Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
File: c3872047-e1f4-4ee3-832d-c624ea352355.roa (raw, json)
Hash identifier: VYGQa/jcwmlIR+eeeFZ/N7uJPsq/42KzPqVpS/QMVxc=
Subject key identifier: 8D:B2:F4:A2:28:B8:CA:8B:3E:69:5C:D1:6C:56:05:1B:78:E2:F1:DF
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18F80E148CDC41CFA6BD1017C8B50536AA1CB7D7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
Signing time: Tue 19 May 2026 05:50:21 +0000
ROA not before: Tue 19 May 2026 05:50:21 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:f8:0e:14:8c:dc:41:cf:a6:bd:10:17:c8:b5:05:36:aa:1c:b7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:21 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=ff923637ea2b9458b55ba19ee4c938014195c03ffb8ab6aed813a8124ac89e5d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c4:6b:64:49:2a:7a:1b:68:c6:d5:12:f3:7d:
61:11:80:8a:65:4f:04:f3:51:71:1e:41:e9:b9:f0:
56:15:dd:5a:e4:ed:0a:1f:80:2c:15:e2:d3:5f:d4:
84:f6:a1:b3:36:4b:ea:7d:de:3c:84:2c:b5:46:56:
72:85:bc:b5:1f:a9:f0:9a:77:82:28:53:3a:e9:44:
ac:8b:39:5b:b7:42:b5:35:4e:e7:46:b4:45:9d:35:
7e:8d:20:fa:14:70:96:21:9c:cb:00:72:f7:ce:8f:
e3:7f:c6:90:43:89:93:ff:ba:74:41:ce:a9:39:50:
2c:9f:91:ef:93:7a:56:8c:37:04:62:2e:0d:7a:fb:
62:5d:ab:3c:b6:fb:6c:79:b9:63:8e:ba:a0:a4:41:
4a:47:66:71:80:d8:d4:12:d3:9d:83:7e:3a:fa:82:
30:52:2c:38:9e:55:d2:91:e2:41:4c:d6:74:62:df:
3a:a4:62:f1:40:a1:f5:9b:00:29:04:14:ce:60:a8:
df:48:06:a0:f6:01:cf:84:66:05:ef:32:5e:b5:ef:
52:88:29:13:39:9e:e4:e3:bb:f0:fe:5f:22:14:54:
2d:1d:09:39:95:d5:f6:31:ac:54:a8:71:33:83:03:
9e:46:c3:67:d9:7e:4a:67:ad:33:d9:7b:50:18:5d:
e6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:B2:F4:A2:28:B8:CA:8B:3E:69:5C:D1:6C:56:05:1B:78:E2:F1:DF
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c3872047-e1f4-4ee3-832d-c624ea352355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.169.0/24
Signature Algorithm: sha256WithRSAEncryption
58:a2:38:a4:a2:6b:7e:79:8a:c0:ea:2a:7c:78:52:a3:a8:80:
e9:47:4e:f8:fe:fb:b0:3f:51:68:7e:2b:9f:ff:6b:cc:f3:b7:
88:02:dc:7a:7f:51:3f:21:54:e4:ac:bb:b6:ba:f7:24:d8:a1:
91:f5:60:34:d5:9b:8a:f9:ff:21:09:ca:4d:aa:27:38:a1:56:
a5:9f:bf:a7:a7:50:29:ee:c5:18:fa:70:33:3e:80:ee:2f:df:
78:cc:d6:d4:b1:58:20:81:c6:10:bb:cd:16:ed:c4:d2:ee:43:
96:1b:e0:c1:cd:a2:22:22:f3:1a:37:8a:63:e0:cf:b2:3c:76:
f4:37:16:59:70:73:c0:b9:f8:c0:ff:1c:0e:b1:74:98:1e:8a:
ef:2b:5e:28:2e:a9:e5:22:41:4a:66:ce:62:9e:7b:92:32:b9:
4d:a6:21:92:65:78:b9:f3:50:58:46:a6:53:0e:4e:c0:b2:a2:
fe:87:7a:34:5e:ab:c1:b2:96:e8:79:39:26:1d:11:1c:bb:23:
e6:80:ad:39:3a:11:92:73:08:04:f4:ff:29:06:fa:ca:51:4c:
a3:57:06:87:3b:94:d5:1d:07:74:8c:78:8e:b7:77:f7:15:76:
62:de:13:c3:4c:ed:e8:31:c5:1e:80:e8:c9:a8:e0:2c:ff:18:
82:1f:fa:f8
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUGPgOFIzcQc+mvRAXyLUFNqoct9cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMjFaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGZmOTIzNjM3ZWEyYjk0NThiNTViYTE5ZWU0YzkzODAxNDE5NWMwM2ZmYjhh
YjZhZWQ4MTNhODEyNGFjODllNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOTEa2RJKnobaMbVEvN9YRGAimVPBPNRcR5B6bnwVhXdWuTtCh+ALBXi01/U
hPahszZL6n3ePIQstUZWcoW8tR+p8Jp3gihTOulErIs5W7dCtTVO50a0RZ01fo0g
+hRwliGcywBy986P43/GkEOJk/+6dEHOqTlQLJ+R75N6Vow3BGIuDXr7Yl2rPLb7
bHm5Y466oKRBSkdmcYDY1BLTnYN+OvqCMFIsOJ5V0pHiQUzWdGLfOqRi8UCh9ZsA
KQQUzmCo30gGoPYBz4RmBe8yXrXvUogpEzme5OO78P5fIhRULR0JOZXV9jGsVKhx
M4MDnkbDZ9l+SmetM9l7UBhd5rsCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSNsvSi
KLjKiz5pXNFsVgUbeOLx3zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzM4NzIwNDctZTFmNC00ZWUzLTgzMmQtYzYyNGVhMzUyMzU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAME5qTAN
BgkqhkiG9w0BAQsFAAOCAQEAWKI4pKJrfnmKwOoqfHhSo6iA6UdO+P77sD9RaH4r
n/9rzPO3iALcen9RPyFU5Ky7trr3JNihkfVgNNWbivn/IQnKTaonOKFWpZ+/p6dQ
Ke7FGPpwMz6A7i/feMzW1LFYIIHGELvNFu3E0u5Dlhvgwc2iIiLzGjeKY+DPsjx2
9DcWWXBzwLn4wP8cDrF0mB6K7yteKC6p5SJBSmbOYp57kjK5TaYhkmV4ufNQWEam
Uw5OwLKi/od6NF6rwbKW6Hk5Jh0RHLsj5oCtOToRknMIBPT/KQb6ylFMo1cGhzuU
1R0HdIx4jrd39xV2Yt4Tw0zt6DHFHoDoyajgLP8Ygh/6+A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:11:52 2026 by rpki-client