Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: VskdTBVGBZprH1ENkmUtMUh1zHgrbQ1VQVVS9wdJy9Y=
Subject key identifier: F5:97:76:F0:EE:70:E4:16:F9:D2:FD:39:BB:1D:96:04:3E:19:99:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02131D19F6FA5E9947DD868BB8D0F2291FCF6EE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Sat 28 Feb 2026 06:40:21 +0000
ROA not before: Sat 28 Feb 2026 06:40:21 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:13:1d:19:f6:fa:5e:99:47:dd:86:8b:b8:d0:f2:29:1f:cf:6e:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:21 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=4e5bd6213a6ab688c5b30ef44d86188ec5b874b69ceef7621849965a0b1e74ba, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0b:51:e7:f3:31:94:20:53:b3:19:b7:ef:24:
57:a2:8c:9f:cf:2f:ac:8f:ca:fe:8d:17:8b:ec:95:
45:59:df:7d:88:66:e0:4e:2d:4a:67:01:ff:89:ac:
87:cf:c9:9f:18:cf:d1:90:87:56:60:c9:92:a0:d7:
33:02:39:79:9c:db:74:3b:5c:47:a7:9d:85:6b:92:
ea:75:2a:37:4a:4d:98:a1:10:0d:c1:49:c2:6c:bb:
da:1c:30:bb:24:e5:4e:70:7e:01:2d:f8:a4:cf:1c:
dd:42:8b:7e:50:94:b7:64:5d:26:59:c7:38:31:1e:
5f:f5:a3:7e:7b:08:6d:74:71:4c:64:b6:55:de:f6:
57:52:1b:34:39:df:c9:b5:5f:fe:46:15:21:fc:bc:
98:fe:be:dd:98:6c:06:05:78:d9:f2:cd:e1:05:a4:
fe:e5:de:c3:dd:6f:17:8a:d5:4c:e3:80:9b:06:b7:
6a:0e:ad:12:b8:27:b1:02:bc:b5:c6:5a:86:85:87:
7b:db:55:b6:e7:1e:69:95:87:0a:54:bf:79:93:7e:
b0:c9:af:bb:05:02:72:a4:ac:2e:01:01:ea:5e:b2:
cb:9f:8e:79:47:76:ce:ec:59:9b:8b:75:e1:02:d9:
77:df:c2:8e:4e:37:52:9a:49:d5:fd:ca:6c:fd:3c:
80:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:97:76:F0:EE:70:E4:16:F9:D2:FD:39:BB:1D:96:04:3E:19:99:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:96:90:23:e8:ee:2d:6b:09:21:61:0c:98:2e:06:d2:0d:97:
2c:67:a9:6e:d8:87:75:71:b2:77:a7:f9:58:92:73:79:68:d0:
bf:34:61:2c:1a:9a:7a:8b:c9:5f:03:91:83:bd:c0:21:41:80:
d3:ec:23:f3:90:b0:22:4c:ed:d2:c6:d7:38:f7:47:39:f6:14:
e7:16:1c:ad:79:15:15:02:c3:1b:a1:50:61:01:20:9e:51:4b:
03:b7:fd:c1:4f:9c:c9:f7:4f:55:5f:61:a0:72:10:a1:92:c0:
31:dd:c0:36:86:c4:92:e4:dc:5b:05:e3:fb:c9:63:37:09:15:
98:1d:d7:6e:0a:4b:51:5c:f2:cb:39:71:22:60:36:a4:a6:6d:
08:f8:da:44:8d:95:41:b4:08:70:8f:70:18:4e:e7:86:f2:a4:
b6:dc:ee:1b:8b:5c:62:b5:f4:ee:c2:13:f3:71:43:ca:b3:6c:
f7:95:af:d6:6c:b3:d9:9c:2d:16:0d:41:93:92:c8:e9:fd:c3:
36:1e:99:ab:8f:99:68:b4:a2:ee:4b:60:78:0b:54:60:07:a8:
8a:bd:92:0a:23:48:93:6c:aa:cf:26:dc:f3:9f:07:a2:b7:fa:
c5:4b:94:24:4b:49:cb:18:61:66:23:fe:15:97:df:fa:25:62:
3b:98:46:1e
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUAhMdGfb6XplH3YaLuNDyKR/PbugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMjFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlNWJkNjIxM2E2YWI2ODhjNWIzMGVmNDRkODYxODhlYzViODc0YjY5Y2Vl
Zjc2MjE4NDk5NjVhMGIxZTc0YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANwLUefzMZQgU7MZt+8kV6KMn88vrI/K/o0Xi+yVRVnffYhm4E4tSmcB/4ms
h8/JnxjP0ZCHVmDJkqDXMwI5eZzbdDtcR6edhWuS6nUqN0pNmKEQDcFJwmy72hww
uyTlTnB+AS34pM8c3UKLflCUt2RdJlnHODEeX/WjfnsIbXRxTGS2Vd72V1IbNDnf
ybVf/kYVIfy8mP6+3ZhsBgV42fLN4QWk/uXew91vF4rVTOOAmwa3ag6tErgnsQK8
tcZahoWHe9tVtuceaZWHClS/eZN+sMmvuwUCcqSsLgEB6l6yy5+OeUd2zuxZm4t1
4QLZd9/Cjk43UppJ1f3KbP08gM8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT1l3bw
7nDkFvnS/Tm7HZYEPhmZWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAn5aQI+juLWsJIWEMmC4G0g2XLGepbtiHdXGyd6f5
WJJzeWjQvzRhLBqaeovJXwORg73AIUGA0+wj85CwIkzt0sbXOPdHOfYU5xYcrXkV
FQLDG6FQYQEgnlFLA7f9wU+cyfdPVV9hoHIQoZLAMd3ANobEkuTcWwXj+8ljNwkV
mB3XbgpLUVzyyzlxImA2pKZtCPjaRI2VQbQIcI9wGE7nhvKkttzuG4tcYrX07sIT
83FDyrNs95Wv1myz2ZwtFg1Bk5LI6f3DNh6Zq4+ZaLSi7ktgeAtUYAeoir2SCiNI
k2yqzybc858Horf6xUuUJEtJyxhhZiP+FZff+iViO5hGHg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:21:20 2026 by rpki-client