Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
File: b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa (raw, json)
Hash identifier: yZmGjNw7LL4bUmyocr5DLLIIvtthTBYGnPXLuXDhvio=
Subject key identifier: BA:91:52:9D:01:DD:00:1E:C5:9C:F4:66:2E:1C:36:81:7F:B2:1D:67
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0F9F7EB088B56A8765704632AEB9BEAF2FC72CD9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
Signing time: Sat 28 Feb 2026 06:30:54 +0000
ROA not before: Sat 28 Feb 2026 06:30:54 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.85.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:9f:7e:b0:88:b5:6a:87:65:70:46:32:ae:b9:be:af:2f:c7:2c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:54 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=3774a9cad7c104489b61c55acbedc05309d91e4d112d6a20571b41284f460390, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:31:f2:be:36:50:5a:a1:9f:5a:32:62:9a:c8:
e3:24:7f:0c:6b:a8:c1:17:49:6e:71:a7:84:f4:c4:
11:ac:ac:25:e1:cf:b7:ef:54:54:c8:5d:f3:02:ce:
84:15:61:92:62:4e:ee:9c:ee:81:04:5e:c0:87:a2:
dc:88:b5:e9:e4:27:0e:79:3a:0f:bc:2a:ee:20:78:
f3:1a:e9:e4:32:66:2e:ec:bf:a1:b7:d8:36:0d:9e:
10:1c:d1:56:a3:4e:a4:06:93:7b:48:3e:3a:d2:fa:
c1:67:10:d8:74:d6:4f:b1:dd:e9:78:c0:04:5e:c1:
49:04:cd:8b:7b:02:64:f1:6a:c5:cc:d9:ee:c4:d5:
5c:ff:2b:33:b8:e2:1c:8d:54:1c:ae:48:12:ff:5f:
4e:26:61:af:72:dd:8f:4a:a7:c6:4e:80:35:93:0f:
ca:87:d4:33:1d:0a:a8:86:27:f6:6f:ab:ad:3a:2b:
06:b1:3e:b7:b7:89:c0:20:b1:1b:9b:c1:37:2a:08:
a7:31:ba:7f:23:ce:89:b3:ef:8e:87:49:7a:95:b5:
9a:4b:75:a3:e5:84:2a:47:9e:3d:67:34:7b:b1:bd:
98:18:80:36:1b:ac:d3:58:98:f5:f8:6f:96:44:04:
ac:94:af:14:22:43:40:d8:09:53:13:7f:39:c4:0e:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:91:52:9D:01:DD:00:1E:C5:9C:F4:66:2E:1C:36:81:7F:B2:1D:67
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b94c01ab-78c9-4dea-8605-206edf4f4ac3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a3:14:20:84:7e:06:6e:7f:bf:7b:71:c2:b6:c6:7c:09:9f:f2:
80:c2:89:67:56:fc:b8:04:60:2d:ab:67:32:89:2f:bf:64:d9:
2c:0a:b1:79:22:de:99:62:7a:68:1b:b1:99:db:75:b8:06:e5:
ce:f8:b7:4a:8d:91:08:0f:67:c4:9d:d0:4e:95:7c:2f:57:fc:
84:7c:66:10:88:61:75:e8:eb:f3:02:bb:80:07:22:d3:ca:0e:
49:29:63:d0:a2:20:8f:0f:9d:00:44:54:89:0f:4b:de:9f:9c:
90:ec:a0:dd:b4:bd:9d:01:71:5d:7c:15:d6:aa:c8:bf:20:09:
f8:5a:67:1d:58:8a:22:90:1b:04:3a:5b:6e:3b:a1:1e:66:47:
22:fa:8c:b8:53:7d:f7:d8:29:34:bc:fe:70:01:2c:70:84:66:
4a:0e:96:e6:ad:69:0e:34:a1:5b:e8:a1:de:a0:bf:6b:57:28:
70:a9:61:29:56:38:a4:0a:61:f8:45:3d:6b:74:22:9e:b8:b1:
1c:0c:51:51:00:c1:30:87:fc:4a:9e:f2:04:a6:23:90:b0:a9:
b6:e5:33:79:6c:3f:f0:ab:7d:ef:0e:b7:df:49:63:e8:1b:05:
34:06:a6:52:e3:eb:4b:b3:5d:b5:fc:0c:0b:64:22:72:c0:b7:
23:dd:82:ce
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD59+sIi1aodlcEYyrrm+ry/HLNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwNTRaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3NzRhOWNhZDdjMTA0NDg5YjYxYzU1YWNiZWRjMDUzMDlkOTFlNGQxMTJk
NmEyMDU3MWI0MTI4NGY0NjAzOTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALAx8r42UFqhn1oyYprI4yR/DGuowRdJbnGnhPTEEaysJeHPt+9UVMhd8wLO
hBVhkmJO7pzugQRewIei3Ii16eQnDnk6D7wq7iB48xrp5DJmLuy/obfYNg2eEBzR
VqNOpAaTe0g+OtL6wWcQ2HTWT7Hd6XjABF7BSQTNi3sCZPFqxczZ7sTVXP8rM7ji
HI1UHK5IEv9fTiZhr3Ldj0qnxk6ANZMPyofUMx0KqIYn9m+rrTorBrE+t7eJwCCx
G5vBNyoIpzG6fyPOibPvjodJepW1mkt1o+WEKkeePWc0e7G9mBiANhus01iY9fhv
lkQErJSvFCJDQNgJUxN/OcQOLJECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS6kVKd
Ad0AHsWc9GYuHDaBf7IdZzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjk0YzAxYWItNzhjOS00ZGVhLTg2MDUtMjA2ZWRmNGY0YWMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlVMA0G
CSqGSIb3DQEBCwUAA4IBAQCjFCCEfgZuf797ccK2xnwJn/KAwolnVvy4BGAtq2cy
iS+/ZNksCrF5It6ZYnpoG7GZ23W4BuXO+LdKjZEID2fEndBOlXwvV/yEfGYQiGF1
6OvzAruAByLTyg5JKWPQoiCPD50ARFSJD0ven5yQ7KDdtL2dAXFdfBXWqsi/IAn4
WmcdWIoikBsEOltuO6EeZkci+oy4U3332Ck0vP5wASxwhGZKDpbmrWkONKFb6KHe
oL9rVyhwqWEpVjikCmH4RT1rdCKeuLEcDFFRAMEwh/xKnvIEpiOQsKm25TN5bD/w
q33vDrffSWPoGwU0BqZS4+tLs121/AwLZCJywLcj3YLO
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:47:41 2026 by rpki-client