Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
File: 9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa (raw, json)
Hash identifier: F0SiB3g2RvnPSbAC01wNIYIMgbwxO3HKgjMTYdACjLE=
Subject key identifier: C7:86:9A:1E:E2:F4:8E:BC:57:24:85:75:F9:69:45:4B:BE:F2:4C:9E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18297C7B44D86649C3B38D66A9ED93CB6098C98F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
Signing time: Sat 28 Feb 2026 06:40:49 +0000
ROA not before: Sat 28 Feb 2026 06:40:49 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 145.55.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:29:7c:7b:44:d8:66:49:c3:b3:8d:66:a9:ed:93:cb:60:98:c9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:49 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=f9e58f2ca9b3e5982fd60dddde1e2c3f0215f25a73cad27d1a5114a99747664f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b5:5a:13:a5:09:20:0a:ff:64:e1:9d:a6:ce:
2b:3a:05:89:62:a7:79:1a:27:a2:f5:6e:28:86:3c:
72:aa:e8:8b:7a:d9:fb:71:fa:d2:f8:9a:67:b8:cb:
cc:65:bd:60:82:c4:7e:1f:67:b6:a4:ab:71:c4:3e:
06:77:61:bb:ce:8a:9b:f0:9a:93:d2:a7:ca:bf:7b:
79:72:15:f2:93:e9:3d:85:28:f4:2d:93:a1:ed:9a:
a8:89:35:de:33:6b:51:4a:df:8a:ec:e7:77:26:c5:
0f:74:b0:ff:79:eb:56:24:90:f6:25:c0:f6:07:04:
63:28:3c:6e:28:00:b0:33:0f:08:cc:da:71:e5:62:
6e:99:64:59:0b:26:c2:f2:f9:ce:4c:43:43:87:83:
0c:1a:8f:15:47:39:6d:9c:e5:bb:9f:7e:a3:d8:72:
5f:ec:ef:15:c0:32:08:69:c0:94:07:ee:d0:f9:79:
6f:c5:a8:60:85:21:ee:d5:c9:ce:fd:e8:51:eb:cd:
06:14:19:35:e1:4d:11:5c:99:97:ad:e4:06:82:60:
3b:76:a9:dc:c9:6a:5a:dd:ab:17:4c:ca:3d:69:ee:
eb:08:35:50:a6:fa:be:a5:fd:33:3f:35:31:8c:33:
80:00:61:0d:47:ff:4f:33:67:83:f8:fb:a4:47:0a:
8e:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:86:9A:1E:E2:F4:8E:BC:57:24:85:75:F9:69:45:4B:BE:F2:4C:9E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9a08b99a-284f-4e69-83b1-fbfba94e7f22.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.55.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9e:4d:75:36:8c:67:0b:37:8a:96:96:8f:96:d1:6f:30:f4:3c:
3e:f1:a0:bb:af:ac:5c:c7:f6:94:2f:95:76:c9:fc:90:ac:73:
70:d6:07:25:8b:68:1f:49:75:cc:dc:d5:09:2d:7f:00:3b:5e:
6b:c0:ef:35:42:06:08:c0:4a:45:15:33:ac:aa:dc:3e:c3:8c:
96:26:87:04:b1:9f:cd:46:d3:3d:5b:29:59:41:a8:15:84:88:
35:42:12:0c:58:f8:5b:63:2e:85:b2:ad:30:24:e4:33:cd:67:
01:e6:38:21:73:87:22:7b:a9:92:99:f6:3e:3f:a4:54:4a:2e:
62:2d:07:38:06:f9:b1:54:67:c6:47:e8:8c:be:33:55:53:b4:
f7:71:a9:e3:7a:f6:79:d8:f8:2c:b5:ef:54:31:7b:3f:45:12:
e0:3d:ed:67:6e:5f:9a:00:4b:71:34:e0:c7:08:17:e7:8b:d8:
da:5d:4f:9c:ad:70:e4:d4:08:41:e9:35:c4:3f:de:cd:38:fa:
a8:2f:9e:b3:8e:94:c5:fc:da:d5:2f:41:5c:a5:26:9b:54:f6:
58:7c:8c:37:38:0d:45:ea:60:7c:20:3a:f1:57:f3:ae:ea:cc:
47:c1:ce:21:4a:a5:d0:31:a4:3d:d9:07:66:7d:53:e7:89:3b:
12:e8:e6:b6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGCl8e0TYZknDs41mqe2Ty2CYyY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwNDlaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5ZTU4ZjJjYTliM2U1OTgyZmQ2MGRkZGRlMWUyYzNmMDIxNWYyNWE3M2Nh
ZDI3ZDFhNTExNGE5OTc0NzY2NGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK61WhOlCSAK/2ThnabOKzoFiWKneRonovVuKIY8cqroi3rZ+3H60viaZ7jL
zGW9YILEfh9ntqSrccQ+Bndhu86Km/Cak9Knyr97eXIV8pPpPYUo9C2Toe2aqIk1
3jNrUUrfiuzndybFD3Sw/3nrViSQ9iXA9gcEYyg8bigAsDMPCMzaceVibplkWQsm
wvL5zkxDQ4eDDBqPFUc5bZzlu59+o9hyX+zvFcAyCGnAlAfu0Pl5b8WoYIUh7tXJ
zv3oUevNBhQZNeFNEVyZl63kBoJgO3ap3MlqWt2rF0zKPWnu6wg1UKb6vqX9Mz81
MYwzgABhDUf/TzNng/j7pEcKjvECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTHhpoe
4vSOvFckhXX5aUVLvvJMnjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWEwOGI5OWEtMjg0Zi00ZTY5LTgzYjEtZmJmYmE5NGU3ZjIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJE3MA0G
CSqGSIb3DQEBCwUAA4IBAQCeTXU2jGcLN4qWlo+W0W8w9Dw+8aC7r6xcx/aUL5V2
yfyQrHNw1gcli2gfSXXM3NUJLX8AO15rwO81QgYIwEpFFTOsqtw+w4yWJocEsZ/N
RtM9WylZQagVhIg1QhIMWPhbYy6Fsq0wJOQzzWcB5jghc4cie6mSmfY+P6RUSi5i
LQc4BvmxVGfGR+iMvjNVU7T3canjevZ52Pgste9UMXs/RRLgPe1nbl+aAEtxNODH
CBfni9jaXU+crXDk1AhB6TXEP97NOPqoL56zjpTF/NrVL0FcpSabVPZYfIw3OA1F
6mB8IDrxV/Ou6sxHwc4hSqXQMaQ92QdmfVPniTsS6Oa2
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:52:52 2026 by rpki-client