Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: 1kYKGq5i+d6x8jWzKhwFCdTyvU2prQhtf656bfDoImI=
Subject key identifier: 47:D6:EF:19:EB:18:5D:F2:B7:BA:2B:F3:55:B6:9F:E2:CE:95:59:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 44BF3017752EC87266472E8DFDB6457B9A22FCAB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Tue 19 May 2026 05:50:08 +0000
ROA not before: Tue 19 May 2026 05:50:08 +0000
ROA not after: Mon 17 Aug 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:bf:30:17:75:2e:c8:72:66:47:2e:8d:fd:b6:45:7b:9a:22:fc:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: May 19 05:50:08 2026 GMT
Not After : Aug 17 23:59:59 2026 GMT
Subject: serialNumber=36146e1081f34f35398c1a2848270b399f5787746c6aa3615b8a5f1ec602b0a4, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:14:17:5c:a6:59:75:43:7c:d1:f1:0c:16:6a:
47:8f:92:77:59:70:a9:a0:62:7b:e8:71:80:f7:7b:
9d:ff:ad:fd:71:86:42:bd:dc:8f:2b:60:f6:c9:d9:
b2:49:c0:5f:9e:4e:2d:8d:b2:ca:ac:43:22:d2:89:
d2:35:4a:f5:ef:d5:8b:a2:dd:52:03:79:fd:21:b5:
a2:40:86:4b:20:c8:50:d6:50:7f:63:5f:63:90:30:
e7:94:26:2d:c2:fe:89:08:53:03:76:30:b6:5e:25:
f7:66:29:a2:63:29:3a:60:80:93:63:37:49:62:f7:
38:e2:36:76:dd:d8:40:8a:ad:62:ba:49:36:ba:01:
51:81:65:44:2d:e7:77:19:b4:a0:ef:e8:ea:77:e7:
1f:15:33:5e:05:3e:cc:9f:db:c7:93:36:5d:ee:6b:
c7:76:55:a4:7d:08:72:a1:8f:79:48:82:e1:0b:fa:
09:b3:a4:e1:96:51:6c:24:8f:8e:2f:aa:51:97:81:
ba:63:f0:21:3c:7d:be:1f:3a:85:a5:db:da:8c:95:
9a:72:38:d1:a0:d7:b5:ce:d5:b7:b8:f3:d3:c9:58:
87:fe:9e:39:76:e5:a8:95:5c:49:85:2a:ac:b7:47:
aa:51:ca:c9:64:8a:a7:ae:68:62:fd:b6:31:45:21:
2e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D6:EF:19:EB:18:5D:F2:B7:BA:2B:F3:55:B6:9F:E2:CE:95:59:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:0d:9c:1e:08:31:93:0c:7a:6e:73:d7:ef:b2:85:a3:20:a8:
40:19:2d:c6:28:9b:5e:5b:f4:1c:00:67:52:ab:be:90:99:f6:
d9:b3:9f:bd:1e:34:1e:ab:10:0e:3d:a2:3d:38:a1:37:b9:97:
4c:75:a4:26:a0:36:80:67:04:73:97:2a:9e:6a:0b:ef:c7:e9:
8a:0d:51:9c:59:d0:b4:cd:08:81:62:e4:77:0f:f2:a0:8e:20:
16:d2:91:d9:80:79:39:a3:84:62:cc:d6:27:24:18:08:7e:7e:
96:81:34:de:9b:90:b3:88:f2:f8:62:52:f6:46:2b:e2:40:23:
3e:ac:b8:00:c3:73:a1:b1:9b:45:dd:f4:4d:09:a5:cb:22:82:
25:ff:fb:f0:52:16:2b:f8:e7:03:cc:aa:09:b0:b0:42:46:af:
7e:dd:07:83:4e:e8:29:a5:3e:6e:ee:e6:02:09:25:b7:79:ca:
20:e3:90:eb:3c:f5:f8:a5:bc:07:8c:a4:d5:c9:0d:8c:0f:40:
29:26:d6:9a:1b:75:3d:64:89:c7:3f:18:3f:09:a5:6b:51:55:
71:14:07:45:e2:a0:c4:0c:ea:3d:0b:97:54:b2:c7:34:b5:f1:
6f:d6:6b:32:9d:68:c4:a4:d1:de:2c:56:e8:a2:90:d0:1d:51:
91:d3:a1:ef
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIURL8wF3UuyHJmRy6N/bZFe5oi/KswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjA1MTkwNTUwMDhaFw0yNjA4MTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2MTQ2ZTEwODFmMzRmMzUzOThjMWEyODQ4MjcwYjM5OWY1Nzg3NzQ2YzZh
YTM2MTViOGE1ZjFlYzYwMmIwYTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKIUF1ymWXVDfNHxDBZqR4+Sd1lwqaBie+hxgPd7nf+t/XGGQr3cjytg9snZ
sknAX55OLY2yyqxDItKJ0jVK9e/Vi6LdUgN5/SG1okCGSyDIUNZQf2NfY5Aw55Qm
LcL+iQhTA3Ywtl4l92YpomMpOmCAk2M3SWL3OOI2dt3YQIqtYrpJNroBUYFlRC3n
dxm0oO/o6nfnHxUzXgU+zJ/bx5M2Xe5rx3ZVpH0IcqGPeUiC4Qv6CbOk4ZZRbCSP
ji+qUZeBumPwITx9vh86haXb2oyVmnI40aDXtc7Vt7jz08lYh/6eOXblqJVcSYUq
rLdHqlHKyWSKp65oYv22MUUhLgECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRH1u8Z
6xhd8re6K/NVtp/izpVZojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAjg2cHggxkwx6bnPX77KFoyCoQBktxiibXlv0HABn
Uqu+kJn22bOfvR40HqsQDj2iPTihN7mXTHWkJqA2gGcEc5cqnmoL78fpig1RnFnQ
tM0IgWLkdw/yoI4gFtKR2YB5OaOEYszWJyQYCH5+loE03puQs4jy+GJS9kYr4kAj
Pqy4AMNzobGbRd30TQmlyyKCJf/78FIWK/jnA8yqCbCwQkavft0Hg07oKaU+bu7m
Agklt3nKIOOQ6zz1+KW8B4yk1ckNjA9AKSbWmht1PWSJxz8YPwmla1FVcRQHReKg
xAzqPQuXVLLHNLXxb9ZrMp1oxKTR3ixW6KKQ0B1RkdOh7w==
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:07:53 2026 by rpki-client