Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: jLzqj1ItvO14VbNs0nEiEKso2mx9JCYG32kIbYP3hHM=
Subject key identifier: 33:B6:92:6D:A4:A7:90:94:96:38:89:FB:A6:BA:CE:0E:39:58:5B:5D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7BF96674223082AB9ED0544D85B4A207EFDBF088
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Sat 28 Feb 2026 06:40:34 +0000
ROA not before: Sat 28 Feb 2026 06:40:34 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f9:66:74:22:30:82:ab:9e:d0:54:4d:85:b4:a2:07:ef:db:f0:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:34 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4534709df0380df809a99e1f002760489499ae740a7db7632583a75d0fa47538, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f7:7c:46:66:ba:cf:92:9f:c5:ca:91:22:e6:
98:c5:11:f3:40:10:5f:1a:da:e9:61:02:bd:20:e5:
ec:42:09:03:ad:b6:1d:72:5d:2f:78:f7:56:de:f4:
d8:ad:75:26:11:13:9c:c1:d8:54:8c:59:72:46:45:
94:5b:b8:c9:01:1b:e5:ab:48:06:e1:c3:c9:ae:0f:
44:a2:9f:0f:d0:76:69:b9:df:74:43:fd:16:18:22:
04:79:66:78:8a:b1:1e:8f:37:35:67:bd:49:94:8d:
c3:14:74:6d:39:8e:ce:43:3a:68:68:0d:66:dc:c9:
18:b9:55:0f:ed:c8:23:ba:20:32:3c:de:e5:46:db:
a1:e2:c6:a6:30:f3:d2:2b:c0:6c:02:c2:69:12:e6:
ba:c9:c4:e4:4a:da:a8:00:5e:85:10:70:bb:4d:39:
50:2b:69:02:91:46:9e:2d:68:82:9d:fb:c8:d1:8f:
8c:b4:2d:81:c1:c2:28:65:30:25:d5:a9:ce:25:72:
32:cd:19:fa:71:dc:81:d5:5c:d1:14:78:b1:2d:c8:
b6:36:10:3a:c4:2a:a9:68:55:23:2c:62:dc:9d:c5:
7c:75:7f:cf:26:45:ec:64:a6:8e:6b:9e:2d:06:2d:
f8:d2:01:81:05:31:27:39:9a:31:8e:1b:3a:86:16:
29:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B6:92:6D:A4:A7:90:94:96:38:89:FB:A6:BA:CE:0E:39:58:5B:5D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:79:ef:30:46:d8:a1:23:92:8c:11:26:a2:3b:4e:17:52:04:
23:5b:45:13:4c:03:06:c1:47:14:32:d8:1b:31:df:ea:de:ce:
de:11:61:a2:6e:40:57:6c:ce:5a:9c:5f:5b:2e:aa:e3:50:a2:
85:d0:ae:cb:9b:7f:9a:c7:4c:ed:32:c1:42:62:1b:08:44:f2:
ae:a6:ac:5d:65:be:0b:98:0b:a2:e4:5d:18:ed:1f:1e:e2:0c:
d2:aa:a4:67:01:85:36:b3:4d:e9:b2:e7:37:88:df:ac:26:58:
86:5f:95:01:80:63:fb:fd:4f:d9:06:7e:f9:d2:17:26:14:9f:
16:91:43:cc:eb:08:bc:56:76:db:b8:ef:fe:e2:86:3c:47:29:
7b:cf:71:9d:35:bd:d0:6b:cb:3b:6a:37:44:46:68:20:16:69:
5e:57:b9:7c:41:ac:2b:e8:fe:40:2d:5d:a6:b8:bd:02:ad:c0:
a3:85:3c:94:e1:f5:d2:7a:36:18:ac:fb:5f:b9:a0:78:91:8f:
68:7c:3d:5f:b8:cc:1f:8a:f0:15:37:c9:81:48:32:0a:ac:bb:
bb:c6:e1:10:9a:d4:7c:53:88:c3:b7:ef:91:d1:a4:86:a7:5c:
b9:90:d2:ef:32:fd:45:60:88:c7:68:de:4d:a2:5c:d4:a5:04:
32:34:26:27
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUe/lmdCIwgque0FRNhbSiB+/b8IgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MzQ3MDlkZjAzODBkZjgwOWE5OWUxZjAwMjc2MDQ4OTQ5OWFlNzQwYTdk
Yjc2MzI1ODNhNzVkMGZhNDc1MzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK73fEZmus+Sn8XKkSLmmMUR80AQXxra6WECvSDl7EIJA622HXJdL3j3Vt70
2K11JhETnMHYVIxZckZFlFu4yQEb5atIBuHDya4PRKKfD9B2abnfdEP9FhgiBHlm
eIqxHo83NWe9SZSNwxR0bTmOzkM6aGgNZtzJGLlVD+3II7ogMjze5UbboeLGpjDz
0ivAbALCaRLmusnE5EraqABehRBwu005UCtpApFGni1ogp37yNGPjLQtgcHCKGUw
JdWpziVyMs0Z+nHcgdVc0RR4sS3ItjYQOsQqqWhVIyxi3J3FfHV/zyZF7GSmjmue
LQYt+NIBgQUxJzmaMY4bOoYWKW0CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQztpJt
pKeQlJY4ifumus4OOVhbXTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEA13nvMEbYoSOSjBEmojtOF1IEI1tFE0wDBsFHFDLY
GzHf6t7O3hFhom5AV2zOWpxfWy6q41CihdCuy5t/msdM7TLBQmIbCETyrqasXWW+
C5gLouRdGO0fHuIM0qqkZwGFNrNN6bLnN4jfrCZYhl+VAYBj+/1P2QZ++dIXJhSf
FpFDzOsIvFZ227jv/uKGPEcpe89xnTW90GvLO2o3REZoIBZpXle5fEGsK+j+QC1d
pri9Aq3Ao4U8lOH10no2GKz7X7mgeJGPaHw9X7jMH4rwFTfJgUgyCqy7u8bhEJrU
fFOIw7fvkdGkhqdcuZDS7zL9RWCIx2jeTaJc1KUEMjQmJw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:59:25 2026 by rpki-client