Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
File: 3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa (raw, json)
Hash identifier: 4oHKKCiOoUH6anfDGbLeEgFuUSc4lcCyaWl8VoNpwl0=
Subject key identifier: B6:4F:98:5A:CF:7A:02:4F:F2:31:4C:72:02:6D:0B:F1:5E:FD:44:29
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0AF8D887605100B5D55B9BC4D65394E330CE35C5
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
Signing time: Fri 13 Feb 2026 15:30:11 +0000
ROA not before: Fri 13 Feb 2026 15:30:11 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.104.0.0/13 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:f8:d8:87:60:51:00:b5:d5:5b:9b:c4:d6:53:94:e3:30:ce:35:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:11 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=7fb404230ca21d616880bd6c7936de6a4df469996f2fb0716223a4cd11b90d69, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:80:fc:50:ac:a0:a0:ca:52:da:de:3a:1f:d6:
25:cd:ea:85:7b:b0:2f:a5:c9:fa:9c:95:a9:fa:17:
65:95:f9:c7:52:e7:72:b2:4d:98:84:ff:01:e8:f0:
cf:07:68:1c:80:25:01:16:b8:59:51:fb:cb:8e:c2:
b7:da:65:73:2f:cb:c7:62:4e:ab:9d:c6:5c:a3:b2:
fb:60:db:1e:c7:bd:d1:02:25:31:97:7b:95:d5:b6:
9b:2a:cc:b7:bd:7a:1f:92:ef:fb:c5:ed:49:6f:c6:
7c:b2:f3:a2:eb:f8:ae:20:51:ab:db:0d:00:0e:d0:
97:ba:57:e6:c3:b0:58:bc:ec:99:4c:53:e9:0c:cf:
00:a5:98:2e:99:d0:22:40:a6:7c:13:94:f9:19:d3:
38:1c:67:17:92:e6:29:10:92:de:5e:ee:e9:d8:0c:
48:92:f2:08:45:c9:e7:25:df:2b:0e:64:09:fc:a8:
60:08:35:73:97:2d:55:1c:6b:45:d4:9a:53:47:06:
9c:8b:f6:aa:5b:bb:98:d1:2d:51:fc:10:5b:9f:5a:
35:5d:61:16:19:ac:5e:57:37:ce:51:75:87:24:8d:
60:8a:34:c8:8d:c9:2c:2a:eb:56:93:e6:d7:6a:48:
0b:74:9a:d2:e9:1d:ab:4e:26:23:df:54:62:57:1f:
af:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4F:98:5A:CF:7A:02:4F:F2:31:4C:72:02:6D:0B:F1:5E:FD:44:29
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/3bba584e-2e0b-4492-94b0-e70177c8f2cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.104.0.0/13
Signature Algorithm: sha256WithRSAEncryption
8e:a6:cb:0d:b4:57:97:08:ad:b6:a8:1a:9f:cb:22:06:59:73:
b3:44:4e:b7:01:c3:bc:7b:06:6b:e3:40:3f:01:3c:ba:c8:ef:
1d:3e:b9:44:2d:a5:d1:c7:8b:84:43:1f:32:fc:a7:83:86:6b:
d8:44:ce:07:f1:e4:f6:01:75:a6:7b:fc:40:eb:75:cd:59:13:
82:2d:8e:46:52:32:6f:0c:fb:e5:5e:cf:13:5e:52:94:e4:10:
2f:90:44:de:22:d1:0d:98:8e:ba:ff:54:55:5b:a9:a1:a1:fd:
28:20:21:f5:4b:77:6d:1f:ed:15:13:b3:c8:33:11:f3:d6:f1:
93:ba:41:12:69:eb:81:79:23:81:80:31:33:30:66:5c:a0:e4:
d9:66:1a:7f:35:19:f2:41:b5:99:cb:6e:ba:d7:b1:b0:19:af:
50:57:68:c5:8d:53:41:0e:1c:94:a2:41:cc:55:98:e0:5c:62:
de:fb:c7:d3:f4:38:d0:7f:ce:d0:f0:b1:95:a7:c8:0d:a6:2c:
57:99:7a:b5:07:8e:a0:ba:e3:04:a8:53:93:03:03:7f:91:de:
fc:57:6e:9d:dc:2a:29:2d:b0:56:9d:a9:65:65:e1:49:2b:5f:
ca:8e:2c:2c:6c:1c:d9:20:84:f4:e4:df:39:fa:4c:7d:14:22:
a3:68:94:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCvjYh2BRALXVW5vE1lOU4zDONcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmYjQwNDIzMGNhMjFkNjE2ODgwYmQ2Yzc5MzZkZTZhNGRmNDY5OTk2ZjJm
YjA3MTYyMjNhNGNkMTFiOTBkNjkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGA/FCsoKDKUtreOh/WJc3qhXuwL6XJ+pyVqfoXZZX5x1LncrJNmIT/Aejw
zwdoHIAlARa4WVH7y47Ct9plcy/Lx2JOq53GXKOy+2DbHse90QIlMZd7ldW2myrM
t716H5Lv+8XtSW/GfLLzouv4riBRq9sNAA7Ql7pX5sOwWLzsmUxT6QzPAKWYLpnQ
IkCmfBOU+RnTOBxnF5LmKRCS3l7u6dgMSJLyCEXJ5yXfKw5kCfyoYAg1c5ctVRxr
RdSaU0cGnIv2qlu7mNEtUfwQW59aNV1hFhmsXlc3zlF1hySNYIo0yI3JLCrrVpPm
12pIC3Sa0ukdq04mI99UYlcfr5MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2T5ha
z3oCT/IxTHICbQvxXv1EKTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
M2JiYTU4NGUtMmUwYi00NDkyLTk0YjAtZTcwMTc3YzhmMmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAzloMA0G
CSqGSIb3DQEBCwUAA4IBAQCOpssNtFeXCK22qBqfyyIGWXOzRE63AcO8ewZr40A/
ATy6yO8dPrlELaXRx4uEQx8y/KeDhmvYRM4H8eT2AXWme/xA63XNWROCLY5GUjJv
DPvlXs8TXlKU5BAvkETeItENmI66/1RVW6mhof0oICH1S3dtH+0VE7PIMxHz1vGT
ukESaeuBeSOBgDEzMGZcoOTZZhp/NRnyQbWZy26617GwGa9QV2jFjVNBDhyUokHM
VZjgXGLe+8fT9DjQf87Q8LGVp8gNpixXmXq1B46guuMEqFOTAwN/kd78V26d3Cop
LbBWnallZeFJK1/KjiwsbBzZIIT05N85+kx9FCKjaJS6
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:20:32 2026 by rpki-client