Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
File: 80e298e3-975b-4cea-9586-8d04a37a53a2.roa (raw, json)
Hash identifier: M5PO1zbclCCmGJqyY0YC/60Nhrec7m0knJcn93ebUAM=
Subject key identifier: 29:71:9A:6F:C5:AB:AF:08:9E:97:A8:AE:C5:6F:AF:6D:11:A0:FE:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7CC03FE093C2AC5FDF644BDC46A4FBE7307C2647
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
Signing time: Mon 23 Feb 2026 01:00:07 +0000
ROA not before: Mon 23 Feb 2026 01:00:07 +0000
ROA not after: Sun 24 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.93.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:c0:3f:e0:93:c2:ac:5f:df:64:4b:dc:46:a4:fb:e7:30:7c:26:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 23 01:00:07 2026 GMT
Not After : May 24 23:59:59 2026 GMT
Subject: serialNumber=b5a8b44a2bb3acde3a2d613b941026241920de7b7b466d64dc5a7055c00efe07, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:57:91:7b:22:56:55:d1:3c:37:00:12:31:b4:
b2:d6:a6:31:3e:bd:72:fd:ab:9e:27:d7:fb:56:f0:
c0:8c:85:f2:f5:fe:88:aa:26:25:1f:6e:e3:26:3d:
d7:0b:24:fe:e3:74:b1:7e:4f:46:0e:37:41:fe:df:
97:71:94:c2:5f:66:ed:87:88:e3:bb:84:6a:95:23:
c0:bb:1e:fa:48:ae:60:4b:ce:19:22:0b:8a:b4:ec:
8b:41:04:61:81:41:11:5e:06:16:0e:1d:35:5a:3c:
8b:34:e8:eb:75:64:2e:0f:00:3b:53:89:6e:94:03:
0d:3e:0b:4f:86:0a:ed:f9:de:b3:66:33:8b:9d:a3:
3e:9d:00:cd:f7:3c:10:bd:c3:13:cc:7f:57:1f:86:
94:70:b0:79:29:f3:fa:50:38:18:60:f7:4a:df:a6:
5e:a5:66:7b:ba:62:49:75:31:73:ff:69:00:fe:00:
d3:24:aa:a7:bf:00:16:7c:5f:14:a4:cf:12:57:b5:
d2:39:fc:2c:29:6d:84:7a:a7:dd:3a:96:39:89:1f:
ba:27:fe:90:b6:38:08:06:a3:fb:18:e9:f9:e8:fa:
3d:11:44:6c:49:bf:01:b3:41:d5:92:1c:be:22:c3:
db:d1:f7:fb:4c:97:24:f0:78:d0:ac:69:37:8c:ab:
69:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:71:9A:6F:C5:AB:AF:08:9E:97:A8:AE:C5:6F:AF:6D:11:A0:FE:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/80e298e3-975b-4cea-9586-8d04a37a53a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.93.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:7b:c7:87:2a:ee:50:1a:b8:ce:ae:65:c6:88:aa:09:66:f7:
9d:3a:5e:26:bf:61:2b:4f:8b:b4:16:c9:d8:43:e2:72:7e:65:
6f:a1:f8:4a:9f:5d:43:4a:36:a6:c8:90:d6:b6:4b:8b:5e:24:
57:c5:28:72:42:6b:4f:03:1f:c1:8d:87:67:aa:48:30:44:ef:
74:2f:59:6e:44:47:cb:e7:5c:ea:86:09:0b:ae:89:67:68:80:
99:7d:fc:26:81:35:ff:d5:28:b3:66:6e:80:16:ad:39:13:fd:
5d:8b:b2:8d:f7:dd:4f:4a:d3:ea:01:13:b5:bb:a9:c0:2c:11:
c0:64:85:9b:11:85:16:86:2e:92:50:6c:ee:4d:4f:5d:c4:9d:
b9:d1:db:89:82:46:73:80:e9:d0:c4:ed:23:8d:25:21:d0:52:
67:e7:2e:2a:17:51:ea:b3:d8:58:4c:ed:10:a8:7c:bd:56:96:
52:f1:02:01:31:d1:e6:c8:ba:29:61:43:76:f4:82:b0:64:10:
36:81:66:dc:83:6e:37:71:a3:e5:b8:a5:cc:b8:01:ec:75:9e:
db:1a:4a:e0:03:cb:a8:9f:f5:3d:cb:e5:ac:8a:e2:91:01:36:
63:84:6f:9b:7a:2a:c3:68:27:79:c0:22:2f:5b:74:c3:a3:38:
b7:6e:73:84
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfMA/4JPCrF/fZEvcRqT75zB8JkcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjMwMTAwMDdaFw0yNjA1MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1YThiNDRhMmJiM2FjZGUzYTJkNjEzYjk0MTAyNjI0MTkyMGRlN2I3YjQ2
NmQ2NGRjNWE3MDU1YzAwZWZlMDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFXkXsiVlXRPDcAEjG0stamMT69cv2rnifX+1bwwIyF8vX+iKomJR9u4yY9
1wsk/uN0sX5PRg43Qf7fl3GUwl9m7YeI47uEapUjwLse+kiuYEvOGSILirTsi0EE
YYFBEV4GFg4dNVo8izTo63VkLg8AO1OJbpQDDT4LT4YK7fnes2Yzi52jPp0Azfc8
EL3DE8x/Vx+GlHCweSnz+lA4GGD3St+mXqVme7piSXUxc/9pAP4A0ySqp78AFnxf
FKTPEle10jn8LClthHqn3TqWOYkfuif+kLY4CAaj+xjp+ej6PRFEbEm/AbNB1ZIc
viLD29H3+0yXJPB40KxpN4yraSMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQpcZpv
xauvCJ6XqK7Fb69tEaD+yTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODBlMjk4ZTMtOTc1Yi00Y2VhLTk1ODYtOGQwNGEzN2E1M2EyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADldMA0G
CSqGSIb3DQEBCwUAA4IBAQAle8eHKu5QGrjOrmXGiKoJZvedOl4mv2ErT4u0FsnY
Q+JyfmVvofhKn11DSjamyJDWtkuLXiRXxShyQmtPAx/BjYdnqkgwRO90L1luREfL
51zqhgkLrolnaICZffwmgTX/1SizZm6AFq05E/1di7KN991PStPqARO1u6nALBHA
ZIWbEYUWhi6SUGzuTU9dxJ250duJgkZzgOnQxO0jjSUh0FJn5y4qF1Hqs9hYTO0Q
qHy9VpZS8QIBMdHmyLopYUN29IKwZBA2gWbcg243caPluKXMuAHsdZ7bGkrgA8uo
n/U9y+WsiuKRATZjhG+beirDaCd5wCIvW3TDozi3bnOE
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:50:17 2026 by rpki-client