Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
File: 7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa (raw, json)
Hash identifier: sfpYZiukZeQABAlVinU6z9IIijA6wea2OCqjx7xFZKA=
Subject key identifier: C8:D3:F4:F8:EC:63:22:F7:9A:6B:05:74:E0:B1:0A:CE:31:83:5F:42
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1C213AF23116080EE32D91075B3503939545400D
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
Signing time: Sat 28 Feb 2026 06:40:46 +0000
ROA not before: Sat 28 Feb 2026 06:40:46 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.65.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:21:3a:f2:31:16:08:0e:e3:2d:91:07:5b:35:03:93:95:45:40:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:46 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f9468b976737c01c9e21eb92a3b07b8ce836138bc0426ae9b3bf1a29e4ba1e31, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c7:35:71:34:51:38:6b:3c:c3:18:c6:66:0a:
41:09:97:0e:7b:47:a9:79:65:20:63:38:f9:d9:3e:
b9:f9:b5:c3:23:a1:21:fe:c3:78:5e:57:17:7c:17:
90:aa:6c:05:72:fe:66:30:78:94:b1:4b:ca:8e:49:
44:c1:81:e2:3b:72:9e:50:0c:0b:f2:c9:1c:07:32:
61:13:db:44:39:fc:64:c3:b5:e5:71:03:02:c1:0d:
c0:f4:8e:58:10:79:48:42:ee:f6:39:61:21:2d:5e:
7a:9f:a1:18:6d:95:c5:c9:77:3e:94:d6:51:a8:5b:
c8:ef:5a:e3:b7:0b:a5:f6:55:0e:25:e8:e1:61:25:
b9:3f:66:71:4e:82:c7:69:af:48:e0:15:c1:78:db:
e4:f3:5d:d7:9a:60:d5:20:b0:40:b8:18:5b:c7:23:
9d:8b:c1:2b:d6:89:0a:83:01:9f:fc:31:8a:e1:7e:
75:94:72:08:61:79:38:00:9f:06:7c:b6:e1:d2:af:
62:fd:06:dc:fc:b8:c1:23:b3:81:67:c9:54:8b:4c:
04:34:de:4d:bc:16:0b:14:13:46:62:6f:0a:7a:04:
01:40:b6:9f:2d:92:ee:be:30:66:7a:24:d9:d6:9e:
c4:17:a7:8f:f5:22:29:d8:93:0c:71:03:80:06:d6:
ea:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:D3:F4:F8:EC:63:22:F7:9A:6B:05:74:E0:B1:0A:CE:31:83:5F:42
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f5c30d0-efa8-41c0-aa7d-c5016e9315d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.65.0.0/16
Signature Algorithm: sha256WithRSAEncryption
92:9c:e1:37:c8:ba:29:ed:73:1e:ab:d0:84:94:3b:2d:5d:7d:
3e:81:6c:a7:22:08:cb:9d:ce:82:89:c0:cb:b8:58:06:3c:bb:
6e:04:31:df:e9:01:c3:11:6b:f1:36:21:60:81:83:b7:77:cd:
ae:1e:6d:68:da:fc:f1:70:2f:07:76:83:41:74:72:a5:aa:f4:
ce:35:1f:a4:51:e7:4f:21:6d:45:34:1f:30:87:e0:1f:d8:3c:
9d:09:b4:f9:99:64:71:d1:99:9b:31:28:90:89:81:2c:8a:d8:
12:58:e1:25:3b:7d:7b:7c:05:b0:31:c1:d1:d0:85:cd:4c:13:
52:e6:31:3c:ff:4e:c7:d5:2c:c9:ec:e9:84:98:d6:be:97:e8:
b0:b7:6b:37:84:35:87:87:a7:3e:8c:b5:89:11:b9:42:cc:8e:
6d:94:21:8c:a3:55:27:7c:91:a4:68:46:79:7a:1c:61:29:5e:
2b:96:7b:83:21:e8:8a:24:29:d5:4c:77:d5:74:d0:32:6f:c5:
12:10:5b:65:63:46:0a:91:71:92:3f:e7:2f:ab:77:f6:1e:63:
b7:d5:b0:dc:dd:88:bb:4b:5e:e6:c2:61:3a:62:95:62:17:b7:
33:13:d0:ea:6d:5e:10:4a:b1:4a:72:4a:e1:30:d4:55:63:ec:
c4:ab:c8:03
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHCE68jEWCA7jLZEHWzUDk5VFQA0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5NDY4Yjk3NjczN2MwMWM5ZTIxZWI5MmEzYjA3YjhjZTgzNjEzOGJjMDQy
NmFlOWIzYmYxYTI5ZTRiYTFlMzExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMHHNXE0UThrPMMYxmYKQQmXDntHqXllIGM4+dk+ufm1wyOhIf7DeF5XF3wX
kKpsBXL+ZjB4lLFLyo5JRMGB4jtynlAMC/LJHAcyYRPbRDn8ZMO15XEDAsENwPSO
WBB5SELu9jlhIS1eep+hGG2Vxcl3PpTWUahbyO9a47cLpfZVDiXo4WEluT9mcU6C
x2mvSOAVwXjb5PNd15pg1SCwQLgYW8cjnYvBK9aJCoMBn/wxiuF+dZRyCGF5OACf
Bny24dKvYv0G3Py4wSOzgWfJVItMBDTeTbwWCxQTRmJvCnoEAUC2ny2S7r4wZnok
2daexBenj/UiKdiTDHEDgAbW6l8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTI0/T4
7GMi95prBXTgsQrOMYNfQjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y1YzMwZDAtZWZhOC00MWMwLWFhN2QtYzUwMTZlOTMxNWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlBMA0G
CSqGSIb3DQEBCwUAA4IBAQCSnOE3yLop7XMeq9CElDstXX0+gWynIgjLnc6CicDL
uFgGPLtuBDHf6QHDEWvxNiFggYO3d82uHm1o2vzxcC8HdoNBdHKlqvTONR+kUedP
IW1FNB8wh+Af2DydCbT5mWRx0ZmbMSiQiYEsitgSWOElO317fAWwMcHR0IXNTBNS
5jE8/07H1SzJ7OmEmNa+l+iwt2s3hDWHh6c+jLWJEblCzI5tlCGMo1UnfJGkaEZ5
ehxhKV4rlnuDIeiKJCnVTHfVdNAyb8USEFtlY0YKkXGSP+cvq3f2HmO31bDc3Yi7
S17mwmE6YpViF7czE9DqbV4QSrFKckrhMNRVY+zEq8gD
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:37:02 2026 by rpki-client