Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
File: 8462af63-807c-4934-9e2f-0d749c431bcd.roa (raw, json)
Hash identifier: uoL9YjLUZU+60lIc6okz3ZDnVexx18L0NXJOBxIQbxQ=
Subject key identifier: F8:8E:FB:2A:51:BE:5F:94:E6:75:7D:78:74:DF:98:18:BF:5C:47:A1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 66AAC9FCD12C512C28FC4AD5103C76A828B8F240
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
Signing time: Tue 19 May 2026 06:00:29 +0000
ROA not before: Tue 19 May 2026 06:00:29 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.186.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:aa:c9:fc:d1:2c:51:2c:28:fc:4a:d5:10:3c:76:a8:28:b8:f2:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 06:00:29 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=8047250beb9fbd30a3b290a90d19e29bcda8227b5dbc21c5b6a2a511a4a8583b, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:03:2a:23:bc:ca:12:16:2f:b6:16:0b:85:
99:eb:01:5c:cf:c2:33:fa:7c:10:5a:3a:4e:7d:57:
86:f7:dc:22:15:bc:28:83:e0:4d:c4:b2:f0:bd:0a:
73:d0:a0:3b:7d:1e:58:44:05:3e:93:3c:1d:0a:ae:
73:89:d8:2f:73:e8:eb:eb:8f:45:d8:9f:fd:8b:82:
ec:b0:92:11:be:23:8d:81:a0:a9:5d:7d:29:07:61:
8b:95:4d:72:13:81:2c:73:a4:47:73:9b:61:16:d2:
4e:56:ee:a6:f0:60:aa:89:29:03:fb:03:d8:9c:d5:
af:c4:34:8d:3e:14:83:63:16:8f:9a:9b:ae:00:ed:
89:ea:f5:d0:ac:27:61:dd:b7:e3:24:41:86:b3:4a:
51:ec:97:d6:98:2f:54:5d:30:0c:a7:6e:4a:2c:e2:
2c:9b:c0:e2:d6:ff:fa:d7:4d:f7:18:f3:d7:1f:bc:
d5:04:64:f6:6b:6e:ad:bb:94:0f:30:6a:9b:da:b1:
d2:fd:c0:97:8b:4d:cc:02:6e:59:31:fb:70:53:a2:
19:60:5b:33:40:f6:77:15:ac:92:71:18:c4:b0:48:
10:66:78:6c:74:1b:93:38:2e:a3:38:f9:0e:cf:e2:
7f:78:53:c7:31:1f:f6:a1:66:6f:0f:79:48:ed:dd:
62:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:8E:FB:2A:51:BE:5F:94:E6:75:7D:78:74:DF:98:18:BF:5C:47:A1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8462af63-807c-4934-9e2f-0d749c431bcd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.210.0/24
Signature Algorithm: sha256WithRSAEncryption
30:31:bd:45:bf:3e:8b:e3:0b:8c:37:be:5a:17:1a:58:08:f7:
03:20:48:7c:d9:a0:47:73:c8:82:98:73:f7:09:43:d4:3e:a4:
ac:12:ed:7c:31:43:e4:6e:48:b1:d3:ac:12:db:21:48:66:63:
39:be:e2:0a:c3:b2:b1:9c:d9:ef:cc:15:7b:e7:eb:a3:c4:fb:
4b:ec:bf:7c:ed:7b:56:35:fe:01:d6:2d:09:0b:39:ff:b5:d8:
c2:08:4c:3e:9e:7e:45:75:5a:c2:18:1f:33:29:53:37:47:81:
4a:3d:53:3e:2d:49:9f:4c:f2:1c:01:3f:f9:75:b3:e4:de:65:
ce:33:a5:a1:bb:4f:17:56:ad:95:05:a6:da:eb:62:b0:a0:e5:
bc:5e:2e:85:e6:82:cf:cc:c3:b8:11:d7:99:c7:c6:9b:c4:35:
6c:c5:6f:56:ae:b8:dc:4c:34:c0:3b:2a:09:30:25:16:11:bb:
b0:1e:c3:11:bd:9a:37:3e:96:73:8f:e5:f5:85:72:33:c6:4f:
16:15:e8:ed:fb:c3:82:f5:3c:26:52:aa:c1:e0:2d:4c:fe:61:
44:9a:f0:6f:5f:c6:9c:6b:57:75:43:f0:df:22:86:43:8b:a3:
91:91:61:75:23:6e:4e:1c:ba:34:6f:16:2d:46:64:87:84:c4:
30:51:06:65
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUZqrJ/NEsUSwo/ErVEDx2qCi48kAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNjAwMjlaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwNDcyNTBiZWI5ZmJkMzBhM2IyOTBhOTBkMTllMjliY2RhODIyN2I1ZGJj
MjFjNWI2YTJhNTExYTRhODU4M2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMMJAyojvMoSFi+2FguFmesBXM/CM/p8EFo6Tn1XhvfcIhW8KIPgTcSy8L0K
c9CgO30eWEQFPpM8HQquc4nYL3Po6+uPRdif/YuC7LCSEb4jjYGgqV19KQdhi5VN
chOBLHOkR3ObYRbSTlbupvBgqokpA/sD2JzVr8Q0jT4Ug2MWj5qbrgDtier10Kwn
Yd234yRBhrNKUeyX1pgvVF0wDKduSiziLJvA4tb/+tdN9xjz1x+81QRk9mturbuU
DzBqm9qx0v3Al4tNzAJuWTH7cFOiGWBbM0D2dxWsknEYxLBIEGZ4bHQbkzguozj5
Ds/if3hTxzEf9qFmbw95SO3dYiUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT4jvsq
Ub5flOZ1fXh035gYv1xHoTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODQ2MmFmNjMtODA3Yy00OTM0LTllMmYtMGQ3NDljNDMxYmNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMG60jAN
BgkqhkiG9w0BAQsFAAOCAQEAMDG9Rb8+i+MLjDe+WhcaWAj3AyBIfNmgR3PIgphz
9wlD1D6krBLtfDFD5G5IsdOsEtshSGZjOb7iCsOysZzZ78wVe+fro8T7S+y/fO17
VjX+AdYtCQs5/7XYwghMPp5+RXVawhgfMylTN0eBSj1TPi1Jn0zyHAE/+XWz5N5l
zjOlobtPF1atlQWm2utisKDlvF4uheaCz8zDuBHXmcfGm8Q1bMVvVq643Ew0wDsq
CTAlFhG7sB7DEb2aNz6Wc4/l9YVyM8ZPFhXo7fvDgvU8JlKqweAtTP5hRJrwb1/G
nGtXdUPw3yKGQ4ujkZFhdSNuThy6NG8WLUZkh4TEMFEGZQ==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:10 2026 by rpki-client