Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: RU/d69+DGPKhwTwh5Fu2qCJqMX6VZmCx/9Ykiwz/2Ak=
Subject key identifier: 9C:39:CF:89:3B:AA:D7:4B:45:72:4B:6C:AB:A8:91:45:4B:62:75:6C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6E0B602748CF218E6FA04844D41E2ADC921E581E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Fri 13 Feb 2026 15:30:10 +0000
ROA not before: Fri 13 Feb 2026 15:30:10 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:0b:60:27:48:cf:21:8e:6f:a0:48:44:d4:1e:2a:dc:92:1e:58:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:10 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=6ffe29128759b6c7bbd2bd8f96a789680524850179f70b3e2266cbb8f45fc497, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ad:b7:b0:9d:02:2a:53:1e:41:52:19:eb:08:
33:3d:b6:00:fe:66:34:46:b9:24:e2:f0:ff:c5:88:
72:cd:bf:31:eb:d8:70:ac:0c:76:55:7f:29:cd:84:
73:8b:4f:95:a5:7d:b1:ed:a1:4f:2a:dd:ba:f1:f0:
2a:1e:20:4a:c3:6f:f1:75:3e:3a:72:c8:d1:61:a3:
58:88:f7:4e:d1:f3:a1:e7:16:d1:a9:69:54:b7:95:
20:d3:dd:c1:90:b2:7e:03:ce:b3:a1:6d:33:59:32:
89:9d:c5:ea:65:84:33:93:92:a9:6a:bb:c7:8c:04:
f5:f1:1d:42:db:9e:61:1e:cd:94:45:28:4e:1a:4e:
30:c7:9c:b8:f5:88:3a:92:d4:a9:0e:ec:80:14:4e:
83:61:86:ff:33:24:f5:8d:44:40:75:91:3f:f4:41:
b5:54:2e:34:e9:51:26:e3:1b:98:c2:d1:52:50:4c:
c7:20:c8:d0:86:80:54:d4:7a:8e:71:89:bd:09:cb:
86:87:d4:ae:84:72:42:ea:3d:ef:22:ac:75:6f:07:
4e:a3:6d:79:ac:52:1a:f8:0a:03:7b:40:cd:7a:1d:
0d:8b:c0:9f:b7:18:1b:93:0f:af:a6:1c:57:9f:cb:
7c:6e:bf:89:d3:0e:6a:c3:ec:1b:c0:b2:98:77:9e:
e6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:39:CF:89:3B:AA:D7:4B:45:72:4B:6C:AB:A8:91:45:4B:62:75:6C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1d:d0:27:8d:dd:39:55:10:6b:5c:15:8f:4b:cc:10:6e:b5:58:
01:21:f1:1a:1d:5e:78:35:ac:39:0e:29:ef:e8:10:96:17:2b:
3f:bc:e1:3e:2c:d1:73:58:1e:8b:a6:f8:ba:8a:1d:37:ed:01:
ef:a4:c5:f4:71:74:c9:b6:05:af:ee:cc:8c:bb:03:8d:04:69:
bc:ab:e2:5a:b1:23:76:e3:3d:2f:f9:80:f8:ca:2b:81:98:18:
42:a2:bd:53:dc:14:47:64:68:6e:18:29:99:24:d2:c9:61:14:
c2:90:67:33:33:38:a3:96:c7:64:82:d2:22:da:c1:00:3a:07:
6a:3a:8d:82:7b:31:a4:99:83:ab:de:80:19:e4:a3:28:50:bd:
a8:dc:c9:38:69:d7:57:91:d6:bb:a9:8c:9f:c1:8a:70:ce:cd:
83:c4:99:9c:b4:e4:76:e4:42:7d:d0:d4:5c:d3:94:b2:04:05:
b3:a8:81:e5:e7:45:f8:3e:b8:4f:ca:b9:db:bb:22:1f:84:88:
b9:85:f7:13:3f:20:e0:9d:1d:5a:87:38:70:18:36:71:b8:fb:
32:38:26:16:3c:f7:75:30:ae:b9:e6:57:43:b7:29:dd:17:e9:
57:3c:88:9c:22:85:1e:c1:f5:4d:95:81:24:58:ff:ea:a1:92:
3e:01:3b:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbgtgJ0jPIY5voEhE1B4q3JIeWB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTBaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDZmZmUyOTEyODc1OWI2YzdiYmQyYmQ4Zjk2YTc4OTY4MDUyNDg1MDE3OWY3
MGIzZTIyNjZjYmI4ZjQ1ZmM0OTcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJGtt7CdAipTHkFSGesIMz22AP5mNEa5JOLw/8WIcs2/MevYcKwMdlV/Kc2E
c4tPlaV9se2hTyrduvHwKh4gSsNv8XU+OnLI0WGjWIj3TtHzoecW0alpVLeVINPd
wZCyfgPOs6FtM1kyiZ3F6mWEM5OSqWq7x4wE9fEdQtueYR7NlEUoThpOMMecuPWI
OpLUqQ7sgBROg2GG/zMk9Y1EQHWRP/RBtVQuNOlRJuMbmMLRUlBMxyDI0IaAVNR6
jnGJvQnLhofUroRyQuo97yKsdW8HTqNteaxSGvgKA3tAzXodDYvAn7cYG5MPr6Yc
V5/LfG6/idMOasPsG8CymHee5tcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBScOc+J
O6rXS0VyS2yrqJFFS2J1bDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQAd0CeN3TlVEGtcFY9LzBButVgBIfEaHV54Naw5Dinv
6BCWFys/vOE+LNFzWB6Lpvi6ih037QHvpMX0cXTJtgWv7syMuwONBGm8q+JasSN2
4z0v+YD4yiuBmBhCor1T3BRHZGhuGCmZJNLJYRTCkGczMzijlsdkgtIi2sEAOgdq
Oo2CezGkmYOr3oAZ5KMoUL2o3Mk4addXkda7qYyfwYpwzs2DxJmctOR25EJ90NRc
05SyBAWzqIHl50X4PrhPyrnbuyIfhIi5hfcTPyDgnR1ahzhwGDZxuPsyOCYWPPd1
MK655ldDtyndF+lXPIicIoUewfVNlYEkWP/qoZI+ATt4
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:57 2026 by rpki-client