Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
File: 44c4496c-63e1-49fc-828b-d77f94e0a789.roa (raw, json)
Hash identifier: f4/o2A8bcy83yc230VIiq0tPfpIIIdCVBGQvEh1nerQ=
Subject key identifier: 07:75:95:3A:1F:43:16:60:59:76:C8:59:6E:5F:05:83:DF:CA:0E:EC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3263616A3AE7DAA4311155A4097B26AD91F2E76F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
Signing time: Sun 01 Mar 2026 01:00:08 +0000
ROA not before: Sun 01 Mar 2026 01:00:08 +0000
ROA not after: Sat 30 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 213.72.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:63:61:6a:3a:e7:da:a4:31:11:55:a4:09:7b:26:ad:91:f2:e7:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 1 01:00:08 2026 GMT
Not After : May 30 23:59:59 2026 GMT
Subject: serialNumber=6567746d5d0e7796afc627a93cb088cf8120cd44a3885ff5551f0918098f5390, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5b:73:28:27:e8:a2:77:e1:99:e0:63:47:1a:
18:0d:8a:12:50:7d:7b:c6:a8:8f:49:b7:9f:33:5f:
79:2a:1f:3f:bf:c9:c9:0d:3c:97:6d:d0:3e:29:5a:
37:52:32:6f:4f:2c:3b:f5:e5:3c:a3:2f:90:34:5f:
49:88:4a:07:71:c1:90:94:fc:6c:9f:86:ea:5c:33:
a7:57:50:2f:a8:20:cc:ed:a6:e8:ab:49:22:9e:be:
ac:d5:0e:50:33:11:e7:c9:63:c8:09:7f:9b:00:9d:
11:47:e1:b8:ad:34:10:13:5c:18:0c:b3:a3:a0:49:
54:11:ce:32:5a:99:53:b6:c0:90:15:a8:89:b2:9b:
5f:8c:63:09:a7:a8:c9:05:4c:9c:c1:60:5c:04:eb:
1c:19:65:fa:ce:eb:43:20:d5:c1:2d:72:24:da:03:
8c:af:ca:49:2b:c8:3d:6c:b3:3f:0c:5f:61:57:38:
26:5f:21:bc:51:99:85:b1:2c:42:0e:9c:49:1a:d1:
48:1a:3d:66:e7:ab:c7:91:74:98:a6:4e:b2:bf:8d:
00:c2:52:74:c0:9f:24:82:3d:e8:f8:8f:60:24:55:
6c:23:ba:58:85:d7:e9:3f:5b:97:84:0a:69:b6:3d:
02:bb:ce:a3:21:41:4e:f7:bc:6e:9b:88:f9:78:a4:
be:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:75:95:3A:1F:43:16:60:59:76:C8:59:6E:5F:05:83:DF:CA:0E:EC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/44c4496c-63e1-49fc-828b-d77f94e0a789.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.72.128.0/17
Signature Algorithm: sha256WithRSAEncryption
8e:e1:fb:7b:74:bf:73:c9:48:c1:a2:17:0c:5f:fb:7a:78:8c:
f2:7d:2b:67:4d:da:99:ea:fa:4d:7d:05:5b:c0:b0:59:29:fe:
1d:1e:aa:b0:3d:a9:81:5c:3a:0a:1c:c6:f2:86:83:a6:95:55:
58:85:51:ec:21:a8:6e:f2:4c:18:38:4f:00:eb:5c:8f:7c:11:
86:ec:3a:c5:b1:99:3d:0c:c7:8a:33:54:71:ca:a0:0e:c6:52:
ec:70:ef:e1:fa:28:c5:e8:ad:99:37:2a:85:db:27:45:01:2b:
72:3c:cc:9b:9f:3b:44:d3:2b:c9:0a:3a:45:13:76:65:4e:3e:
03:7c:64:70:31:0c:2e:b0:57:8a:a9:2e:f6:3d:bd:7f:72:f5:
8b:f0:1e:1b:12:f2:9d:eb:3b:55:ca:24:21:c9:29:96:fe:3b:
0a:f0:22:b4:c1:20:c8:f1:1a:83:1f:d8:ca:60:de:93:89:65:
79:8d:dc:0a:c1:7c:65:97:e6:da:5a:67:c1:68:53:e4:04:7d:
0d:e5:04:72:6a:8a:01:2f:e9:48:f7:4f:1c:78:49:b4:b9:8b:
05:35:bb:35:3d:67:e5:2a:9e:ec:d9:7b:68:c2:71:57:26:f9:
bf:ca:22:ec:35:af:d5:db:42:b5:53:7d:0e:9f:51:19:92:5c:
f9:3e:01:c4
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMmNhajrn2qQxEVWkCXsmrZHy528wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAzMDEwMTAwMDhaFw0yNjA1MzAyMzU5NTlaMHoxSTBHBgNV
BAUTQDY1Njc3NDZkNWQwZTc3OTZhZmM2MjdhOTNjYjA4OGNmODEyMGNkNDRhMzg4
NWZmNTU1MWYwOTE4MDk4ZjUzOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL9bcygn6KJ34ZngY0caGA2KElB9e8aoj0m3nzNfeSofP7/JyQ08l23QPila
N1Iyb08sO/XlPKMvkDRfSYhKB3HBkJT8bJ+G6lwzp1dQL6ggzO2m6KtJIp6+rNUO
UDMR58ljyAl/mwCdEUfhuK00EBNcGAyzo6BJVBHOMlqZU7bAkBWoibKbX4xjCaeo
yQVMnMFgXATrHBll+s7rQyDVwS1yJNoDjK/KSSvIPWyzPwxfYVc4Jl8hvFGZhbEs
Qg6cSRrRSBo9Zuerx5F0mKZOsr+NAMJSdMCfJII96PiPYCRVbCO6WIXX6T9bl4QK
abY9ArvOoyFBTve8bpuI+XikvoMCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQHdZU6
H0MWYFl2yFluXwWD38oO7DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDRjNDQ5NmMtNjNlMS00OWZjLTgyOGItZDc3Zjk0ZTBhNzg5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9VIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAjuH7e3S/c8lIwaIXDF/7eniM8n0rZ03amer6TX0F
W8CwWSn+HR6qsD2pgVw6ChzG8oaDppVVWIVR7CGobvJMGDhPAOtcj3wRhuw6xbGZ
PQzHijNUccqgDsZS7HDv4fooxeitmTcqhdsnRQErcjzMm587RNMryQo6RRN2ZU4+
A3xkcDEMLrBXiqku9j29f3L1i/AeGxLynes7VcokIckplv47CvAitMEgyPEagx/Y
ymDek4lleY3cCsF8ZZfm2lpnwWhT5AR9DeUEcmqKAS/pSPdPHHhJtLmLBTW7NT1n
5Sqe7Nl7aMJxVyb5v8oi7DWv1dtCtVN9Dp9RGZJc+T4BxA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:45:31 2026 by rpki-client