Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
File: 238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa (raw, json)
Hash identifier: u6XOaWAAzLp4YG03mfwJpFeU5rpL/WOI2vAvzNBBWNI=
Subject key identifier: B5:47:83:B8:CC:08:67:52:00:C1:2C:A7:55:7C:8C:09:CC:3F:4B:F7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7768252540F602E09A1D156E5C222AB57D08A136
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
Signing time: Tue 19 May 2026 06:00:09 +0000
ROA not before: Tue 19 May 2026 06:00:09 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 200.197.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:68:25:25:40:f6:02:e0:9a:1d:15:6e:5c:22:2a:b5:7d:08:a1:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:09 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=41d1c85c9ab2cb5a68decd1de16a752e78e6ba92221369e93f25ee607cd1d029, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:84:96:3a:05:8a:23:c0:eb:05:43:3f:d3:49:
5d:3c:05:bb:d0:08:ae:ab:66:13:f2:51:a4:a1:0f:
08:2c:81:c7:07:33:75:8d:43:7b:90:f0:10:cd:38:
5c:47:fb:c8:3a:70:fc:e6:03:7c:71:75:6b:cf:c3:
1e:da:ee:0a:c0:c2:c0:60:8d:df:64:9f:4b:bb:fb:
56:7f:ad:18:e6:fe:ac:fd:1c:d8:03:10:65:5d:e4:
75:87:dc:46:c8:bc:5e:76:77:2f:9e:9e:0a:b7:04:
6b:e5:4a:88:73:70:a4:e6:bd:c3:10:6a:78:b7:0c:
6d:2d:67:47:ff:b6:b9:5b:c5:36:23:46:8f:6c:d7:
c5:68:20:05:ee:49:a9:b3:d4:0f:db:48:a2:10:c0:
75:b3:1e:4c:44:7a:2d:bc:27:1b:2c:d5:6a:60:84:
d5:88:74:e1:85:49:6b:fa:41:40:86:1a:fe:e2:6d:
30:2d:99:b3:20:06:44:3f:6f:64:eb:1a:ff:82:ec:
86:cd:5e:df:e7:40:b5:fe:4f:89:05:cf:39:5c:01:
f7:b8:e7:f3:c1:bf:68:62:7f:84:df:12:49:0e:57:
0f:9c:e8:67:6e:16:99:90:c7:24:d4:b6:88:2f:21:
a8:31:2f:54:c0:b3:cc:e7:a8:ee:8f:87:b8:c1:17:
01:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:47:83:B8:CC:08:67:52:00:C1:2C:A7:55:7C:8C:09:CC:3F:4B:F7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/238dbfbb-0e18-45e0-ba91-6e88bb50802a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
200.197.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5f:98:fd:63:e5:4c:a4:0d:0c:56:81:fe:ec:06:95:8f:be:27:
02:5a:b9:46:a1:0a:af:9f:de:3c:86:de:49:23:72:4c:4c:a3:
64:28:ce:ec:44:d5:15:20:e6:11:6e:e6:f1:61:e7:16:6d:75:
6a:af:be:bf:af:95:7f:f5:0c:52:b5:cb:b2:48:47:ea:6e:6a:
79:8c:6b:33:80:88:8e:0e:18:ab:98:03:fe:97:5e:25:4b:4f:
f7:72:de:79:a8:af:44:50:38:0a:91:99:72:af:aa:d2:f6:38:
58:00:dc:79:52:e5:c1:89:2f:7b:85:3f:54:b2:d2:0c:9c:24:
6e:b6:ad:c1:ed:fe:1c:a2:ad:50:25:9f:d3:70:0f:28:96:59:
d8:11:de:f6:dc:d4:dc:d7:b4:1b:64:18:7f:29:70:2e:b8:e1:
5c:6d:25:5e:6c:1a:73:dd:c1:d8:be:5e:dc:81:4e:7d:94:1a:
5d:1d:40:86:53:8b:2a:4f:2e:5b:11:ca:ff:18:2c:11:a2:c4:
83:ff:7e:0b:e7:30:4f:0f:f6:2c:d3:ed:92:22:a8:c1:d1:55:
5e:b3:12:0a:4a:ec:39:1a:30:31:84:e5:22:3f:8f:01:e8:35:
67:8c:e8:5d:e4:51:e8:62:f7:4e:4e:9f:1d:4a:86:b3:6f:c2:
2e:65:d4:c0
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd2glJUD2AuCaHRVuXCIqtX0IoTYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMDlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxZDFjODVjOWFiMmNiNWE2OGRlY2QxZGUxNmE3NTJlNzhlNmJhOTIyMjEz
NjllOTNmMjVlZTYwN2NkMWQwMjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWEljoFiiPA6wVDP9NJXTwFu9AIrqtmE/JRpKEPCCyBxwczdY1De5DwEM04
XEf7yDpw/OYDfHF1a8/DHtruCsDCwGCN32SfS7v7Vn+tGOb+rP0c2AMQZV3kdYfc
Rsi8XnZ3L56eCrcEa+VKiHNwpOa9wxBqeLcMbS1nR/+2uVvFNiNGj2zXxWggBe5J
qbPUD9tIohDAdbMeTER6LbwnGyzVamCE1Yh04YVJa/pBQIYa/uJtMC2ZsyAGRD9v
ZOsa/4Lshs1e3+dAtf5PiQXPOVwB97jn88G/aGJ/hN8SSQ5XD5zoZ24WmZDHJNS2
iC8hqDEvVMCzzOeo7o+HuMEXAYcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS1R4O4
zAhnUgDBLKdVfIwJzD9L9zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjM4ZGJmYmItMGUxOC00NWUwLWJhOTEtNmU4OGJiNTA4MDJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMjFMA0G
CSqGSIb3DQEBCwUAA4IBAQBfmP1j5UykDQxWgf7sBpWPvicCWrlGoQqvn948ht5J
I3JMTKNkKM7sRNUVIOYRbubxYecWbXVqr76/r5V/9QxStcuySEfqbmp5jGszgIiO
DhirmAP+l14lS0/3ct55qK9EUDgKkZlyr6rS9jhYANx5UuXBiS97hT9UstIMnCRu
tq3B7f4coq1QJZ/TcA8ollnYEd723NTc17QbZBh/KXAuuOFcbSVebBpz3cHYvl7c
gU59lBpdHUCGU4sqTy5bEcr/GCwRosSD/34L5zBPD/Ys0+2SIqjB0VVesxIKSuw5
GjAxhOUiP48B6DVnjOhd5FHoYvdOTp8dSoazb8IuZdTA
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:00:09 2026 by rpki-client