Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
File: c5b27928-f79b-49c0-80c5-88852eab11e3.roa (raw, json)
Hash identifier: Tx4sZEeo/m9LrX68SXxltzwnPZx4k3Gci5ltFsaEFK8=
Subject key identifier: 05:16:36:0A:9C:C5:39:6B:A6:B8:81:EA:05:E2:D5:65:98:45:53:D5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2151BCBE9861218BF77095869B77DEFD37B44513
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
Signing time: Sat 28 Feb 2026 06:30:11 +0000
ROA not before: Sat 28 Feb 2026 06:30:11 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 193.57.182.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:51:bc:be:98:61:21:8b:f7:70:95:86:9b:77:de:fd:37:b4:45:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:30:11 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=a0cc183ef1a8b74cb0c92fe559274cd4160d8f8a2a97ac06713eaabf79082f6a, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c3:17:7e:26:5a:ff:aa:49:98:a3:14:b9:47:
04:49:5e:51:da:0a:6b:10:5c:36:4b:b1:5d:4f:b2:
1c:a3:b9:d8:90:3f:38:79:15:6e:49:66:d0:cf:6b:
1d:22:ae:58:8a:e9:16:87:60:7d:27:63:1f:b2:b4:
60:7e:b0:b6:eb:ba:94:be:b3:05:40:cc:97:25:b5:
3c:88:98:39:55:26:4f:8b:c6:7f:25:ae:3f:8f:a1:
52:86:97:26:d2:c6:63:13:48:24:33:76:4e:84:07:
fb:b7:b5:bf:17:40:01:7f:d8:3b:18:f8:72:f8:1c:
21:d7:45:e3:20:4f:34:05:18:43:91:c5:1a:9a:b6:
43:ba:d5:72:c0:ba:a3:01:36:fd:c4:c7:ee:84:3f:
53:97:18:20:83:70:ec:a2:6e:83:b3:7d:c4:5b:a7:
f7:fe:a2:5a:4e:e6:0a:ec:fa:cb:e4:6c:30:38:6b:
70:f6:c7:e3:db:b8:7c:a3:bc:d4:7a:3a:66:fb:80:
21:63:fd:88:25:d1:07:09:3d:b5:af:aa:09:66:6d:
6a:12:cd:80:2a:08:1c:5a:b6:0e:b7:62:37:73:7e:
d9:d5:18:e9:a5:88:b4:99:98:1d:e4:e2:26:f6:87:
27:e5:56:da:6a:21:a8:74:b5:1d:4f:10:54:63:e5:
fc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:16:36:0A:9C:C5:39:6B:A6:B8:81:EA:05:E2:D5:65:98:45:53:D5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c5b27928-f79b-49c0-80c5-88852eab11e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.182.0/23
Signature Algorithm: sha256WithRSAEncryption
62:91:b9:e7:5e:cd:21:02:60:04:8d:3e:3e:4e:cd:ec:76:b6:
6e:61:82:85:dc:3a:a4:3f:4e:f1:9f:37:e4:a6:0f:59:d5:5c:
44:51:37:20:29:85:6b:13:61:38:18:23:8c:83:4e:30:97:54:
ae:f9:00:42:de:1f:fb:2e:d4:5d:c1:7c:18:2e:a6:77:26:e9:
f9:af:c4:7e:5c:38:5d:24:97:ff:a8:5d:ed:fa:35:55:7a:7b:
de:3e:11:81:47:67:13:1b:4e:9c:ed:3b:05:35:1d:71:80:70:
53:76:2f:f5:42:f2:b3:04:69:6b:1f:ff:a3:d9:73:5f:82:c1:
17:4c:c4:99:d3:40:a8:a3:94:7b:5c:63:b3:52:5b:f3:d0:11:
e8:e0:78:e1:92:65:b3:e5:4a:8d:84:8e:fd:d1:4d:69:6a:14:
3a:e1:83:cb:cf:89:39:86:44:d9:58:39:ac:ee:74:e9:e5:6e:
5a:54:de:b2:9f:9b:65:e0:77:68:ed:51:c5:4d:cc:26:5b:42:
38:d4:43:ac:ba:a7:3a:98:2d:13:86:73:b9:c5:74:fb:39:f5:
c8:e7:08:f2:a2:f9:9c:49:64:38:1c:f5:bc:27:7c:b6:e8:ea:
6c:ec:79:c3:fd:b9:b1:5b:70:f9:70:20:dc:2b:49:3e:8d:c3:
13:29:5f:da
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIVG8vphhIYv3cJWGm3fe/Te0RRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjMwMTFaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwY2MxODNlZjFhOGI3NGNiMGM5MmZlNTU5Mjc0Y2Q0MTYwZDhmOGEyYTk3
YWMwNjcxM2VhYWJmNzkwODJmNmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI3DF34mWv+qSZijFLlHBEleUdoKaxBcNkuxXU+yHKO52JA/OHkVbklm0M9r
HSKuWIrpFodgfSdjH7K0YH6wtuu6lL6zBUDMlyW1PIiYOVUmT4vGfyWuP4+hUoaX
JtLGYxNIJDN2ToQH+7e1vxdAAX/YOxj4cvgcIddF4yBPNAUYQ5HFGpq2Q7rVcsC6
owE2/cTH7oQ/U5cYIINw7KJug7N9xFun9/6iWk7mCuz6y+RsMDhrcPbH49u4fKO8
1Ho6ZvuAIWP9iCXRBwk9ta+qCWZtahLNgCoIHFq2DrdiN3N+2dUY6aWItJmYHeTi
JvaHJ+VW2mohqHS1HU8QVGPl/FUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQFFjYK
nMU5a6a4geoF4tVlmEVT1TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzViMjc5MjgtZjc5Yi00OWMwLTgwYzUtODg4NTJlYWIxMWUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcE5tjAN
BgkqhkiG9w0BAQsFAAOCAQEAYpG5517NIQJgBI0+Pk7N7Ha2bmGChdw6pD9O8Z83
5KYPWdVcRFE3ICmFaxNhOBgjjINOMJdUrvkAQt4f+y7UXcF8GC6mdybp+a/Eflw4
XSSX/6hd7fo1VXp73j4RgUdnExtOnO07BTUdcYBwU3Yv9ULyswRpax//o9lzX4LB
F0zEmdNAqKOUe1xjs1Jb89AR6OB44ZJls+VKjYSO/dFNaWoUOuGDy8+JOYZE2Vg5
rO506eVuWlTesp+bZeB3aO1RxU3MJltCONRDrLqnOpgtE4ZzucV0+zn1yOcI8qL5
nElkOBz1vCd8tujqbOx5w/25sVtw+XAg3CtJPo3DEylf2g==
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:14:44 2026 by rpki-client