Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
File: 5112f144-85b1-4c62-8729-84d86ff353a1.roa (raw, json)
Hash identifier: WRrJleNTWRPC9g++8Np2NSBxiD4bDXTLj3r+CcvRzPg=
Subject key identifier: D3:7C:48:72:EF:07:EE:BB:2B:DF:4E:0F:13:D9:3C:A3:6E:DF:3C:E7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 780D9A4C3096000734E0BAF41CB412E173D33815
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
Signing time: Fri 13 Feb 2026 15:30:43 +0000
ROA not before: Fri 13 Feb 2026 15:30:43 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 84.48.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:0d:9a:4c:30:96:00:07:34:e0:ba:f4:1c:b4:12:e1:73:d3:38:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:43 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=2c6e8c9dbcff36eed0f57ee1a4ed4bd0f0eebdcfd9ecfe222f400bce65bffbcb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:2a:09:db:92:2d:49:8b:de:81:ff:8e:d1:62:
be:fc:3a:d6:52:2e:22:c7:4f:14:ad:38:49:5d:71:
22:0e:e5:53:f3:b7:ce:61:ef:a3:52:b9:a1:d6:9d:
e8:de:c4:7c:47:ec:72:bb:74:e3:5c:5b:8d:eb:46:
38:8f:b9:51:13:87:80:ca:3d:85:49:03:a6:3c:e9:
31:1f:19:ba:2f:1f:d0:0d:26:80:9d:57:4a:57:71:
3a:e8:73:3b:6d:98:56:86:f2:a7:56:24:8e:b8:01:
3a:19:f4:44:0c:62:94:67:d9:1c:6a:ff:9f:91:62:
f6:82:38:b8:0b:22:29:10:7e:08:c9:6a:9b:98:53:
5a:07:29:d4:72:75:82:7a:27:16:ad:f9:ff:65:f7:
1b:99:ae:9e:56:d5:92:76:97:4c:7e:9d:93:f8:cb:
0c:87:f0:5b:68:45:cd:7f:1a:01:63:0c:f6:42:16:
0d:a3:fb:96:f5:fa:a8:ce:4c:11:d8:c9:c4:6a:03:
ce:f8:b0:67:c3:c4:25:94:2a:bf:41:a1:85:02:a1:
a1:e9:f1:ea:d3:bf:28:ea:f9:a6:ea:88:dd:df:d9:
79:94:43:b1:d1:94:99:b9:ae:df:d9:e0:10:3c:f5:
24:9c:7d:c0:8c:ae:e6:0f:bf:c4:a9:ee:9d:fa:a8:
ba:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7C:48:72:EF:07:EE:BB:2B:DF:4E:0F:13:D9:3C:A3:6E:DF:3C:E7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5112f144-85b1-4c62-8729-84d86ff353a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.48.128.0/17
Signature Algorithm: sha256WithRSAEncryption
6d:81:4e:06:f8:b9:0b:29:6c:70:be:88:35:bc:66:91:31:90:
4c:55:39:98:6f:f4:91:51:41:39:8c:a8:60:87:b5:57:e6:40:
b7:5d:d6:f9:15:99:b9:0d:ac:bd:a1:d4:93:0a:fd:7c:67:1a:
64:6f:ac:c7:53:0a:80:9b:91:83:b0:dd:70:c9:44:62:46:12:
ae:60:b3:a7:c2:c7:d8:f6:be:55:a0:07:4e:56:0f:f8:91:0c:
9a:5e:db:c4:b1:b5:f5:85:38:d8:51:91:03:79:de:12:20:c9:
e8:0e:5e:f2:a2:a3:20:c2:12:08:08:d4:71:41:9c:23:0f:c9:
42:20:ad:a2:ad:f0:b8:97:2e:37:a7:0c:b5:d4:d2:e9:a7:20:
cc:01:cf:bc:e8:52:c5:d3:d7:70:0a:73:35:82:11:7a:f8:d5:
06:09:11:86:5d:5f:83:20:76:ec:9b:fd:48:bf:45:3a:d9:b1:
30:95:71:70:c9:2c:65:88:8b:60:1d:cb:13:5d:98:79:c6:87:
6c:eb:02:b0:f8:12:12:7c:96:79:cd:4d:9c:6b:15:f1:7d:dc:
32:e8:ed:7c:46:0c:d4:40:3c:06:b8:d1:f6:5a:ea:38:7d:8b:
9d:0e:2a:07:52:63:94:36:8c:87:a4:22:2d:eb:11:fe:65:ed:
14:92:73:c2
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUeA2aTDCWAAc04Lr0HLQS4XPTOBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwNDNaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjNmU4YzlkYmNmZjM2ZWVkMGY1N2VlMWE0ZWQ0YmQwZjBlZWJkY2ZkOWVj
ZmUyMjJmNDAwYmNlNjViZmZiY2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM4qCduSLUmL3oH/jtFivvw61lIuIsdPFK04SV1xIg7lU/O3zmHvo1K5odad
6N7EfEfscrt041xbjetGOI+5UROHgMo9hUkDpjzpMR8Zui8f0A0mgJ1XSldxOuhz
O22YVobyp1YkjrgBOhn0RAxilGfZHGr/n5Fi9oI4uAsiKRB+CMlqm5hTWgcp1HJ1
gnonFq35/2X3G5munlbVknaXTH6dk/jLDIfwW2hFzX8aAWMM9kIWDaP7lvX6qM5M
EdjJxGoDzviwZ8PEJZQqv0GhhQKhoenx6tO/KOr5puqI3d/ZeZRDsdGUmbmu39ng
EDz1JJx9wIyu5g+/xKnunfqoukECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTTfEhy
7wfuuyvfTg8T2Tyjbt885zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTExMmYxNDQtODViMS00YzYyLTg3MjktODRkODZmZjM1M2ExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB1QwgDAN
BgkqhkiG9w0BAQsFAAOCAQEAbYFOBvi5CylscL6INbxmkTGQTFU5mG/0kVFBOYyo
YIe1V+ZAt13W+RWZuQ2svaHUkwr9fGcaZG+sx1MKgJuRg7DdcMlEYkYSrmCzp8LH
2Pa+VaAHTlYP+JEMml7bxLG19YU42FGRA3neEiDJ6A5e8qKjIMISCAjUcUGcIw/J
QiCtoq3wuJcuN6cMtdTS6acgzAHPvOhSxdPXcApzNYIRevjVBgkRhl1fgyB27Jv9
SL9FOtmxMJVxcMksZYiLYB3LE12YecaHbOsCsPgSEnyWec1NnGsV8X3cMujtfEYM
1EA8BrjR9lrqOH2LnQ4qB1JjlDaMh6QiLesR/mXtFJJzwg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:28:53 2026 by rpki-client