Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
File: ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa (raw, json)
Hash identifier: 5NC/ztMo1YFtmYcZK61ld5pdeiKDGz5ROV/hbhrxT3A=
Subject key identifier: 91:2C:04:92:58:BF:6C:DA:99:E2:84:81:FD:5E:F3:A5:5F:EF:30:12
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 06AD47BB7BC5536CB7905446EE8EB6DAB208A71F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
Signing time: Fri 13 Feb 2026 15:30:13 +0000
ROA not before: Fri 13 Feb 2026 15:30:13 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 83.116.0.0/15 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:ad:47:bb:7b:c5:53:6c:b7:90:54:46:ee:8e:b6:da:b2:08:a7:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:13 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=f7ddc0b8a31422b83c7dc4a39488f6655c444483ca018b19d8a4193c6d851f2c, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a3:ad:d4:83:43:00:b3:45:24:64:a8:85:d6:
5c:94:66:d0:26:7c:44:1c:ac:fb:ae:ea:b4:08:35:
1d:59:af:e2:0b:c6:f1:c4:0f:7d:43:d9:bb:d6:55:
05:61:ba:27:f7:49:f4:0f:e9:a2:ad:c9:b4:91:9b:
2f:3b:00:41:1d:29:27:b0:61:96:b6:d1:50:44:26:
98:4a:fa:16:c5:40:53:25:81:a3:ee:4b:dd:b5:ff:
01:33:c9:6a:31:62:51:3b:75:fa:d2:e6:71:c2:71:
b6:b8:42:67:00:67:e1:00:05:6b:2a:ad:a9:df:9c:
4f:ee:7b:91:ba:88:12:20:60:28:5a:6c:2a:10:a0:
24:03:12:33:35:f1:08:bf:a5:94:6e:b4:f4:da:db:
ea:81:0e:5b:68:46:19:7b:4c:59:78:ec:a8:fc:ed:
80:53:2b:a9:f6:61:e7:09:b9:af:7b:67:f7:ef:82:
4c:0c:04:e3:6e:c4:f4:9a:25:7a:83:ec:01:ab:74:
34:15:da:65:da:8b:1a:f6:d5:be:be:90:29:c1:51:
c7:69:49:df:8a:01:59:36:98:49:89:de:db:d6:a4:
38:a9:19:10:61:71:19:6e:71:aa:8d:47:ce:79:56:
fc:25:57:7b:59:d0:e2:43:e9:71:ba:e7:fc:03:83:
07:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2C:04:92:58:BF:6C:DA:99:E2:84:81:FD:5E:F3:A5:5F:EF:30:12
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ac4a6d71-8f2c-4a51-b73d-23abcb81a3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.116.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6c:70:79:43:51:35:16:a4:29:5c:67:5f:41:13:76:b4:ee:48:
03:6f:e2:1e:39:56:3b:b6:b8:cb:a0:69:a6:8e:e5:7c:43:c6:
d4:fc:e5:08:20:37:4b:34:d6:42:f0:57:e9:47:ea:aa:2f:48:
aa:88:dd:f9:6a:bd:68:d9:c8:90:9d:b3:6e:ec:bb:4b:12:36:
22:75:8f:22:74:62:33:81:69:43:a6:fd:4c:5e:cf:19:3c:03:
a3:d2:30:58:37:fd:15:85:8a:18:6d:0b:cb:8b:e1:c9:46:10:
a1:ce:90:25:e8:cd:5f:e2:cc:3d:e6:ee:27:52:6a:73:c8:66:
b6:e6:67:d9:76:b4:b7:ad:ce:49:b0:dd:bd:1c:c8:1f:4b:44:
e4:10:ae:66:f8:60:88:3d:19:d4:e6:7d:89:db:a2:c3:28:86:
60:7e:c5:15:8c:2a:19:5f:0d:7b:69:71:ad:55:ee:3f:7e:76:
f4:a0:8e:e5:6b:f2:de:52:74:79:db:a2:ac:84:4f:26:1c:86:
fb:f6:58:bb:59:35:fd:ca:87:3e:39:20:0c:af:68:d2:3d:a8:
86:fb:dc:1e:15:99:d0:2f:0e:81:55:07:31:42:e0:43:39:4b:
62:68:6c:8b:2c:e9:43:2f:23:46:70:60:fe:ee:40:43:99:b3:
f1:f2:3b:ba
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBq1Hu3vFU2y3kFRG7o622rIIpx8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTNaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGY3ZGRjMGI4YTMxNDIyYjgzYzdkYzRhMzk0ODhmNjY1NWM0NDQ0ODNjYTAx
OGIxOWQ4YTQxOTNjNmQ4NTFmMmMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJujrdSDQwCzRSRkqIXWXJRm0CZ8RBys+67qtAg1HVmv4gvG8cQPfUPZu9ZV
BWG6J/dJ9A/poq3JtJGbLzsAQR0pJ7BhlrbRUEQmmEr6FsVAUyWBo+5L3bX/ATPJ
ajFiUTt1+tLmccJxtrhCZwBn4QAFayqtqd+cT+57kbqIEiBgKFpsKhCgJAMSMzXx
CL+llG609Nrb6oEOW2hGGXtMWXjsqPztgFMrqfZh5wm5r3tn9++CTAwE427E9Jol
eoPsAat0NBXaZdqLGvbVvr6QKcFRx2lJ34oBWTaYSYne29akOKkZEGFxGW5xqo1H
znlW/CVXe1nQ4kPpcbrn/AODB9cCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSRLASS
WL9s2pnihIH9XvOlX+8wEjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWM0YTZkNzEtOGYyYy00YTUxLWI3M2QtMjNhYmNiODFhM2I0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAVN0MA0G
CSqGSIb3DQEBCwUAA4IBAQBscHlDUTUWpClcZ19BE3a07kgDb+IeOVY7trjLoGmm
juV8Q8bU/OUIIDdLNNZC8FfpR+qqL0iqiN35ar1o2ciQnbNu7LtLEjYidY8idGIz
gWlDpv1MXs8ZPAOj0jBYN/0VhYoYbQvLi+HJRhChzpAl6M1f4sw95u4nUmpzyGa2
5mfZdrS3rc5JsN29HMgfS0TkEK5m+GCIPRnU5n2J26LDKIZgfsUVjCoZXw17aXGt
Ve4/fnb0oI7la/LeUnR526KshE8mHIb79li7WTX9yoc+OSAMr2jSPaiG+9weFZnQ
Lw6BVQcxQuBDOUtiaGyLLOlDLyNGcGD+7kBDmbPx8ju6
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:49:32 2026 by rpki-client