7e:35:
fe:20:6a:9b:1a:e9:ec:a6:25:61:af:3d:d9:ff:76:42:d1:7f:
8b:ed:d6:da:ea:ce:2b:bb:78:b4:c8:85:eb:35:12:21:a7:8d:
4f:52:e7:2e:17:a2:7e:28:07:06:2b:5e:19:90:02:ad:e9:1f:
38:db:57:ae:95:a7:f2:1c:23:d4:eb:9c:54:87:4c:20:30:38:
61:60:82:2a:a1:ad:17:c5:2c:f3:b1:ea:ab:8a:24:13:f6:02:
29:cc:bc:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUUwCIyM+2um3NEYF1cQ+zSjdyldkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNDVaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDU4M2Y4Yjg0OTU4ZGQ3YmM5MzdiNmQxMDhlMzA1MWM1ZTUxOTUyYjcxNTgy
MGM5NWZlODkxYjVkMmNkYjVhNjAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZgsZuNtbJWjuy2rrCD8vtt6Ch72s5gip/7VZWnQNUUCwYBL7rHyQHtgKxp
KHAEM1s2Ln1CIZQrGwTTeU/NJnW+Nr6IGjE1Hf7bIvHVc2M2yAaS+9+JMIF0SJgV
AyTwX0tWjuUPKhJuzpWqx0NrvgbQ1rDMcM3f6tbQDWlCsXxKDDq5f8WcKgfHCZ3w
WfCej2RJdAcThcQN2/FsVaiRL6Z0iAje+OaM4NNJCDTwjiVZOiHseF8lPYh1v2nG
DO4HjBU0mUZMzMCa+nKCXleLFRvhDHyyuzs/4Z72SQfM7tIiIZ+1DkjtA7cgk471
kS9pj9BT6ergzI5ZgIsDrF2v1LkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ+aijw
QMcd0G7wDFATDhiG/g/6+zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjFlZDQwMzItYTRkMS00ODZhLTk3ZjgtYTRlZWQ5MWJiNjI3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMI0MA0G
CSqGSIb3DQEBCwUAA4IBAQB/aJ0UXkpDsqTFasxgMfzCDl0vxRMey/aBjWFkMlTg
mx1D/J4jccMp28JEWZsws3O8b6OIcy8H8gxk3iMWkmrlKFxmSQFGKW/GPhyF9dc9
R+tU5Pyz+RAK3B0bTZVY8GER88tkGXeJuMsl3S81VGJsKVbndv8/T0mU0o1X27am
FkL8Lm9vJGKSYtXp/VNLSxbYNq9C2corww7Hk9Q+IcqffjX+IGqbGunspiVhrz3Z
/3ZC0X+L7dba6s4ru3i0yIXrNRIhp41PUucuF6J+KAcGK14ZkAKt6R8421eulafy
HCPU65xUh0wgMDhhYIIqoa0XxSzzseqriiQT9gIpzLxa
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:04:12 2026 by rpki-client