Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
File: ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa (raw, json)
Hash identifier: 8ewLhL8lX40CQH5Rv0w8RkEKzqPrcUUjwkJJgJDLxfI=
Subject key identifier: 2D:C5:6F:8E:53:B1:C0:B2:70:03:B9:89:A1:5D:16:89:DE:E9:5E:CA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A6DCC22249E4951E398300AD097F44FB138B2E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
Signing time: Sat 28 Feb 2026 06:40:36 +0000
ROA not before: Sat 28 Feb 2026 06:40:36 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 57.99.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:6d:cc:22:24:9e:49:51:e3:98:30:0a:d0:97:f4:4f:b1:38:b2:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Feb 28 06:40:36 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=cea35451cf8e8fc5d44979d856db754fd7feb3192f501b040afd3de8cd2b94f7, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:b4:4e:41:18:c6:d7:56:df:17:32:8a:07:
f4:94:11:b2:5e:e4:08:56:39:44:6d:13:4a:07:2f:
ef:3e:af:6f:46:9a:a8:cc:80:ce:1a:fe:66:2c:a8:
c9:f2:64:ba:f4:fa:26:dd:5e:5b:07:ff:2e:5b:53:
ab:02:55:6b:83:3a:0b:fd:1c:b6:15:f3:58:7d:e7:
20:ee:59:f9:d1:22:84:78:a3:2a:fc:53:01:3b:44:
47:08:35:5c:ad:e8:8a:46:2b:d4:58:d4:84:0d:ec:
c5:a3:70:64:26:4d:0d:19:32:b7:6f:d1:af:3d:d0:
11:ab:a6:2e:42:ab:fe:a7:21:4c:f6:b7:d8:f1:b5:
3a:eb:7d:4b:3c:e9:f5:d7:7c:05:47:8a:2f:ac:2f:
19:4a:73:49:f1:ed:e6:f9:05:5a:45:ae:0c:6e:c8:
14:42:b3:15:db:ea:3d:27:8e:fd:07:11:4a:c0:47:
e2:ff:82:31:2d:9e:58:ce:3d:ad:ed:de:ad:87:01:
ab:70:59:b8:4f:2c:f1:40:b5:e7:46:c4:89:b1:ba:
13:11:73:29:cf:10:78:a1:66:ae:7a:18:6b:c2:04:
eb:b6:02:14:88:de:d8:46:ce:21:be:f8:75:67:1c:
34:59:d1:f9:5f:cc:db:7f:b6:a8:f2:1a:e5:5b:80:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:C5:6F:8E:53:B1:C0:B2:70:03:B9:89:A1:5D:16:89:DE:E9:5E:CA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce87dbb9-4413-42c2-ba81-44ccdf95bd2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.99.0.0/16
Signature Algorithm: sha256WithRSAEncryption
c3:7b:16:9d:21:74:3b:a4:a9:d3:49:75:ce:1b:58:3e:be:ac:
4b:19:b6:01:c2:74:b7:5a:5a:a1:0b:dc:ef:d1:1f:a0:6d:47:
6a:d2:cc:1d:0a:2e:7b:e0:ca:b2:0a:da:03:a1:a5:0e:c9:49:
50:bf:af:f0:f5:48:aa:be:93:4c:42:27:1b:f9:af:9b:e2:a6:
15:dc:f2:fa:06:b0:0c:a7:b6:db:00:dd:af:21:37:e6:90:dc:
e2:a7:eb:18:a7:e7:74:1e:7b:a3:a2:c4:04:0b:33:57:73:ae:
ff:66:f4:69:20:9e:5b:ec:fd:35:da:ba:1c:3f:d5:0d:a4:5e:
67:fa:20:80:39:44:a5:fb:f4:ec:3b:ea:23:ec:75:fa:68:be:
f8:2e:25:b7:08:9a:b1:43:21:4f:86:35:29:9c:6d:cc:2e:56:
92:a5:08:5a:74:2f:ca:31:da:77:64:ed:1d:1c:60:85:9a:ee:
4b:62:ec:2b:f9:9a:22:94:1e:18:9e:69:9d:20:87:16:2a:3c:
d3:98:f1:69:31:3d:04:b1:ee:d1:e7:cc:a7:ad:b5:45:05:d2:
ff:05:b6:52:68:a9:63:97:a5:4b:8e:e9:42:13:9a:32:50:df:
a3:e8:63:8c:b0:de:2c:4e:f8:d9:ee:60:60:18:04:a8:26:99:
bc:88:13:7f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOm3MIiSeSVHjmDAK0Jf0T7E4sucwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNjAyMjgwNjQwMzZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQGNlYTM1NDUxY2Y4ZThmYzVkNDQ5NzlkODU2ZGI3NTRmZDdmZWIzMTkyZjUw
MWIwNDBhZmQzZGU4Y2QyYjk0ZjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL2LtE5BGMbXVt8XMooH9JQRsl7kCFY5RG0TSgcv7z6vb0aaqMyAzhr+Ziyo
yfJkuvT6Jt1eWwf/LltTqwJVa4M6C/0cthXzWH3nIO5Z+dEihHijKvxTATtERwg1
XK3oikYr1FjUhA3sxaNwZCZNDRkyt2/Rrz3QEaumLkKr/qchTPa32PG1Out9Szzp
9dd8BUeKL6wvGUpzSfHt5vkFWkWuDG7IFEKzFdvqPSeO/QcRSsBH4v+CMS2eWM49
re3erYcBq3BZuE8s8UC150bEibG6ExFzKc8QeKFmrnoYa8IE67YCFIje2EbOIb74
dWccNFnR+V/M23+2qPIa5VuAuCkCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQtxW+O
U7HAsnADuYmhXRaJ3uleyjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2U4N2RiYjktNDQxMy00MmMyLWJhODEtNDRjY2RmOTViZDJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADljMA0G
CSqGSIb3DQEBCwUAA4IBAQDDexadIXQ7pKnTSXXOG1g+vqxLGbYBwnS3WlqhC9zv
0R+gbUdq0swdCi574MqyCtoDoaUOyUlQv6/w9UiqvpNMQicb+a+b4qYV3PL6BrAM
p7bbAN2vITfmkNzip+sYp+d0HnujosQECzNXc67/ZvRpIJ5b7P012rocP9UNpF5n
+iCAOUSl+/TsO+oj7HX6aL74LiW3CJqxQyFPhjUpnG3MLlaSpQhadC/KMdp3ZO0d
HGCFmu5LYuwr+ZoilB4YnmmdIIcWKjzTmPFpMT0Ese7R58ynrbVFBdL/BbZSaKlj
l6VLjulCE5oyUN+j6GOMsN4sTvjZ7mBgGASoJpm8iBN/
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:25:48 2026 by rpki-client