Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa
File: 2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa (raw, json)
Hash identifier: hwZNAfvBbV9cLtwvC4IwWHAJ2MGADK8o49w8m+aAxsk=
Subject key identifier: F5:BE:F8:B4:3F:28:1E:61:D7:86:88:67:96:1D:73:46:44:6C:94:10
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F0161A81873184DBDC0267E9024C6EAE7771A47
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa
Signing time: Fri 10 Apr 2026 00:00:13 +0000
ROA not before: Fri 10 Apr 2026 00:00:13 +0000
ROA not after: Thu 09 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.81.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:01:61:a8:18:73:18:4d:bd:c0:26:7e:90:24:c6:ea:e7:77:1a:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 10 00:00:13 2026 GMT
Not After : Jul 9 23:59:59 2026 GMT
Subject: serialNumber=49f74133ab60884c882bda91759ed53987eb70e9374301cb81e326e6b70bd916, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:71:e3:0e:f3:cf:51:cc:29:9c:bb:9d:4a:2e:
9e:d0:35:61:13:cd:f8:62:19:53:c3:82:11:2d:a6:
75:fd:fd:3a:fd:50:bd:09:aa:37:b4:0d:05:fb:dd:
7b:0c:f8:13:c7:b7:11:e7:66:d0:f7:4a:a1:49:43:
ef:8f:58:9c:79:e7:a2:27:7a:15:7e:0f:2e:67:c2:
5e:c8:fd:fc:c7:d8:d6:12:2a:92:23:ac:09:e7:08:
c5:5f:87:79:bf:11:6d:e8:33:b5:eb:d0:d6:59:46:
ad:cd:0b:b1:b2:c9:6f:91:37:4b:15:f3:72:fd:6e:
77:0b:7c:bf:db:0c:be:eb:77:56:b3:5a:ca:78:8a:
b7:3d:eb:40:20:fa:65:f6:90:17:8f:ed:3b:2c:57:
c1:85:d6:45:80:36:56:25:02:fb:24:bb:73:64:e2:
10:23:1a:11:b9:5d:ce:1c:1c:52:bf:95:d7:3c:c4:
76:09:c8:15:cf:28:d8:08:77:59:22:79:0a:11:ee:
83:03:50:73:02:13:d3:75:da:c8:87:a0:f9:45:d1:
7e:e2:70:0f:b3:ba:26:39:37:e1:c3:62:08:48:6d:
7f:12:9b:de:20:a7:55:e7:d8:18:92:83:ca:5a:bf:
4d:8c:26:d8:c8:54:2c:35:28:db:1d:3b:c9:fc:12:
34:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BE:F8:B4:3F:28:1E:61:D7:86:88:67:96:1D:73:46:44:6C:94:10
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2a59044d-ec7e-45ff-a5bb-b9ab54f5cfb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.81.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1e:29:e6:f4:ba:3b:3e:34:d8:86:90:81:5d:d6:21:a9:a9:d4:
5f:33:82:49:d5:d2:7a:74:0c:3b:24:e4:24:22:e4:22:67:e4:
0c:6f:f7:75:68:8d:8b:c6:77:6f:0d:65:53:82:53:00:ed:94:
d3:33:89:2e:60:03:30:91:36:df:65:69:f0:74:c5:1b:96:86:
f9:8b:5b:9c:68:d4:e3:9d:b4:e2:c0:67:5b:ac:f3:50:d4:e9:
63:62:28:e8:19:76:fe:f5:43:ea:a7:b7:88:13:7f:18:c5:de:
f5:b9:2e:9e:40:5c:6a:e5:a4:e8:de:7b:25:cc:bf:2b:c6:38:
6c:8b:f7:08:5a:9d:8e:39:9a:9e:a3:20:54:5f:2d:c3:1a:72:
0b:16:5d:88:82:0b:9c:02:9a:71:62:6b:33:ee:94:77:f0:0d:
cf:3c:51:7d:46:6d:01:93:4d:20:69:b9:62:31:10:cc:0d:da:
2e:c5:cb:15:de:88:65:a7:f3:48:5f:d1:95:23:f3:98:75:e9:
43:51:13:23:ab:88:23:e9:6c:6a:03:8b:88:07:23:84:9d:7f:
3a:dd:33:b8:95:fe:3f:99:2c:18:3b:9a:49:ce:29:ec:63:08:
a6:d2:73:53:58:9a:db:b0:3d:6d:12:c0:f5:56:77:06:02:d8:
3a:c4:44:a2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDwFhqBhzGE29wCZ+kCTG6ud3GkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MTAwMDAwMTNaFw0yNjA3MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5Zjc0MTMzYWI2MDg4NGM4ODJiZGE5MTc1OWVkNTM5ODdlYjcwZTkzNzQz
MDFjYjgxZTMyNmU2YjcwYmQ5MTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdx4w7zz1HMKZy7nUountA1YRPN+GIZU8OCES2mdf39Ov1QvQmqN7QNBfvd
ewz4E8e3Eedm0PdKoUlD749YnHnnoid6FX4PLmfCXsj9/MfY1hIqkiOsCecIxV+H
eb8RbegztevQ1llGrc0LsbLJb5E3SxXzcv1udwt8v9sMvut3VrNayniKtz3rQCD6
ZfaQF4/tOyxXwYXWRYA2ViUC+yS7c2TiECMaEbldzhwcUr+V1zzEdgnIFc8o2Ah3
WSJ5ChHugwNQcwIT03XayIeg+UXRfuJwD7O6Jjk34cNiCEhtfxKb3iCnVefYGJKD
ylq/TYwm2MhULDUo2x07yfwSNOUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT1vvi0
PygeYdeGiGeWHXNGRGyUEDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MmE1OTA0NGQtZWM3ZS00NWZmLWE1YmItYjlhYjU0ZjVjZmI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlRMA0G
CSqGSIb3DQEBCwUAA4IBAQAeKeb0ujs+NNiGkIFd1iGpqdRfM4JJ1dJ6dAw7JOQk
IuQiZ+QMb/d1aI2LxndvDWVTglMA7ZTTM4kuYAMwkTbfZWnwdMUblob5i1ucaNTj
nbTiwGdbrPNQ1OljYijoGXb+9UPqp7eIE38Yxd71uS6eQFxq5aTo3nslzL8rxjhs
i/cIWp2OOZqeoyBUXy3DGnILFl2IggucAppxYmsz7pR38A3PPFF9Rm0Bk00gabli
MRDMDdouxcsV3ohlp/NIX9GVI/OYdelDURMjq4gj6WxqA4uIByOEnX863TO4lf4/
mSwYO5pJzinsYwim0nNTWJrbsD1tEsD1VncGAtg6xESi
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:15:24 2026 by rpki-client