Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
File: c806309a-9e3e-4b0e-aad2-1356d070a437.roa (raw, json)
Hash identifier: M7uiBmxLHxUDEFrvBgnkF9UTc+DtNJI/EFP7Htzvmow=
Subject key identifier: EE:AC:63:0B:CA:05:5C:33:60:60:C5:85:BA:A2:D5:BD:66:1B:32:59
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4573437E7FB25BA5A66D2371674F41F278C6A1BC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
Signing time: Fri 13 Feb 2026 15:30:10 +0000
ROA not before: Fri 13 Feb 2026 15:30:10 +0000
ROA not after: Thu 14 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a01:578:13::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:73:43:7e:7f:b2:5b:a5:a6:6d:23:71:67:4f:41:f2:78:c6:a1:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 13 15:30:10 2026 GMT
Not After : May 14 23:59:59 2026 GMT
Subject: serialNumber=3d42ce7b913b1a39292768c1991235c40de5f6fd6c949b36c173d541f385c18d, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ea:06:9c:5a:fa:36:45:9b:7e:df:c4:f1:28:
de:63:59:09:00:0b:61:ca:88:f9:9b:bf:13:e6:c8:
64:8a:30:eb:d7:33:84:f0:3b:8e:4c:46:56:eb:60:
b4:48:f4:fd:ab:81:dc:ad:c5:85:19:f5:58:ca:a5:
f2:50:e9:27:68:59:34:48:d8:e7:01:7a:1f:48:6e:
6d:d4:bd:02:ee:20:b6:bf:b6:e3:52:a1:27:db:e3:
ca:d8:00:35:37:0c:26:ef:a1:ff:e2:fe:b7:df:21:
50:47:62:e1:72:14:e4:02:40:83:13:4d:54:48:9b:
ec:63:c1:56:70:a0:b9:e2:8b:73:23:be:14:47:89:
e2:76:ef:11:3a:26:3f:d0:9f:c2:49:64:38:11:43:
ea:67:1b:b0:57:ef:94:b9:36:be:8c:02:da:78:b2:
a3:74:5f:15:da:42:9b:74:15:cc:a2:6b:64:d9:cf:
5c:2e:69:31:a3:25:36:5e:9c:50:c7:f5:cf:ec:c8:
bb:3a:66:17:78:fd:84:90:99:1d:74:42:35:36:a4:
f9:8f:88:66:91:7a:c3:7b:6a:42:58:af:e3:74:15:
43:4b:8f:bf:f0:4f:01:4e:1c:59:99:23:63:9a:34:
35:42:e7:06:77:6f:a2:33:f0:a2:01:d8:8a:78:62:
b5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AC:63:0B:CA:05:5C:33:60:60:C5:85:BA:A2:D5:BD:66:1B:32:59
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c806309a-9e3e-4b0e-aad2-1356d070a437.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:13::/48
Signature Algorithm: sha256WithRSAEncryption
2e:8b:2c:8e:41:17:4b:aa:b2:81:af:4b:47:13:9c:eb:32:c9:
85:28:df:eb:c3:ff:cf:ee:a2:ce:93:50:7f:c1:b1:66:8b:fd:
23:16:bd:ee:4b:bf:ea:44:c5:b5:c9:63:37:4c:d6:ce:69:4c:
24:57:18:32:9e:19:9c:9c:68:d4:94:7d:46:a9:95:db:24:2a:
14:f1:54:a3:78:a2:5f:48:af:57:c7:52:34:80:6f:ac:64:a2:
77:6d:0b:ef:f7:4d:df:fa:44:c7:64:53:23:7d:83:06:db:32:
5e:2a:7a:f2:24:5e:66:04:e1:55:b0:b9:14:e7:6d:1c:57:41:
b5:d9:f5:4c:30:d1:7c:e8:9a:84:a6:ca:9f:99:82:cb:93:a0:
06:f5:56:82:12:1d:49:03:7e:42:59:bb:6e:68:98:f7:99:3c:
29:5c:d1:29:c9:d4:07:03:e1:80:6c:3b:2c:f0:83:c1:68:4f:
5d:54:b8:d8:80:6e:99:22:ac:2c:af:2d:99:3a:d1:92:f9:d8:
59:1e:c5:83:7c:68:eb:dc:8a:1d:52:a9:8a:94:57:1a:cb:69:
df:88:54:fb:6b:37:5d:67:cf:6f:02:1a:7e:9f:49:d1:1d:36:
89:15:10:03:a2:7f:2a:e5:eb:cd:cf:99:77:4a:25:a8:b2:cb:
75:a6:ba:8f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIURXNDfn+yW6WmbSNxZ09B8njGobwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMTMxNTMwMTBaFw0yNjA1MTQyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkNDJjZTdiOTEzYjFhMzkyOTI3NjhjMTk5MTIzNWM0MGRlNWY2ZmQ2Yzk0
OWIzNmMxNzNkNTQxZjM4NWMxOGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAODqBpxa+jZFm37fxPEo3mNZCQALYcqI+Zu/E+bIZIow69czhPA7jkxGVutg
tEj0/auB3K3FhRn1WMql8lDpJ2hZNEjY5wF6H0hubdS9Au4gtr+241KhJ9vjytgA
NTcMJu+h/+L+t98hUEdi4XIU5AJAgxNNVEib7GPBVnCgueKLcyO+FEeJ4nbvETom
P9CfwklkOBFD6mcbsFfvlLk2vowC2niyo3RfFdpCm3QVzKJrZNnPXC5pMaMlNl6c
UMf1z+zIuzpmF3j9hJCZHXRCNTak+Y+IZpF6w3tqQliv43QVQ0uPv/BPAU4cWZkj
Y5o0NULnBndvojPwogHYinhitQcCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTurGML
ygVcM2BgxYW6otW9ZhsyWTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzgwNjMwOWEtOWUzZS00YjBlLWFhZDItMTM1NmQwNzBhNDM3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoBBXgA
EzANBgkqhkiG9w0BAQsFAAOCAQEALossjkEXS6qyga9LRxOc6zLJhSjf68P/z+6i
zpNQf8GxZov9Ixa97ku/6kTFtcljN0zWzmlMJFcYMp4ZnJxo1JR9RqmV2yQqFPFU
o3iiX0ivV8dSNIBvrGSid20L7/dN3/pEx2RTI32DBtsyXip68iReZgThVbC5FOdt
HFdBtdn1TDDRfOiahKbKn5mCy5OgBvVWghIdSQN+Qlm7bmiY95k8KVzRKcnUBwPh
gGw7LPCDwWhPXVS42IBumSKsLK8tmTrRkvnYWR7Fg3xo69yKHVKpipRXGstp34hU
+2s3XWfPbwIafp9J0R02iRUQA6J/KuXrzc+Zd0olqLLLdaa6jw==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:53:15 2026 by rpki-client