Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a312972d-ee00-4cd1-acf7-849f7c26ed7b.roa
File: a312972d-ee00-4cd1-acf7-849f7c26ed7b.roa (raw, json)
Hash identifier: XHKVyyQAx+/mIaWEQkBpHQXcUuDiGOEnfTy5COK5hQk=
Subject key identifier: 23:F8:AD:7E:34:9C:75:18:86:78:3F:28:ED:AF:FB:FE:BC:8B:66:04
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 050CF20D5C91D3B25015DF54AFB602FDFA542FB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a312972d-ee00-4cd1-acf7-849f7c26ed7b.roa
Signing time: Fri 10 Apr 2026 00:00:13 +0000
ROA not before: Fri 10 Apr 2026 00:00:13 +0000
ROA not after: Thu 09 Jul 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.80.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:0c:f2:0d:5c:91:d3:b2:50:15:df:54:af:b6:02:fd:fa:54:2f:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Apr 10 00:00:13 2026 GMT
Not After : Jul 9 23:59:59 2026 GMT
Subject: serialNumber=13e210d6736706d030827e1ad3ff193775bec445a604b17e892035a47f5d5afb, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:db:ba:0b:95:e9:f8:67:5d:cb:7c:ab:ac:a0:
22:6b:3c:3d:69:ca:68:85:87:5a:ee:64:de:fb:c0:
07:80:3e:62:e7:f6:a7:e9:5f:0f:ed:42:d6:1a:25:
e8:b4:9f:c2:16:ef:64:6c:be:96:04:36:7f:16:c5:
63:a2:fd:8d:75:10:ea:29:fc:72:d5:e6:59:75:a4:
eb:1d:0d:4c:5c:74:a4:32:62:be:ab:70:36:63:62:
95:27:22:6a:b2:5a:2f:c8:51:87:75:89:b8:65:fb:
1e:a5:99:fb:e7:33:b7:43:96:35:ea:21:bf:05:72:
02:e3:70:f8:0c:dc:ea:7b:67:6e:bb:e3:74:98:81:
9f:14:05:17:c4:2f:0b:74:ec:46:cc:7b:60:2f:d9:
26:27:5e:56:00:8c:cc:d9:83:65:d0:9b:34:4e:35:
f4:0a:d3:01:c4:f9:2d:42:53:da:6e:e6:15:f9:95:
a1:6c:82:67:50:50:6a:ed:84:b7:64:58:eb:5e:59:
61:3c:c2:68:62:9c:e0:fc:41:d6:2a:fd:84:3b:d0:
c1:ae:07:e9:8f:73:fb:50:c6:94:d7:6a:ae:8c:a3:
b0:99:83:85:a0:50:94:3b:53:6f:fb:ce:6e:7b:9c:
8e:47:87:1b:d1:88:f1:de:2c:3e:72:c3:a7:ee:c6:
81:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F8:AD:7E:34:9C:75:18:86:78:3F:28:ED:AF:FB:FE:BC:8B:66:04
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a312972d-ee00-4cd1-acf7-849f7c26ed7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
06:3a:6e:ee:07:ea:c3:70:a5:c9:99:f2:3d:30:d9:68:71:0c:
cf:91:9f:8e:04:65:a0:68:e4:1a:eb:b1:33:9c:17:f5:60:78:
fe:e9:a2:94:6c:bf:04:eb:79:61:7b:1d:ea:6c:31:9a:c6:40:
8d:97:b2:05:f7:81:cd:e5:81:85:3d:8f:d3:34:97:cf:a4:22:
29:bc:0c:c8:be:cb:af:8f:0f:a4:6a:f9:3a:07:39:76:71:d9:
05:f4:71:1a:79:70:80:f8:90:44:5f:89:d1:d7:a8:e3:fe:5d:
ed:c3:83:d4:d1:15:4a:78:83:52:7b:30:5b:c9:27:5b:71:89:
aa:40:04:38:84:64:45:fd:29:eb:d0:d7:b7:e4:51:f9:b3:b5:
2d:a7:84:0d:1c:a4:46:10:50:40:9a:47:e6:19:b7:61:3e:b9:
e9:a2:59:cd:f3:08:71:21:5a:62:ce:68:ca:68:b1:7d:35:a5:
86:11:d2:d5:48:0d:e7:cc:81:f2:d8:3a:a9:65:cf:c9:4d:58:
5d:85:95:c2:42:3e:19:07:d0:3e:53:d6:f7:e8:4e:46:57:98:
f1:71:ac:ed:d5:1c:9d:e9:66:ed:82:b9:17:0b:83:6e:d7:28:
33:62:31:fc:f4:32:dc:ae:43:c8:a7:32:0e:17:db:ac:0a:69:
2f:93:d7:0f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBQzyDVyR07JQFd9Ur7YC/fpUL7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA0MTAwMDAwMTNaFw0yNjA3MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzZTIxMGQ2NzM2NzA2ZDAzMDgyN2UxYWQzZmYxOTM3NzViZWM0NDVhNjA0
YjE3ZTg5MjAzNWE0N2Y1ZDVhZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzbuguV6fhnXct8q6ygIms8PWnKaIWHWu5k3vvAB4A+Yuf2p+lfD+1C1hol
6LSfwhbvZGy+lgQ2fxbFY6L9jXUQ6in8ctXmWXWk6x0NTFx0pDJivqtwNmNilSci
arJaL8hRh3WJuGX7HqWZ++czt0OWNeohvwVyAuNw+Azc6ntnbrvjdJiBnxQFF8Qv
C3TsRsx7YC/ZJideVgCMzNmDZdCbNE419ArTAcT5LUJT2m7mFfmVoWyCZ1BQau2E
t2RY615ZYTzCaGKc4PxB1ir9hDvQwa4H6Y9z+1DGlNdqroyjsJmDhaBQlDtTb/vO
bnucjkeHG9GI8d4sPnLDp+7Gge8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQj+K1+
NJx1GIZ4Pyjtr/v+vItmBDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTMxMjk3MmQtZWUwMC00Y2QxLWFjZjctODQ5ZjdjMjZlZDdiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlQMA0G
CSqGSIb3DQEBCwUAA4IBAQAGOm7uB+rDcKXJmfI9MNlocQzPkZ+OBGWgaOQa67Ez
nBf1YHj+6aKUbL8E63lhex3qbDGaxkCNl7IF94HN5YGFPY/TNJfPpCIpvAzIvsuv
jw+kavk6Bzl2cdkF9HEaeXCA+JBEX4nR16jj/l3tw4PU0RVKeINSezBbySdbcYmq
QAQ4hGRF/Snr0Ne35FH5s7Utp4QNHKRGEFBAmkfmGbdhPrnpolnN8whxIVpizmjK
aLF9NaWGEdLVSA3nzIHy2DqpZc/JTVhdhZXCQj4ZB9A+U9b36E5GV5jxcazt1Ryd
6WbtgrkXC4Nu1ygzYjH89DLcrkPIpzIOF9usCmkvk9cP
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:46:03 2026 by rpki-client