Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
File: 5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa (raw, json)
Hash identifier: X+pmEJ7nWe66HRyh1ZGJi2Sw3FeNJ64SNydqmlRr63g=
Subject key identifier: 6A:D9:0E:E8:81:51:1B:34:65:96:93:F8:AA:46:57:13:D1:CB:1D:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E220D8482F405348917C1F977FF674B694EC552
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
Signing time: Fri 13 Feb 2026 15:30:41 +0000
ROA not before: Fri 13 Feb 2026 15:30:41 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.129.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:22:0d:84:82:f4:05:34:89:17:c1:f9:77:ff:67:4b:69:4e:c5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:41 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=b6b7687019ddf5895996ed582a44f09d3709b4147ba228df47fbab91cd5367a6, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d8:76:63:42:3a:3b:4f:b3:bb:7f:9a:82:ae:
a3:73:3b:58:51:a1:56:a2:90:52:fe:54:70:2a:c8:
4c:a1:c3:ec:c4:b7:c4:d5:e2:52:52:79:0c:66:99:
af:c6:0c:9f:5d:d0:37:3e:41:9e:b8:70:a0:50:18:
be:a6:ec:ec:b4:b4:d4:36:28:38:1a:79:d6:26:c9:
84:1f:e2:d4:f6:d4:83:05:3c:25:0a:61:21:1d:e5:
e3:f1:4a:6a:03:76:45:73:4a:e8:7f:52:c3:e9:6f:
8e:5b:13:14:b5:0a:5b:16:2f:19:c1:e7:8b:4a:2b:
93:2d:76:c5:74:38:03:0e:3e:fb:31:9e:65:3f:d1:
f0:96:ed:d5:da:40:7d:4d:9a:68:23:44:f2:0c:1a:
ce:23:c3:10:c4:d6:18:40:72:15:28:c7:d6:85:ad:
81:1c:1a:fa:b4:b7:9f:63:89:94:a3:04:42:fa:66:
6d:7a:36:a2:d2:4a:28:91:9c:35:dc:f2:c0:e5:0d:
08:1d:1e:c9:41:6d:d3:0c:10:db:0e:95:cd:c5:1a:
68:76:65:58:33:4d:c0:e2:e4:26:29:ab:81:8f:15:
d4:33:d6:94:f0:6d:dd:a9:ef:97:dd:cc:13:9e:5c:
57:f8:20:a0:6d:35:44:a7:84:d2:3f:d3:4d:3f:30:
f0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:D9:0E:E8:81:51:1B:34:65:96:93:F8:AA:46:57:13:D1:CB:1D:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5f332a53-b8fa-4d61-9e5a-9ca4e586588d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:d4:c9:e3:51:ea:ef:f8:5f:51:ef:78:de:72:5d:7d:b7:41:
75:60:d7:cf:a4:a5:74:e0:d3:ae:e7:a7:fe:f3:22:3b:fe:65:
21:be:eb:a0:96:fa:1c:37:4d:88:74:ed:ca:3d:cf:01:36:3b:
c9:3c:90:60:e8:3b:f7:7e:98:b4:21:b7:a4:84:50:b3:c0:cb:
e4:56:aa:b0:0b:1b:68:f3:26:50:2e:2e:35:9c:33:68:26:fa:
f4:29:16:18:5f:02:a6:be:c7:ab:56:d5:5e:aa:cb:c0:4f:1a:
63:81:8b:07:62:8f:67:4f:29:63:6d:91:9e:4d:9b:12:04:6e:
dd:ed:a4:64:e9:dd:e4:fd:49:4f:d0:c4:a4:fe:3d:d8:27:10:
b2:e7:59:d7:21:b8:86:11:bc:9e:95:18:77:90:db:13:b3:e7:
de:4d:7f:e4:f6:37:86:83:89:1e:32:47:73:87:53:aa:eb:1a:
06:ff:f5:56:22:e4:3d:6d:2f:c9:6c:83:80:e6:a6:31:d1:46:
9b:5b:12:b0:a6:2a:8b:c4:66:97:21:75:27:c8:12:2f:69:c1:
23:b7:ac:c1:14:c2:4c:e8:f1:1a:0a:c0:e0:19:53:96:a8:62:
4b:e5:4b:97:ec:19:5c:20:bf:e4:0a:22:0b:eb:00:cc:0a:a1:
53:1b:29:1a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfiINhIL0BTSJF8H5d/9nS2lOxVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwNDFaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2Yjc2ODcwMTlkZGY1ODk1OTk2ZWQ1ODJhNDRmMDlkMzcwOWI0MTQ3YmEy
MjhkZjQ3ZmJhYjkxY2Q1MzY3YTYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjYdmNCOjtPs7t/moKuo3M7WFGhVqKQUv5UcCrITKHD7MS3xNXiUlJ5DGaZ
r8YMn13QNz5BnrhwoFAYvqbs7LS01DYoOBp51ibJhB/i1PbUgwU8JQphIR3l4/FK
agN2RXNK6H9Sw+lvjlsTFLUKWxYvGcHni0orky12xXQ4Aw4++zGeZT/R8Jbt1dpA
fU2aaCNE8gwaziPDEMTWGEByFSjH1oWtgRwa+rS3n2OJlKMEQvpmbXo2otJKKJGc
NdzywOUNCB0eyUFt0wwQ2w6VzcUaaHZlWDNNwOLkJimrgY8V1DPWlPBt3anvl93M
E55cV/ggoG01RKeE0j/TTT8w8GUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRq2Q7o
gVEbNGWWk/iqRlcT0csdJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWYzMzJhNTMtYjhmYS00ZDYxLTllNWEtOWNhNGU1ODY1ODhkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAFOBMA0G
CSqGSIb3DQEBCwUAA4IBAQAT1MnjUerv+F9R73jecl19t0F1YNfPpKV04NOu56f+
8yI7/mUhvuuglvocN02IdO3KPc8BNjvJPJBg6Dv3fpi0IbekhFCzwMvkVqqwCxto
8yZQLi41nDNoJvr0KRYYXwKmvserVtVeqsvATxpjgYsHYo9nTyljbZGeTZsSBG7d
7aRk6d3k/UlP0MSk/j3YJxCy51nXIbiGEbyelRh3kNsTs+feTX/k9jeGg4keMkdz
h1Oq6xoG//VWIuQ9bS/JbIOA5qYx0UabWxKwpiqLxGaXIXUnyBIvacEjt6zBFMJM
6PEaCsDgGVOWqGJL5UuX7BlcIL/kCiIL6wDMCqFTGyka
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:06 2026 by rpki-client