Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/338cbdf4-937d-41ee-8ec5-ca45e166a036.roa
File: 338cbdf4-937d-41ee-8ec5-ca45e166a036.roa (raw, json)
Hash identifier: jQS/mvxJ79++oRc4nPB0dB0ze+j4rYXW54dz5GrkO9U=
Subject key identifier: 58:87:B2:86:29:68:EF:0B:A1:24:7A:E0:19:E0:80:36:B9:65:3F:66
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 45BC03E629FDADBE5A3B6F5FDC26BA944910E259
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/338cbdf4-937d-41ee-8ec5-ca45e166a036.roa
Signing time: Sat 28 Feb 2026 06:30:10 +0000
ROA not before: Sat 28 Feb 2026 06:30:10 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 7224
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:bc:03:e6:29:fd:ad:be:5a:3b:6f:5f:dc:26:ba:94:49:10:e2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:10 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=c04a00815dcd7701a803ca7096578538cd3af2323565edec1f2c356205330ea9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:aa:8a:90:56:f7:61:ab:0d:82:85:d3:02:62:
cc:4c:1f:c7:fe:55:55:84:11:f9:aa:e0:08:27:95:
fb:16:2c:43:e7:96:f6:79:bd:66:78:8f:f6:c5:dc:
eb:d2:c5:37:06:93:58:3d:e6:ba:65:ec:3a:23:2c:
d4:b2:7f:39:10:79:4d:b9:8b:f7:eb:00:44:94:f0:
09:6f:1b:19:f6:03:52:61:56:51:76:4d:8b:fd:4d:
eb:92:53:af:52:51:b0:19:c8:e8:8b:5f:32:b3:18:
e7:42:ed:66:c1:41:1b:e2:d1:9b:a4:f1:6b:b1:7e:
f1:8d:1f:43:5b:ab:7e:52:06:bd:2f:a2:16:05:b2:
20:3d:97:33:49:54:24:b5:8d:6a:ea:c2:81:1b:a1:
3c:53:c3:5c:58:be:0e:f4:26:23:46:52:01:67:c3:
80:ba:f6:57:cc:32:c2:5a:8e:aa:ca:84:84:55:d1:
f3:0c:cb:f4:c9:a0:fe:ef:95:4b:16:f5:be:2d:82:
8d:32:5d:98:34:18:83:65:3e:6f:2a:13:b6:7e:8e:
fb:1b:cd:e2:21:98:52:01:0f:4c:6b:2b:c3:d2:1b:
31:b3:da:5f:24:74:01:c4:a4:22:1c:9f:b7:21:71:
e2:3a:2e:f7:08:0c:47:40:89:40:9a:3f:57:32:3f:
3a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:87:B2:86:29:68:EF:0B:A1:24:7A:E0:19:E0:80:36:B9:65:3F:66
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/338cbdf4-937d-41ee-8ec5-ca45e166a036.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:b8:e0:b2:f8:51:0d:28:85:b0:05:5b:99:c9:c4:a2:50:a6:
89:14:4f:17:c6:7f:fe:20:60:4e:27:b9:ab:83:29:33:72:fc:
d5:53:24:5e:cd:cc:b0:3b:cf:b4:e4:e6:44:eb:f3:84:6b:1e:
95:44:64:af:69:62:eb:b1:81:40:0d:52:94:c6:36:f6:4e:af:
2a:1c:03:2b:ff:39:a2:60:91:98:d9:74:7e:6d:2f:c2:ee:ab:
c7:46:e3:fb:2c:dc:19:5c:f4:59:ef:4a:2d:9f:6d:98:b7:c0:
40:26:f6:98:6e:c3:9e:6f:83:88:a1:bd:38:20:7c:bf:ad:e2:
f0:60:1b:44:e3:8a:2e:c8:89:ec:be:35:45:a5:61:f1:02:10:
0f:db:20:7e:36:c0:20:ec:f6:44:c1:0c:70:9a:32:d5:33:ac:
a1:1e:e6:fe:de:bd:e6:7a:6b:82:13:33:cb:a1:ed:4e:78:32:
4f:9a:d5:f0:f1:d4:a7:3a:96:28:21:38:a3:6a:92:9b:17:b1:
37:7d:1c:cb:fd:bf:de:e3:c4:89:c0:0a:34:c8:b0:87:97:77:
5f:56:2a:cf:ff:56:c4:4d:55:33:63:0c:72:f4:39:fd:8a:4a:
5d:a7:b7:0d:17:9b:b0:d8:63:d4:b3:ed:32:92:78:de:24:75:
bd:11:d6:47
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURbwD5in9rb5aO29f3Ca6lEkQ4lkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTBaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGMwNGEwMDgxNWRjZDc3MDFhODAzY2E3MDk2NTc4NTM4Y2QzYWYyMzIzNTY1
ZWRlYzFmMmMzNTYyMDUzMzBlYTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+qipBW92GrDYKF0wJizEwfx/5VVYQR+argCCeV+xYsQ+eW9nm9ZniP9sXc
69LFNwaTWD3mumXsOiMs1LJ/ORB5TbmL9+sARJTwCW8bGfYDUmFWUXZNi/1N65JT
r1JRsBnI6ItfMrMY50LtZsFBG+LRm6Txa7F+8Y0fQ1urflIGvS+iFgWyID2XM0lU
JLWNaurCgRuhPFPDXFi+DvQmI0ZSAWfDgLr2V8wywlqOqsqEhFXR8wzL9Mmg/u+V
Sxb1vi2CjTJdmDQYg2U+byoTtn6O+xvN4iGYUgEPTGsrw9IbMbPaXyR0AcSkIhyf
tyFx4jou9wgMR0CJQJo/VzI/OtMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRYh7KG
KWjvC6EkeuAZ4IA2uWU/ZjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MzM4Y2JkZjQtOTM3ZC00MWVlLThlYzUtY2E0NWUxNjZhMDM2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAmrjgsvhRDSiFsAVbmcnEolCmiRRPF8Z//iBgTie5
q4MpM3L81VMkXs3MsDvPtOTmROvzhGselURkr2li67GBQA1SlMY29k6vKhwDK/85
omCRmNl0fm0vwu6rx0bj+yzcGVz0We9KLZ9tmLfAQCb2mG7Dnm+DiKG9OCB8v63i
8GAbROOKLsiJ7L41RaVh8QIQD9sgfjbAIOz2RMEMcJoy1TOsoR7m/t695nprghMz
y6HtTngyT5rV8PHUpzqWKCE4o2qSmxexN30cy/2/3uPEicAKNMiwh5d3X1Yqz/9W
xE1VM2MMcvQ5/YpKXae3DRebsNhj1LPtMpJ43iR1vRHWRw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:49:01 2026 by rpki-client