Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
File: 81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa (raw, json)
Hash identifier: SUiw8Wu+RLZB4qRfUPDWQE6IWnJdI4ga4Ai926n+rtA=
Subject key identifier: 27:C1:D3:34:E6:BF:24:6A:AB:E0:51:E7:B3:F5:59:5C:0C:03:58:6B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4FBBB4363A15DCDC8B81AEF6E539E1856FC58396
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
Signing time: Fri 13 Feb 2026 15:30:14 +0000
ROA not before: Fri 13 Feb 2026 15:30:14 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:bb:b4:36:3a:15:dc:dc:8b:81:ae:f6:e5:39:e1:85:6f:c5:83:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:14 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=da8ac44618b7e728f063726018b9a5054dc25974858adc2f2793b1c7836479aa, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a8:a1:91:82:e3:1b:6d:a7:6e:89:35:76:a8:
88:08:5d:2c:7b:95:d7:6e:e0:cb:da:34:58:db:2d:
41:7d:df:69:bd:8a:37:88:81:41:2c:52:51:17:70:
86:ee:aa:b4:c4:22:a9:a8:63:9f:5e:bc:e4:9a:f8:
df:9a:82:b9:52:25:35:b3:89:6c:e1:63:19:79:56:
d1:6c:82:47:b3:d0:ed:65:bf:50:86:1d:86:e4:a3:
1c:17:87:fa:26:ed:bf:57:d5:4d:8b:2f:cd:e2:c9:
0c:d0:51:6a:45:f7:bf:b8:f0:fb:d1:a8:14:d1:8e:
b2:44:8d:a1:cf:b7:95:de:ba:ba:92:2c:36:a5:8e:
dc:77:23:f1:02:0f:4a:e0:d9:1d:6b:b9:89:0f:04:
0c:fd:b0:71:f9:6c:6b:29:c0:07:87:68:39:4f:e2:
5c:a5:d1:0b:bc:f2:59:d6:9b:fe:ae:f7:8e:b7:b4:
d3:c2:22:39:13:9d:0a:71:95:43:d3:d9:02:47:dc:
eb:a6:bd:b6:25:66:a9:9a:33:1d:ee:22:34:eb:37:
99:68:36:c4:bc:2c:56:0b:66:bf:8c:5d:71:55:54:
c4:f0:1f:20:36:10:a0:d9:aa:e4:22:32:ae:d1:b8:
ae:e7:27:11:98:c7:26:5b:16:e1:20:72:0e:11:9c:
d4:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:C1:D3:34:E6:BF:24:6A:AB:E0:51:E7:B3:F5:59:5C:0C:03:58:6B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/81bd2649-ad60-4c6a-bdf9-7b775e3d060e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578::/32
Signature Algorithm: sha256WithRSAEncryption
c6:e2:b8:69:00:a7:09:dc:c3:9f:4e:07:b0:71:2b:ae:91:ad:
e1:86:82:4b:c3:72:3b:f8:11:2d:07:b9:6c:d4:00:e3:24:fa:
61:f0:d2:01:73:2e:0b:aa:61:ef:70:f1:ab:88:01:ec:5a:a0:
19:99:f2:75:37:88:4b:b8:c5:ee:7d:6c:fb:a9:68:d9:bd:7e:
f0:51:2b:ab:e5:86:71:60:ef:1c:3e:ff:d2:1a:ee:28:4d:4f:
41:ca:03:ee:92:75:b4:6c:67:66:c8:53:ac:1f:21:7a:29:f7:
f1:68:3f:a0:78:1a:34:2e:c8:a2:76:7a:95:e2:18:16:de:bd:
06:c8:77:b3:de:e4:e1:f6:23:88:96:ff:cd:2f:52:2b:4a:a8:
0d:f3:c9:d3:18:9a:5a:2c:42:a9:1a:51:3f:2f:7c:bd:25:f8:
de:74:41:de:62:f9:55:b5:3e:a2:43:22:44:7d:33:7f:b4:6f:
54:9b:a9:f7:9b:4d:fa:60:42:39:fe:14:e2:01:4b:42:77:bf:
11:8b:12:19:e2:a6:1e:26:88:c7:71:6f:e4:8d:16:8d:00:02:
78:27:f7:7b:88:84:18:43:54:75:5a:06:05:d6:ab:bf:21:34:
d1:d4:39:17:8c:65:07:53:01:2d:e3:1d:c6:ef:75:df:9f:45:
60:61:7d:3c
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUT7u0NjoV3NyLga725TnhhW/Fg5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTRaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhOGFjNDQ2MThiN2U3MjhmMDYzNzI2MDE4YjlhNTA1NGRjMjU5NzQ4NThh
ZGMyZjI3OTNiMWM3ODM2NDc5YWExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyooZGC4xttp26JNXaoiAhdLHuV127gy9o0WNstQX3fab2KN4iBQSxSURdw
hu6qtMQiqahjn1685Jr435qCuVIlNbOJbOFjGXlW0WyCR7PQ7WW/UIYdhuSjHBeH
+ibtv1fVTYsvzeLJDNBRakX3v7jw+9GoFNGOskSNoc+3ld66upIsNqWO3Hcj8QIP
SuDZHWu5iQ8EDP2wcflsaynAB4doOU/iXKXRC7zyWdab/q73jre008IiOROdCnGV
Q9PZAkfc66a9tiVmqZozHe4iNOs3mWg2xLwsVgtmv4xdcVVUxPAfIDYQoNmq5CIy
rtG4rucnEZjHJlsW4SByDhGc1EECAwEAAaOCAiIwggIeMB0GA1UdDgQWBBQnwdM0
5r8kaqvgUeez9VlcDANYazAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODFiZDI2NDktYWQ2MC00YzZhLWJkZjktN2I3NzVlM2QwNjBlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoBBXgw
DQYJKoZIhvcNAQELBQADggEBAMbiuGkApwncw59OB7BxK66RreGGgkvDcjv4ES0H
uWzUAOMk+mHw0gFzLguqYe9w8auIAexaoBmZ8nU3iEu4xe59bPupaNm9fvBRK6vl
hnFg7xw+/9Ia7ihNT0HKA+6SdbRsZ2bIU6wfIXop9/FoP6B4GjQuyKJ2epXiGBbe
vQbId7Pe5OH2I4iW/80vUitKqA3zydMYmlosQqkaUT8vfL0l+N50Qd5i+VW1PqJD
IkR9M3+0b1SbqfebTfpgQjn+FOIBS0J3vxGLEhniph4miMdxb+SNFo0AAngn93uI
hBhDVHVaBgXWq78hNNHUOReMZQdTAS3jHcbvdd+fRWBhfTw=
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:24 2026 by rpki-client