Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
File: b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa (raw, json)
Hash identifier: 8hrohA/1YHvdbl2wisedfFtaK/BG1U0sWk+IZYVKS0k=
Subject key identifier: 15:45:E0:90:AD:50:1E:BA:95:0B:2E:A6:26:75:8A:F8:93:B8:66:FE
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 22BC7C25057581028DA2952659706B7574BB15A8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
Signing time: Sat 28 Feb 2026 06:40:08 +0000
ROA not before: Sat 28 Feb 2026 06:40:08 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 194.198.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:bc:7c:25:05:75:81:02:8d:a2:95:26:59:70:6b:75:74:bb:15:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:08 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=eb1843bfab9bde96864b68e761110d4f1a9828b647b0f508935de32f34dfebcd, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:f1:5a:4b:16:77:15:e1:a3:2b:cc:5f:48:6d:
5f:c9:02:79:6c:79:b0:94:07:38:4d:04:1d:e1:41:
9d:92:ca:d7:b7:ec:86:8f:a7:e7:4b:4a:2b:84:2a:
f8:28:00:79:b7:56:7a:7c:b3:a1:d6:39:24:51:1d:
74:79:74:90:ee:71:de:d9:be:d9:64:25:b6:27:5e:
4e:f2:73:14:ef:18:ab:26:3d:f2:6b:bb:ab:4f:5d:
58:48:98:97:cb:15:ca:51:eb:3b:c3:12:4f:ab:ba:
e5:ec:7c:cf:38:be:c5:44:cd:0d:e1:4b:a0:cb:ed:
0e:5a:33:3a:b6:25:d8:ee:00:7a:61:b9:4b:88:c7:
b2:60:59:f6:90:54:1b:ec:0b:a1:3e:0f:93:26:5e:
03:cb:ce:40:0e:54:b9:f3:5a:97:30:5e:05:94:d3:
f4:01:3d:53:eb:6c:67:6d:ad:c7:03:3f:b6:ce:fa:
76:ff:2f:97:cd:75:a3:d2:c1:54:95:3c:c5:42:d6:
77:fd:1c:5f:85:dd:d3:aa:d5:c3:1f:b4:ba:e7:cb:
a7:e6:68:3e:47:3c:8d:8a:54:33:97:87:f2:65:45:
fa:f7:4b:e5:a7:50:17:b3:6f:e9:14:b4:d0:6a:91:
38:15:66:d9:34:30:a6:11:15:66:85:8c:83:e7:8c:
47:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:45:E0:90:AD:50:1E:BA:95:0B:2E:A6:26:75:8A:F8:93:B8:66:FE
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b5ec0568-ce5c-41f8-ae3e-0c14783e4068.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.198.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:f5:e5:11:2f:86:38:ba:4f:a1:67:b8:2a:fb:39:7c:38:1a:
56:ed:b7:81:64:f1:a2:b8:5b:82:19:ae:73:15:c5:50:2c:97:
8d:b1:dd:a3:f9:82:cf:51:cb:48:6e:4c:93:1f:ef:1a:d2:62:
17:70:47:26:79:de:97:8e:9d:ce:41:0c:88:78:96:79:a3:43:
13:00:bf:8d:74:c7:51:22:ae:c6:a4:a4:07:7a:c7:38:c3:66:
9c:0e:5b:e5:f1:42:69:b8:12:90:db:32:f0:69:64:a5:15:ec:
d8:52:0f:fe:08:e7:0e:bc:a4:32:9a:40:b9:43:1c:6f:c8:e7:
29:5f:c8:4b:8f:80:58:10:6b:52:c4:0c:e2:48:b2:21:c9:a8:
af:5a:1f:ce:cf:cc:df:14:d2:3c:8b:a7:32:db:06:d9:ba:b2:
81:0f:ad:d3:90:88:fd:04:d1:1d:2a:e4:e0:68:13:7d:ab:d7:
cd:9e:f6:3b:0f:5e:69:4e:0e:b8:a5:c7:c4:41:26:3d:df:01:
b5:6b:ca:e1:c7:5e:25:3b:fd:4f:a1:be:4c:9b:15:6d:ab:4e:
e6:85:b4:8c:69:08:69:52:be:d5:f2:53:e4:42:42:05:5d:b8:
b3:6c:c3:aa:7f:f5:00:2d:ac:54:da:3d:33:fe:71:82:09:a0:
2d:c6:b0:de
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUIrx8JQV1gQKNopUmWXBrdXS7FagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMDhaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMTg0M2JmYWI5YmRlOTY4NjRiNjhlNzYxMTEwZDRmMWE5ODI4YjY0N2Iw
ZjUwODkzNWRlMzJmMzRkZmViY2QxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ3xWksWdxXhoyvMX0htX8kCeWx5sJQHOE0EHeFBnZLK17fsho+n50tKK4Qq
+CgAebdWenyzodY5JFEddHl0kO5x3tm+2WQltideTvJzFO8YqyY98mu7q09dWEiY
l8sVylHrO8MST6u65ex8zzi+xUTNDeFLoMvtDlozOrYl2O4AemG5S4jHsmBZ9pBU
G+wLoT4PkyZeA8vOQA5UufNalzBeBZTT9AE9U+tsZ22txwM/ts76dv8vl811o9LB
VJU8xULWd/0cX4Xd06rVwx+0uufLp+ZoPkc8jYpUM5eH8mVF+vdL5adQF7Nv6RS0
0GqROBVm2TQwphEVZoWMg+eMR/0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQVReCQ
rVAeupULLqYmdYr4k7hm/jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjVlYzA1NjgtY2U1Yy00MWY4LWFlM2UtMGMxNDc4M2U0MDY4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAMLGMA0G
CSqGSIb3DQEBCwUAA4IBAQCA9eURL4Y4uk+hZ7gq+zl8OBpW7beBZPGiuFuCGa5z
FcVQLJeNsd2j+YLPUctIbkyTH+8a0mIXcEcmed6Xjp3OQQyIeJZ5o0MTAL+NdMdR
Iq7GpKQHesc4w2acDlvl8UJpuBKQ2zLwaWSlFezYUg/+COcOvKQymkC5QxxvyOcp
X8hLj4BYEGtSxAziSLIhyaivWh/Oz8zfFNI8i6cy2wbZurKBD63TkIj9BNEdKuTg
aBN9q9fNnvY7D15pTg64pcfEQSY93wG1a8rhx14lO/1Pob5MmxVtq07mhbSMaQhp
Ur7V8lPkQkIFXbizbMOqf/UALaxU2j0z/nGCCaAtxrDe
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:48:36 2026 by rpki-client